Monday, June 15, 2009

Social Hacktivism & The Social Denial of Service (SDoS)

Something interesting happen this past weekend in the new world of cyber warfare. More specifically, the emergence of the social web as the key tool in what can only be described as the first cyber revolution.

Yes, I know this sounds crazy, so let me explain. Over the weekend the Iranian opposition coordinated a series of cyber attacks that successfully managed to prevent access to several pro-Ahmadinejad Iranian web sites, including the President’s homepage. Currently the attack is on going with a good portion of the key Iranian governments websites either offline or loading very slowly.

What's interesting about these series of attacks is how they were organized in realtime using twitter as well other social tools. The attacks rely on a so called people’s information warfare concept first described by Dancho Danchev in 2007. Generally the concept goes like this; a distributed community of like minded "revolutionaries" use the new crop of social tools (facebook, twitter, myspace etc) for self-mobilization in conducting various hacktivism activities such as web site defacement's, or launching distributed denial of service attacks.

Unlike similar attacks last year, there are a few key differences in these latest denial of service attacks. First of all there is no botnet but instead the attacks are based on large volumes of ordinary individuals coming together for a common cause. Most seem to be using twitter to self organized themselves into what I'm calling a Social Denial of Service (SDoS) with the intention of limiting or disrupting access to key Internet sites. Unlike botnet attacks, these SDoS attacks rely on users browsers to create large amounts of traffic. A simple yet very effective tactic.

A recent post on ZDNET sheds some light on this latest approach to social hacktivism. "Among the first web-based denial of service attack used, is a tool called “Page Rebooter” which is basically allowing everyone to set an interval for refreshing a particular page, in this case it’s 1 second. Pre-defined links to the targeted sites were then distributed across Twitter and the Web"

Very interesting times, I'll keep you posted as a I learn more.

#DigitalNibbles Podcast Sponsored by Intel

If you would like to be a guest on the show, please get in touch.