TWeeD (![[info]](http://p-stat.livejournal.com/img/userinfo.gif){kind=small} densaer) wrote,@ 2008-04-23 18:03:00 |
|
The Chinese attack against CNN as information warfare
As I described a few days ago, Chinese activists attacked CNN.com, rendering it unusable for a few hours. Dancho Danchev has some good followup.
The DDoS attack against CNN.com, whether successful or not in terms of the perspective of complete knock-out, which didn't happen, is a perfect and perhaps the most recent example of a full scale people's information warfare in action. Utilizing the bandwidth of the over 200 million nationalism minded Chinese Internet users, can greatly outpace any botnet's capacity if coordinated, or though the use of automated DIY tools, like the ones we've seen released for the purpose of attacking CNN.com
Dancho references a "malicious culture of participation," where like-minded novice cyber-warriors incensed about $CAUSE can band together and create a DDoS that does not rely upon massive botnet arrays. It sounds very web 2.0, and I expect someone to put up a YouTube video of someone going "Leave CNN ALONE!"
There was a fundamental weakness in the CNN attack, though ... almost all the attackers were located in mainland China, so all CNN did to restore service was block incoming traffic from certain geographical regions ... blackholes are a really nice thing, y'know. While CNN did go down for a few hours, most security people I've talked to about the subject consider the attack to be a failure, but perhaps a portent of things to come...
EDIT: BBC has a good wrapup of things going on inside of China coinciding with the DDoS.
As I described a few days ago, Chinese activists attacked CNN.com, rendering it unusable for a few hours. Dancho Danchev has some good followup.
The DDoS attack against CNN.com, whether successful or not in terms of the perspective of complete knock-out, which didn't happen, is a perfect and perhaps the most recent example of a full scale people's information warfare in action. Utilizing the bandwidth of the over 200 million nationalism minded Chinese Internet users, can greatly outpace any botnet's capacity if coordinated, or though the use of automated DIY tools, like the ones we've seen released for the purpose of attacking CNN.com
Dancho references a "malicious culture of participation," where like-minded novice cyber-warriors incensed about $CAUSE can band together and create a DDoS that does not rely upon massive botnet arrays. It sounds very web 2.0, and I expect someone to put up a YouTube video of someone going "Leave CNN ALONE!"
There was a fundamental weakness in the CNN attack, though ... almost all the attackers were located in mainland China, so all CNN did to restore service was block incoming traffic from certain geographical regions ... blackholes are a really nice thing, y'know. While CNN did go down for a few hours, most security people I've talked to about the subject consider the attack to be a failure, but perhaps a portent of things to come...
EDIT: BBC has a good wrapup of things going on inside of China coinciding with the DDoS.
