A View from Erica Naone

DIY Censorship

DD0S attacks have been getting easier, and the Wikileaks situation shows what that can mean.

  • December 10, 2010

The battles over Wikileaks continue, with distributed denial of service (DDoS) attacks being launched in all directions. These types of attacks take websites offline by overwhelming them with traffic. They work best when the traffic pours in from sources distributed all over the world, which makes it more difficult to block the attack traffic and focus on helping legitimate users.

Since Wikileaks began publishing diplomatic cables, DDoS attacks have been aimed at the site itself and the service providers who helped it stay online. Unaffiliated supporters—particularly the Internet pranksters Anonymous—have since launched attacks on those seen to be obstructing Wikileaks, including payment companies Visa and Mastercard, which stopped processing donations to the beleaguered site.

But what’s perhaps most striking about the DDoS attacks is how easily and frequently they come. The first associated arrest happened yesterday, when Dutch police detained a 16-year-old who admitted to being part of the attacks on Visa and Mastercard. But the public has developed an image of brilliant young hackers engaged in sophisticated criminal activity, and that’s far from what happened here.

These days, DDoS attacks don’t require much technical sophistication. Early last year, I wrote a story on how these sorts of attacks are on the rise, and are getting easier. My story was based on the work of Jose Nazario, a senior security researcher for Arbor Networks. I wrote:

Nazario says that the bar for launching a DDoS attack has come down significantly in the past few years. Attacks aimed at Estonian sites in 2007 (during a time of political tension between this country and Russia) used botnets and scripts that weren’t easy for nontechnical people to employ. Now attackers can purchase tools such as Black Energy or NetBot Attacker (made by Russian and Chinese hackers, respectively) for less than $100 apiece. These kits give an attacker ready-made code and an easy-to-use interface to control a botnet. Attackers have even developed Web interfaces so that volunteers can more easily participate in an attack. Attacks are often coordinated in forums, Nazario says, and easy-to-use interfaces help boost participation.

That’s exactly the sort of thing we’ve been seeing in the case of Wikileaks. And it could be the beginning of a new era on the Internet—one in which, sadly, the principle is that if you don’t like what someone is saying, shut them down.

Get stories like this before anyone else with First Look.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.