DDoS Attacks Strike Human Rights Groups
Harvard researchers find that most such organizations and independent media sites have been knocked offline by a distributed denial of service attack.
These DDoS attacks often knocked sites offline -- sometimes for weeks, according to the study, conducted by Harvard University's Berkman Center for Internet & Society. Of the sites polled, 61% suffered through unexplained downtime, while 62% experienced DDoS attacks, the report said. In addition, 39% experienced an intrusion and, of those experiencing a DDoS attack, 81% also suffered through at least one filtering, intrusion, or defacement, according to the study.
More Security Insights
- Get Actionable Insight with Security Intelligence for Mainframe Environments
- Getting a Grip on Mobile Malware
White PapersMore >>
Based on Google and Twitter searches, researchers found evidence of 140 attacks against more than 280 sites between August 2009 and September 2010, the report said. However, there likely were many more unreported or lower profile DDoS attacks, according to the study.
"These numbers confirm that, despite the under-reporting inherent in this method, DDoS and other cyber attacks are common against independent media and human rights sites, even outside of elections, protests, and military actions," according to the report, co-written by Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York, and John Palfrey.
Attacks were most prevalent against sites in regions such as Burma (also known as Myanmar), China, Egypt, Israel, Iran, Mexico, Russia, Tunisia, the United States, and Vietnam. These attacks came from within a nation's own borders and externally, the report said.
The Berkman Center shone a spotlight on some specific attacks, focusing for example on those targeting a liberal, independent Russian newspaper; others aimed at a Vietnamese organization that protests bauxite mining in the nation; attacks against sites allegedly promoting Islamic jihad; launches against Iran's Green Movement; and cyber-assaults against the Iranian government's opposition Web site.
Human rights groups had mixed results in protecting themselves from attack. In 55% of instances, Internet service providers shut down their sites in response to a DDoS attack, while only 36% of respondents said their provider successfully defended them against a DDoS attack, the survey found.
"The fact that 55% of respondents suffering a DDoS attack had been shut down by their ISPs first indicates that at least 55%, and almost certainly more, of the sites had been subject to a traffic-based attack. That fact, along with the fact that only 36% of the respondents subject to DDoS attack had an ISP that defended them against attack, indicates that for many independent media, the local ISP is a weak point rather than a strong ally," the report said.
But organizations did not solely depend on their ISPs for protection. The vast majority -- 83% -- had fixed problems with their existing Web application software, and 80% reported that this measure was "somewhat effective" or "effective," the report said. In addition, three-fourths of respondents installed security software or hardware on their existing servers, and 62% upgraded their Web server software, according to the study.
InformationWeek and Dark Reading have published an in-depth look at responding to a database breach. Download the report now (free registration required).