Tuesday, June 16, 2009

DDOS attacks on Iran's web-sites: what a stupid idea! (Foreign Policy: net.effect)

DDOS attacks on Iran's web-sites: what a stupid idea!

Mon, 06/15/2009 - 7:27am

This was to be expected: as the protests in Tehran do not seem to calm down, the warring parties are sparring in cyberspace. As ThreatChaostpoints out, the plot has now thickened: now anyone with an Internet connection knows how participate in a DDOS attack on Ahmadinejad's web-sites! Thank you, Twitter!

I have come to believe that DDOS attacks must be the new counselling, for they seem to be much more effective at neutralizing the anger of millions of angry Americans and Europeans (not to mention Iranians themselves) and converting it into something tangible (well, tangible would be a bit of a stretch: so far, it only slows down several pro-government sites to a point where some of them become inaccessible altogether). The question, however, is whether it's going to help anyone but the angry netizens. 

I've looked around Twitter and the Interwebs and have discovered several ways of helping the cause. Most are rather basic and are Web-based: those who want to launch DDOS from the comfort of their browsers, can go to Pagerload.com, PageReboot.com or AustinHeap.com, where they can either enter their own online targets or have to live with the targets that have already been chosen for them (AustinHeap even customizes its offerings: you can still launch DDOS attacks from your browser, but if you happen to run a PHP server, well, then you can be even more powerful - they let you know how too). 

Those are who more experimental by nature could also download a shady software called "Low Orbit Ion Cannon" (that sounds like something dreamt up in computer labs of the Scientologists or, at least, to fight the Scientologists, no?), have it installed (disregard the alerts of your anti-virus :-), input a few targets, and, perhaps, also customize a message that you would like to "send" to Iranian servers, and hit "Launch Attack"! (it also displays some unknown call in a foreign language - I presume it is there to make it look more authentic; after all, you can't expect to be part of the Cyber-Jihad without some loud exclamations in Arabic or Farsi). There are calls to use an even more sophisticated tool called "BWraep", which seems to exhaust the target web-site out of bandwidth by creating bogus requests for serving images (many of these tools appear to be described and linked to from a shady web-site called the Insurgent Wiki).

There is a lot of Twitter hyperactivity surrounding these DDOS-attacks, including a dedicated Twitter handle "DDOSIran" and several frequent posters who share tips and links to new "tools" (some of these sites also carry some truly useful information, like the list of proxies that are currently working in Iran, so I assume there are quite indispensable at the moment, no matter what your take is on DDOS attacks). One interesting innovation that I've noticed is the use of Delicious to compile links to attack-sites; check http://delicious.com/freeiran for more - this strikes me as a very interesting use of social bookmarking, even though I am not sure that Delicious admins will let this stuff stay online if it gets really popular. 

I don't know about you, but to me it looks as if DDOS attacks emerged as a very effective way to boost PR for some of their organizers. Don't you think it's a bit surprising to see, for example, "Josh Koster of the DC-based political firm Chong and Koster" become one of the "cyber-commanders" of a DDOS-army that was trying to take down the web-site of the Islamic Republic of Iran Broadcasting (is it a coincidence that the company also offers "rapid response" and "new media services"?). Poor Josh, he may not have known about the fact that his actions might be illegal - but still, the PR benefits, I am sure, were huge. 

Several visible American blogs - TechPresident (that's where I found out about Koster's story) and DailyKos among them - have written celebratory articles that read as if they are encouraging people to participate in the cyber-attacks. Patrick Ruffini, one of TechPresident's founders, linked to TP's post with a brief comment that said "How to DDOS (in a good way) Iran's state-run media website", which was then re-tweeted a few dozen times. Saying that these cyber-attacks are somehow "launched in a good" strikes me as a very ood observation; so, when someone attacks the web-sites of the Georgian presidents, the DDOS attacks are deplorable, but to strike down Ahmadinejad's web-site is okay? I think we need more consistency here - we can't just selectively apply moral labels simply based on whose party we happen to support in a conflict. 

Some wise folks have been cautioning against participating in DDOS attacks, for they are only likely to slow down Internet in Iran for everyone, not just Ahmadinejad's supporters (kudos go toInfoWarMonitorMacSheikhRobo_Fish, and several others). This blog post sums up their logic pretty well:

Iran is not your modern open developed nation with gigabit links coming out of its ears. It does not have unlimited transit, and it is likely that all its transit it through one or two carriers. If these links are overwhelmed by armchair protesters DDOSing the website, then Internet access from Iran to the outside world may be disrupted, and it's even possible that the carrier, which will also be catering to other under-developed nations in the region, will simply pull the plug to protect the rest of their network.

But these little subtleties get lost on an angry online mob that wants revenge on Ahmadinejad without taking the effort to educate themselves about the repercussions of their cyber-activity. It's a shame that some American bloggers are participating in this campaign and are even encouraging others to take up their "cyber-arms". Not only is this irresponsible and probably illegal, it also hurts users in Iran and gives their hard-line government another reason to suspect "foreign intervention" - albeit via computer networks - into Iranian politics. 

One possible scenario is that if the cyber-attacks don't subside, Iran will simply pull the plug on the entire Internet in the country - this would be a logical thing to do - leaving all of us without all those Flickr pictures and YouTube videos. Now, this would be really sad - but, perhaps, also a good lessons for those who are all too eager to become "cyber-revolutionaries" in the comfort of their homes. If you want to help Iran, go organize a protest near the Iranian consulate in your city or send money to some independent online news agency - this, at least, will do no harm, unlike DDOS.

No comments: