Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
iPhone 5 rumors for the week ending May 18
Cisco's wireless unit shifts emphasis to "mobility"
Comcast ditches flat 250GB bandwidth cap for tiered service approach
Open-source messaging at (nearly) the speed of light
Social media a boon for businesses, but creates security quagmire
Academics propose groundbreaking uses for Watson
With Verizon pushing more into data caps, Sprint touts unlimited option
J*******k: Dirty word disappears from Apple iTunes store
Survey: BYOD sparks enterprise investment in Unified Communication and Collaboration
Privacy advocates fear CISPA
Doctors warned not to use social media with patients
Cisco mobility bundles target BYOD, mobile virtual desktop
iPhone 5 said, again, to have 4-inch display
Ethernet switching gets specialized
'Thelma & Louise,' 'Beetlejuice' star Geena Davis wins major telecom award
/

Hactivists' cyberdisobedience is anything but civil

Today's breaking news
Send to a friendFeedback

By Winn Schwartau
Network World, 09/13/99

In 1994, I wrote an editorial warning that cybercivil disobedience would soon become a tool of the politically disaffected. The article ended with the statement, "The Clinton administration should keep in mind that for an information age population to aggressively voice its discontent, America doesn't have to take to the streets." The British recently discovered how prescient this warning was.

On June 18, a physical street demonstration in London was accompanied by an electronic demonstration apparently organized by the likes of The Animal Liberation Front, antinuclear protesters and pro-democracy groups opposed to the Chinese government. The groups have already infiltrated several important Web sites, according to the U.K.'s National Criminal Intelligence Service.

Of specific concern, though, is that several organizations, including the London Stock Exchange and Barclays Bank, were targeted during the anticapitalist demonstration by teams of hackers from Indonesia, Israel, Germany, Canada and the U.S. For five hours, at least 20 companies were subjected to more than 10,000 hacker attacks.

This technique is called Floodnet, after a legal software program that initiates a large number of Web searches every second. Multiply this by tens of thousands of people coordinating their searches to constantly occur over a period of hours, and you find yourself under a distributed denial-of-service attack.

Many cybercivil disobedience methods such as Floodnet were pioneered by the Electronic Disruption Theater (EDT), a group of cyberartists that has conducted its own electronic demonstrations in support of the Zapatista movement in Mexico. The EDT was the group that launched a preannounced demonstration at a Pentagon Web site - an event that caused Pentagon administrators to respond with a controversial and legally questionable counterstrike. (For more on this incident, go to www.nwfusion.com/news/0111vigilante.html.)

Floodnet attacks are disruptive, not destructive in the classic sense of the word. But an online business that becomes the victim of an assault or electronic demonstration would argue that disruptive activities are destructive to its income. Maybe that's the whole point. I've talked with EDT member Ricardo Dominguez, and from where I stand, he is a political dissident, not a hacker with an attitude of technical supremacy; he merely wants to make political statements.

How can you defend your company against Floodnet-like attacks? Here are some tips:

Set an upper limit on the number of concurrent searches permitted in a given time period. This is a pure performance issue that you have hopefully already considered.

Restrict the number of Web searches that can be successfully initiated from a specific browser or IP client in a given time period. It is not normal for a surfer to launch a dozen searches per second; one search every 10 or 20 seconds is more reasonable.

Restrict repetitive same-criteria searches. Legitimate surfers conduct multiple searches on different criteria most of the time.

Establish a means to locally sever a connection made by a Floodnet user.

Consider using products with strike-back capabilities. For example, in response to attacks, Secure Computing's Sidewinder firewall launches a daemon that will trigger the offensive techniques of your choice. Strike-back products from other vendors are in the works.

Hactivism has reached a new plateau: an online listserv has been created that discusses the politics and methods to best accomplish hactivists' goals. To get on the list, send e-mail to hactivism-request@ lists.tao.ca and enter the word "subscribe" in the text body. Make sure you have no subject line and remove your signature. Alternately, subscribe at http://lists.tao.ca. Use the list to be forewarned of attacks, targets and methods.

Then again, participation is a good option, too. If you disagree with what the hactivists have to say, argue with them. Listen closely, and be warned that high-profile firms, organizations and groups are the most likely targets of hactivists.

RELATED LINKS

Schwartau is chief operating officer of The Security Experts, Inc., an information security consulting firm, in Seminole, Fla., and president of infowar.com. He can be reached at winn@securityexperts.com or winn@infowar.com. What do you think? Jump into nwfusion.talk and start a thread.

More On Security columns


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.