DDoS attacks hurt human rights groups

WHILE HACKTIVISTS' distributed denial of service (DDoS) attacks have hit the news lately, it seems that the method has more often been used by the bad guys to suppress websites belonging to human rights groups.

A study (PDF) conducted by Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York and John Palfrey of Harvard University's Berkman Center for Internet & Society reports that the websites that DDoS attacks knocked offline were more likely to be those of human rights groups.

Of the sites polled, 61 per cent suffered unexplained downtime, while 62 per cent experienced DDoS attacks, the report said.

Human rights groups' websites often get hacked too, with nearly 40 per cent having experienced an intrusion. If a website suffered a DDoS attack then it was 81 per cent as likely to have suffered at least one filtering, intrusion or defacement, the study said.

The study was based on Google and Twitter searches. The researchers found evidence of 140 attacks against more than 280 sites between August 2009 and September 2010.

There likely were many more unreported or lower profile DDoS attacks that were not reported.

"These numbers confirm that, despite the under-reporting inherent in this method, DDoS and other cyber attacks are common against independent media and human rights sites, even outside of elections, protests, and military actions," the report said.

Attacks were most prevalent in Burma, China, Egypt, Israel, Iran, Mexico, Russia, Tunisia, the United States and Vietnam.

Human rights groups often found their ISP shut down their websites in response to a DDoS attack, while only 36 per cent of respondents said their provider successfully defended them against a DDoS attack.

More than 83 per cent had fixed problems with their existing web application software, and 80 per cent reported that this measure was "somewhat effective" or "effective", the report said. µ