Harvard study reveals hacker power

After WikiLeaks supporters disrupted websites like Mastercard, a new Harvard report examines DDoS attacks.

hackers at a hacking nerd conference [GALLO/GETTY]
Distributed denial of service (DDoS) attacks can strike the websites of small human rights groups and major international corporations like Mastercard [Reuters]

Recent cyberattacks by WikiLeaks supporters targeted at companies like Visa and Mastercard have brought distributed denial of service (DDoS) – an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable – into the public consciousness, stirring up a debate as to whether or not DDoS is an acceptable tactic for civil disobedience.

In fact, denial of service (DoS) attacks emerged as a political tool in 1998, introduced by Ricardo Dominguez, co-founder of Electronic Disturbance Theatre, who built FloodNet, a tool that allowed activists to crash a variety of websites. 

DDoS emerged two years later when web giants Yahoo!, Buy.com, CNN, Amazon, and others were taken down in a series of attacks so large, they had to have had multiple points of origin. Those attacks were eventually traced to Michael Calce, a 15-year-old in Montreal, Canada, who was caught after bragging about his prowess in a chat room.

Unfortunately, DDoS has become a fairly common form of attack against human rights and independent media sites, and one which shows no signs of slowing. A recent report from the Berkman Center for Internet & Society reveals that the technique has been applied to a wide range of targets worldwide, and appears to have no strong ties to any particular set of political principles.

Diverse targets

The Berkman Center’s study comprised of a survey of independent media and human rights-related sites, as well as a review of media reports of DDoS and other cyberattacks over the past twelve years. 

In 2010 alone, over one hundred DDoS attacks made headlines, with targets as diverse as an Israeli human rights group to an independent news site in Malawi.

In a DDoS attack, a network of computers are utilized to flood traffic on a target system, causing the site to load slowly or become disabled entirely. Often, a botnet – a network of compromised computers that can be controlled remotely – is utilised to maximize effectiveness of the attack.

Though DDoS is often propagated along with other forms of attack, it can be debilitating for small site operators. Attacks often don’t require much bandwidth to adversely affect sites; rather, there is evidence that very small attacks focused on vulnerabilities in technical architectures can render some sites inoperative. 

In some cases, even a single attacker can be effective in disabling a site, without the assistance of botnets or other volunteers.

No ‘silver bullet’

As a result of DDoS, the Berkman Center’s researchers found, some organizations may find their sites inaccessible for long periods of time, a function of inexperienced and overwhelmed system administrators, unhelpful Internet service providers (ISPs), and isolation from the technical community that works together to fend off DDoS.

Though the researchers offer recommendations for a variety of technical steps that independent media and human rights site administrators can take to reduce the impact of DDoS, there are unfortunately no silver bullets for the community. 

Rather, a broad look at the hosting landscape, as well as ways in which outlying sites can be integrated into the technical community, are recommended.

The full report can be read here.

Jillian York is a writer, blogger, and activist based in Boston. She works at Harvard Law School’s Berkman Centre for Internet & Society and is involved with Global Voices Online.

The views expressed in this article are the author’s own and do not necessarily reflect Al Jazeera’s editorial policy.

Source: Al Jazeera