There is something intolerably appealing about bad behavior. There is a thrill when you watch, with admiration, a political campaign that is invisible, undetectable and highly effective against corporations or governments.
So many of us sat back in their chairs amazed when hackers successfully mounted a highly organized and highly successful campaign against companies that had withdrawn their services from WikiLeaks, including Mastercard, PayPal and Visa.
It’s the skill, it’s the devising of a strategy to cause havoc that leave many of, mouth open, lets face it, in awe.
In a new report released this week by Harvard University “Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites”it seems hacker attacks are far more common that most of us would believe, 1300 attack each day!
Yet there seems to be a great divide between those who instigate attacks. On the one hand there are those Cyber Guerilla groups organizing campaigns of civil disobedience while on the other, many believe government or company sponsored sabotage against human rights or political opposition groups are also common.
The most common attacks are Disrupted Denial of Service (DDoS) where a company’s website is bombarded. One example used in the report was of this year a group 4chan hackers launched a retaliation attack on Motion Picture Association of America (MPAA) as payback for the company organizing an cyber attack on a file-sharing company “The Pirate Bay”.
It showed the power of a small group of highly skilled players from 4chan who were able to periodically bring the MPAA site down, after a series of coordinated attacks.
According to the report DDoS attacks are organized by hackers often using Botnets where the normal users, me included probably, find their computers infiltrated. Unaware as we were when we opened that email, whoops, I was promised a photo of Anna Kournikova, that a virus was being downloaded onto our computers allowing someone else access.
After the virus settles we are playing a huge role by our computers being used to send out emails or other tasks that will overload a particular website’s server. Down goes the server, down goes the business. For some companies that can mean being out of business for anything from an hour to six weeks according to the report.
The strategy first came into the public light around 1996 when ‘the bible’ was produced by Practical Unix and Internet Security which offered a chapter on protecting against DDoS.
Since then political groups have used the skills to raise an issue against a government. How priceless!
Last year amidst the turmoil of the aftermath of the Iranian election opposition forces mounted a huge campaign against President Mahmoud Ahmadinejab bringing down his homepage and other government websites over a 24 hour period.
The campaign did not stop there with twitter’s home page displaying the message “This site has been hacked by the Iranian Cyber Army”. An unbelievable feat for a small band of people to be able to infiltrate such a major site!
As with anything, a successful strategy will be appropriated. Its believed governments have done exactly the same to quieten opposition. In the Harvard University report Human Rights and political groups stated that their websites too had been attacked, and presumed that this was a government sponsored operation.
At the same time as the political opposition “the Green Movement” gained momentum against the Iranian government they found their website, mowjcamp.com, was attacked where their domain name was changed with users directed to a different IP address. The website now displayed contact details that implied involvement in the site by an American, giving the political opposition a western identity.
It’s an extraordinary world which few understand, but after the efforts of hackers to bring down Mastercard and Visa we are beginning to understand the potential power of attacks.
For a copy of the Harvard University report: