Whose Internet is it anyway?
This week we've seen two Internet events that are more alike than dissimilar. On Wednesday, an Estonian court convicted a 20-year Russian for his part in last spring's distributed denial-of-service (DDoS) attacks on that nation. On Thursday, word of mounting DDoS attacks on the Church of Scientology spread. Ultimately, both events could have larger repercussions.
The attack on the Estonian Web sites was prompted by an Estonian government plan to move a statue and grave sites honoring Russian-Estonians who died fighting the Nazis. Gadi Evron of Beyond Security said at last year's Black Hat USA that he found only one case of unique code used in the attacks which lasted from April 27 through mid-May. Evron said the attack had the appearance of an Internet flash mob, and now, with the conviction, it appears to have been loosely organized by a group of college kids. Evron cited evidence of at least one e-mail inciting Internet action on a particular date at a particular time during Estonian attacks.
A similar event is happening now. DDoS attacks against the Church of Scientology appear to be coming from a loosely organized group of individuals calling themselves Anonymous or Anon. The attacks, according to Jose Nazario of Arbor Networks, appear to use common code and early attacks originated from one IP address.
As with the events in Estonia, as news spread, more individuals may now be targeting the Church of Scientology in a sort of "me too" frenzy. A Web site called Project Chanology continues to detail present and future actions by Anonymous and others.
The idea that a handful of skilled individuals could decide to "take out" a particular group or company or government for any reason is a very disturbing one indeed.
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
- Topics:
-
Criminal Hackers,
-
Security
- Tags:
-
security,
-
Estonia,
-
cyberwar,
-
flash mob,
-
DDoS,
-
denial of service,
-
Gadi Evron,
-
Beyond Security,
-
Jose Nazario,
-
Arbor Networks,
-
Church of Scientology
- Share:
- Digg
- Del.icio.us
This report is mischievously false. It seeks to create the impression that the young man convicted was a Russian national (which is false) and in so doing obfuscates the fact that the DDoS attack was conceived and coodinated entirely by a disenchanted Estonian national by elevating his ethnic origins above his actual nationality.
That is like saying that John F Kennedy is Irish, or that Jesse Jackson is Ghanaian (or whichever African country his forefathers may have been abducted from). But that would be false. Every American recognizes their ethnic origins, but see themselves as American nationals.
This kind of journalism is criminally devious as it is appears to be reserved for use only when it becomes necessary to daemonise a country that may not have endeared itself to western Europe or north America
fashion for years!
Even the benign form, the slashdot effect!
There are some that have yet to be taken out by DDoS...
Reporting like this makes me think the media were running short of "exciting" material.
HACKHACKHGAKAHCKAHGHACK
First of all, we aRe all anonymous and the only way we connect is as anonymous pixels in a fake reality so named the interwebs. The CoS want all things secret. If you have issue with DMCA if you think EFF and Creative Commons have it right. Than think about Anon in a better light they are you.
Keep it Underground
Anon is willing to allow people the freedom that Anon thinks they should be have. I don't recall the Universal Declaration of Human Rights mentioning that Anon was the final arbitrator of who did and didn't have those rights.
There are two problems with anon.
the first being that groups of average people are HORRIFIED of them, the non-133t. and they hear horror stories about these 'innocent' people or groups (like Scientology) being terrorized by them. Really, i feel there is enough fear on the internet from viruses and what not...but now people night be afraid to communicate there feelings out here because it might be used against them.
The other problem is that further attacks will not just shape the networks, it will shape the policies around them. Yes, i know, people will always find away around the networks fail-safes. but i don't want every step i make online recorded. Not that that doesnt happen anyway (i use google services) but the next step whether people like it or not, will be poilitical.
and do you really want Ted Stevens following you around your internet tube?
The
But when a group takes the law into their own hands we enter the realm of rule by the bully. "I can take your site down so you must do what I say." With that threat your rights go out the window and fascism takes over.
There should be a huge outcry about this act of Internet terrorism by Anon. If you think this will stop with Scientology, think again. if these bullies succeed then all it takes is for a few lies to be told about you or your church or group or company and WHAMO! Anon is here to save the world and your site is down.
Or there is another obvious avenue for this sort of behavior - blackmail. "Send $50,000 to our Swiss Bank Account or we'll take down your site just like we took down Scientology".
That's were behavior like this ends. So if you don't want your website to be next maybe you should stand up now and say something about what is going on.
But why "legal" reason never work with that so called 'church' is that their legal team is unbeatable.
You protest something, you become a threat to them?
They'll find something to pin on you.
What's the point of challenging them if you know you'll always lose? The IRS removed their tax exempt status one time and they tried to look for things to convict IRS members. And they continued until the IRS mysteriously gave it back to them.
They Blackmailed the IRS with Legal Charges.
How do you fight that which controls the law?
That is /precisely/ what the Scientologists do, right along with isolating the "believers".
Am coming to the conclusion that "extra legal recourse" may, in the future, be the only way for ordinary people such as myself to see justice as something more than patronizing words spoken in contempt by my betters. It is time, and far past time, that these captains of industry, religious fanatics and so called political leaders fear us.
Ignorance of Anon is no excuse under Anon.
Just like bank robberies, murder, shoplifting, drug smuggling will never be stopped.
The courts have tried to address those wholesale, but at the end of the day, they can't stop those crimes. Internet crimes will follow the same path. The professional criminals often escape detection, like the skilled attackers online do. Those without the technical knowledge are the ones who will get caught and pay dearly because the courts will take out their frustrations at not being able to stop the professionals.
As people become more dependent on the internet, the damage a DDoS can do will also rise. It is a risk those who want to run a website will have to deal with, especially those who are very unpopular.
Doing anything involves risk. Avoiding DDoS is simple, don't set up shop online. If you do so, you risk a DDoS, if that risk is too high the solution is simple.