Distributed denial of service (DDoS) is a hot topic on for much of cybersecurity and a mainstay of Internet-based protests, and perhaps this is the reason that political parties have taken it up as their election manifesto! Yes, you heard it right. Dutch opposition party D66–a party that calls itself “a progressive liberal party”–has called for the legalization of DDoS, and says that it should be handled in the same way as other street demonstrations are regulated. According to the proposal given by D66, “Hacktivists should give prior warning of their action to allow companies to take whatever defensive measures they choose.”
Distributed Denial of Service attacks are a favorite tool of hactivist first-line protest attacks as they function by essentially making a website, or potentially anything in the general vicinity, slow down or become inaccessible for a certain time period. Repeated DDoS use has brought the IT industry to call for more security and defensive measures online.
When DDoS protest fails
However, it is not that these attacks become successful every time (Thankfully!), as it can fail. Back in October last year, we heard about the failed DDoS attack on New York Stock Exchange’s website by hacktivist collective Anonymous. When the group began rumbling that it would proceed with an attack against the New York Stock Exchange, NYSE beefed up security before the purported attack, and the anticipated tsunami (DDoS) became a bucket of cold water.
Another evidence is the tongue lashing by The Pirate Bay against hackers from Anonymous, who had taken it upon themselves to punish Virgin Media for following the edicts of the UK High Court. The Pirate Bay posted a harsh message on its Facebook wall, criticizing the hackers and taking a moral stand for Virgin Media’s customers who became victims twice-over: once from the UK High Court censorship and once from the DDoS.
It generates attention for political as well as childish protests
There are scenarios when we saw DDoS attacks generating attention for one or more reasons, such as the massive attack of Megaupload.com, taking aim at government websites belonging to China and England, and washing away the US Department of Justice Website with a DDoS attack. The attack on China and UK government sites were over human rights issues. The Anonymous said that China is targeted because there is oppression of free speech and other human rights violations in the country, while the UK is under fire because of a recently crafted extradition treaty. The entire episode was extensively covered by Kit Dotson, and can be read here.
And most recently, some high profile sites like those of US Department of Justice and CIA were the target for Anonymous hackers. The initial bombardment against the cia.gov and justice.gov started with a Brazilian hactivist going by the moniker “Havaittaja” announcing via Twitter that they had started a DDoS “for the lulz” and several other Anonymous cells quickly joined in. Consequently, both CIA.gov and justice.gov websites remained offline, rather inaccessible for over an hour.
As illegal activity, DDoS does lead to arrests
As soon as the DDoS attacks turned down the U.S. government and other big websites, FBI became proactive. They even arrested a Connecticut man in December, charged with conducting the October 2010 attack on GeneSimmons.com. Reportedly, Poe could face a maximum of 15 years in federal prison. Lately, FBI made two of the LulzSec hackers admit guilty for disabling some high profile websites and performing Distributed Denial of Service attacks. These included Ryan Cleary, 24, and Jake “Topiary” Davis, 19, who have admitted hacking CIA, National Health Service, News International, Sony, Nintendo, Arizona State Police, and film studio 20th Century Fox websites, among several others.