Saturday, December 3, 2022

DDos: an unlawful tool used to silence activists

DDos: an unlawful tool used to silence activists

Participating in a protest and sharing your views on the Internet are considered a human right. Based on domestic law, authorities shut down the internet in order to silence protestors. However, in late May 2020, cyber-attacks were used to silence activists especially those working in anti-racism organizations.

Since George Floyd’s death, anti-racists groups and government websites have been facing cyber-attacks. Cloudflare, which blocks attacks designed to knock websites offline, said that since Floyd’s murder, there were more attacks than before.  Over the weekend of May 30/31, Cloudflare blocked 135,535,554,303 cyberattack HTTP requests. Cyberattack requests increased by 17% compared to the Weekend of April 25/26. According to Cloudflare, the most targeted website in cyber-attacks are those belonging to Advocacy groups. In April 2020, these groups did not register any attack. However, since May, each site registered 20000 requests per second. Organizations such as Black Lives Matter (BLM), the American Civil Liberties Union (ACLU) and the National Association for the Advancement of Colored People (NAACP) websites were hit by cyber-attacks.

Cloudflare founded a project entitled “Project Galileo” aiming to provide protection from cyber-attacks for vulnerable targets like humanitarian organizations. The blocked cyberattack HTTP requests on US anti-racism organizations in Project Galileo showed a dramatic increase between May 29, 2020, and June 1, 2020.

On the other hand, large attacks on governmental websites were registered in the United States. Attacks on Government websites are up to 1.8x and attacks on military websites are up 3.8x month on month. Last weekend of May, the Minneapolis police department website was temporarily taken down in a suspected Distributed Denial of Service (DDoS) attack. The sites were facing access problems requiring visitors to enter “captchas” verifying they were not bots.

The Hacktivist group “Anonymous” appears to have re-emerged. In fact, they have used the DDos attacks in the past. In 2008, they used this tool to knock some of “The Church of Scientology” websites offline. The disruption of the police websites came after a Facebook page claiming to be affiliated with Anonymous released a video “Message to Minneapolis Police Department” on May 28. “We are legion. Expect us,” said Anonymous. On May 31, 2020, Anonymous posted a picture on their twitter account using the hashtag #GeorgeFloydProtests. On June 2, they posted a tweet saying, “Anonymous earlier today hacked the Minnesota State Senate Website. This is a series of attacks that will keep continuing in response to #GeorgeFloyd’s death”.

Anyone can be a victim of a DDos attack and many web services are offering the tool. Sometimes, DDoS attacks are used to distract IT staff while another cybercrime such as data theft or malware injection is carried out. Jake Moore, a cybersecurity specialist at ESET said  “Such attacks can last a matter of minutes or go on for days depending on how big their egos are in terms of trying to get media attention” according to The Verdict.

Launching a DDos attack is considered a criminal offense under the 2006 amendment to the Computer Misuse Act 1990. If Anonymous is asking for justice, who is conducting cyber-attacks on anti-racism organization websites?