Harvard researchers find that most such organizations and independent media sites have been knocked offline by a distributed denial of service attack.
(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010
WikiLeaks and Operation Payback may recently have propelled distributed denial of service (DDoS) attacks onto the front pages of many daily newspapers, but this has long been a popular form of attack against human rights and independent media organizations, a report released on Wednesday said.
These DDoS attacks often knocked sites offline -- sometimes for weeks, according to the study, conducted by Harvard University's Berkman Center for Internet & Society. Of the sites polled, 61% suffered through unexplained downtime, while 62% experienced DDoS attacks, the report said. In addition, 39% experienced an intrusion and, of those experiencing a DDoS attack, 81% also suffered through at least one filtering, intrusion, or defacement, according to the study.
Based on Google and Twitter searches, researchers found evidence of 140 attacks against more than 280 sites between August 2009 and September 2010, the report said. However, there likely were many more unreported or lower profile DDoS attacks, according to the study.
"These numbers confirm that, despite the under-reporting inherent in this method, DDoS and other
cyber attacks are common against independent media and human rights sites, even outside of elections,
protests, and military actions," according to the report, co-written by Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York, and John Palfrey.
Attacks were most prevalent against sites in regions such as Burma (also known as Myanmar), China, Egypt, Israel, Iran, Mexico, Russia, Tunisia, the United States, and Vietnam. These attacks came from within a nation's own borders and externally, the report said.
The Berkman Center shone a spotlight on some specific attacks, focusing for example on those targeting a liberal, independent Russian newspaper; others aimed at a Vietnamese organization that protests bauxite mining in the nation; attacks against sites allegedly promoting Islamic jihad; launches against Iran's Green Movement; and cyber-assaults against the Iranian government's opposition Web site.
Human rights groups had mixed results in protecting themselves from attack. In 55% of instances, Internet service providers shut down their sites in response to a DDoS attack, while only 36% of respondents said their provider successfully defended them against a DDoS attack, the survey found.
"The fact that 55% of respondents suffering a DDoS attack had been shut down by their ISPs first indicates that at least 55%, and almost certainly more, of the sites had been subject to a traffic-based attack. That fact, along with the fact that only 36% of the respondents subject to DDoS attack had an ISP that defended them against attack, indicates that for many independent media, the local ISP is a weak point rather than a strong ally," the report said.
But organizations did not solely depend on their ISPs for protection. The vast majority -- 83% -- had fixed problems with their existing Web application software, and 80% reported that this measure was "somewhat effective" or "effective," the report said. In addition, three-fourths of respondents installed security software or hardware on their existing servers, and 62% upgraded their Web server software, according to the study.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.