Skip to Content

DIY Censorship

DD0S attacks have been getting easier, and the Wikileaks situation shows what that can mean.
December 10, 2010

The battles over Wikileaks continue, with distributed denial of service (DDoS) attacks being launched in all directions. These types of attacks take websites offline by overwhelming them with traffic. They work best when the traffic pours in from sources distributed all over the world, which makes it more difficult to block the attack traffic and focus on helping legitimate users.

Since Wikileaks began publishing diplomatic cables, DDoS attacks have been aimed at the site itself and the service providers who helped it stay online. Unaffiliated supporters—particularly the Internet pranksters Anonymous—have since launched attacks on those seen to be obstructing Wikileaks, including payment companies Visa and Mastercard, which stopped processing donations to the beleaguered site.

But what’s perhaps most striking about the DDoS attacks is how easily and frequently they come. The first associated arrest happened yesterday, when Dutch police detained a 16-year-old who admitted to being part of the attacks on Visa and Mastercard. But the public has developed an image of brilliant young hackers engaged in sophisticated criminal activity, and that’s far from what happened here.

These days, DDoS attacks don’t require much technical sophistication. Early last year, I wrote a story on how these sorts of attacks are on the rise, and are getting easier. My story was based on the work of Jose Nazario, a senior security researcher for Arbor Networks. I wrote:

Nazario says that the bar for launching a DDoS attack has come down significantly in the past few years. Attacks aimed at Estonian sites in 2007 (during a time of political tension between this country and Russia) used botnets and scripts that weren’t easy for nontechnical people to employ. Now attackers can purchase tools such as Black Energy or NetBot Attacker (made by Russian and Chinese hackers, respectively) for less than $100 apiece. These kits give an attacker ready-made code and an easy-to-use interface to control a botnet. Attackers have even developed Web interfaces so that volunteers can more easily participate in an attack. Attacks are often coordinated in forums, Nazario says, and easy-to-use interfaces help boost participation.

That’s exactly the sort of thing we’ve been seeing in the case of Wikileaks. And it could be the beginning of a new era on the Internet—one in which, sadly, the principle is that if you don’t like what someone is saying, shut them down.

Keep Reading

Most Popular

DeepMind’s cofounder: Generative AI is just a phase. What’s next is interactive AI.

“This is a profound moment in the history of technology,” says Mustafa Suleyman.

What to know about this autumn’s covid vaccines

New variants will pose a challenge, but early signs suggest the shots will still boost antibody responses.

Human-plus-AI solutions mitigate security threats

With the right human oversight, emerging technologies like artificial intelligence can help keep business and customer data secure

Next slide, please: A brief history of the corporate presentation

From million-dollar slide shows to Steve Jobs’s introduction of the iPhone, a bit of show business never hurt plain old business.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.