Subscribe to the InfoTech eNewsletter

infoTECH Feature

April 11, 2017

Online Activism: DDoS and Cyberattacks as Peaceful Protests

By Special Guest
Sophia Mixon, Content Writer

If there’s two things a DDoS attack does, it’s deny services to users and gain a whole lot of attention and publicity thanks to all those frustrated users. Groups like the Lizard Squad have ridden this second capability to Internet infamy and substantial ill-gotten gains from their DDoS for hire services.

While distributed denial of service attacks generally get nothing but negative attention due to the damage they can do to websites and businesses, activist or hacktivist groups around the world are taking these attacks in a wildly different direction: the peaceful protest.

How DDoS gets the job done

A DDoS attack, like all denial of service attacks, denies the services of a website by either slowing the website so much as to render it unusable, or by taking it offline altogether. This is accomplished by overwhelming the website’s server, resources or bandwidth with malicious traffic, and that malicious traffic comes from what is known as a botnet – a network of Internet-connected devices that have been hijacked for remote use.

A shift to unconventional occupation

In a way, the shift from business disruptor to instrument of political protest has been a natural one for DDoS attacks. After all, when protesters organize a sit-in or a march, two of the main objectives are to disrupt the operations of the group or organization being protested against, and to gain publicity for the protest. A distributed denial of service attack accomplishes both, blocking users from the website(s) at the center of the protest, and drumming up attention on both social media and in traditional news media.

The first recorded instance of DDoS as protest occurred in 1995 when an Italian collective took aim at the French government’s website to protest France’s nuclear policy. A hacktivist group by the name of the Electronic Disturbance Theater then took the idea of DDoS protest a step further, building a DDoS tool called FloodNet that allowed people outside the organization to join what the group called their virtual sit-ins. Targets of the Electronic Disturbance Theater included the websites of politicians as well as the website of the White House.

In our current DDoS-heavy era, hacktivist group Anonymous has taken the idea of the collective DDoS attack to the next level by creating so-called voluntary botnets which allow anyone to ‘donate’ the resources of their computer or other Internet-connected devices to provide more DDoS protest firepower. One of Anonymous’s most famous targets was the Brazilian government’s website, which went down in 2014 in protest of the FIFA World Cup. Prior to that, Anonymous took aim at PayPal (News - Alert) in retribution for PayPal’s withholding funds from WikiLeaks.

The Donald Trump target

It’s no surprise that, as with more traditional forms of protests, governments are frequently targeted by distributed denial of service protest attacks. Countries famously thumped by DDoS protests include Estonia, which suffered weeks’ worth of outages in both the public and private sector in 2007 after moving a WWII memorial to Russian soldiers, the Ukraine which suffered due to NATO protests in 2008, Burma in 2010, Tunisia in 2011 as a part of the Jasmine Revolution (News - Alert), and South Korea in 2013 when North Korea took cyber-aim.

It will also come as no surprise that the election and inauguration of one of the most controversial presidents in United States history inspired thoughts of cyber-protest alongside the myriad marches on Washington and across the country. Roughly one week before the January 20 inauguration of President Trump, a call was put out for people to flood the website with traffic on the day of the inauguration – a distributed denial of service attack, minus the botnet.

Cyber protest struggles

Information on what actually occurred is scarce, but the outcome is certain: there was no successful DDoS attack on the White House site on Inauguration Day. It’s possible the DDoS protection was simply up to the task for mitigating all attempted attacks, or that the DDoS attempt couldn’t get enough power behind it without the use of a botnet or techniques like amplification.

It’s also possible, though, that the planned attack suffered from the illegality of DDoS. While peaceful protests like marches and sit-ins are recognized as a form of free speech and are protected by law, distributed denial of service attacks have earned no such distinction and can be punished by serious prison time – a warning that went out shortly after the call for the Donald Trump DDoS protest.

However, protestors and activists haven’t traditionally been overly concerned with what’s legal, and with distributed denial of service attack protests making it possible for activists to take part in a demonstration that disrupts services and operations and gains all kinds of attention, no matter how far away they may be, DDoS protests will likely only grow in popularity, frequency and strength.

Edited by Alicia Young

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers