Human Rights Sites Plagued By DDoS Attacks

Human rights organisations are struggling to stay online as their websites are increasingly hit by Distributed Denial of Service attacks from those opposed to their views.

Research by the Berkman Center for Internet and Society at Harvard University found evidence of 140 attacks against more than 280 different sites during the 12 months up to August 2010. Meanwhile, in a survey of human rights groups and independent media bodies, 62 percent said they had been hit by a DDoS attack in the past year.

The research suggests that the frequency of large-scale DDoS attacks – like the recent high-profile attack on the WikiLeaks whistleblowing site – could increase.

“DDoS is a pretty common form of attack against human rights and independent media sites, and the volume of attacks does not appear to be slowing,” blogged Ethan Zuckerman, one of the authors of the report. “The technique has been applied to a very wide range of targets and appears to have no strong ties to any particular set of political principles.”

Avoiding DDoS attacks

Hackers carry out DDoS attacks by gathering together a large number of participants and flooding the targeted website with traffic, so that the server becomes overloaded. As the site attempts to process the large volume of malicious traffic it denies access to legitimate users and often crashes altogether.

The authors advise organisations to consider hosting their sites on a DDoS-resistant hosting service like Blogger, even at the cost of prestige, functionality and possible intermediary censorship. “Organisations that choose to host their own sites should plan for attacks in advance, even if those plans include acceptable levels of downtime,” they added.

The news follows a recent cluster of high-profile DDoS attacks, following the release by WikiLeaks of 250,000 US embassy diplomatic cables last month. WikiLeaks was first hit with an attack as it prepared to publish the documents on 28 November, and was hit again a few days later, in an attack that initially targeted cablegate.wikileaks.org – the site WikiLeaks was using to host its cache of diplomatic cables.

The Anonymous group of hackers then hit back on behalf of WikiLeaks with several of its own DDoS attacks, targeting companies perceived to be anti-WikiLeaks – such as PayPal and the Swiss bank PostFinance, which froze assets belonging to Julian Assange. Mastercard and Visa also fell victim to Operation:Payback earlier this month.

No silver bullet

Application-layer DDoS attacks can be strongly mitigated by replacing complex content management systems with static HTML, or by adding “aggressive caching systems to deliver content at the expense of interactivity,” according to the report.

In addition, the authors suggest the human rights community work with Internet Service Providers and online service providers to identify providers who will help protect sites from DDoS and will agree to not remove controversial content unless required by law.

“We see no silver bullets for the independent media and human rights community,” Zuckerman blogged. “Our recommendations cover a variety of technical steps that can reduce the impact of attacks. Ultimately, we end up recommending building new social institutions that make it easier for targeted sites to seek help from the technical community and from large DDoS resistant hosting providers.”