DDoS and freedom of speech: unexpected botnet consequences

Sponsored Content: Amongst an ever-growing circle of the internet, the most common consequences of DDoS attacks are well-known. Lost traffic. Lost revenue. Frustrated users who vent their anger on social media. Frustrated users who might just abandon a website or business for a competitor. Possible hardware or software damage. Possibly even an intrusion masked by the attack.

As with most insidious things in life, however, the negative effects of DDoS attacks can extend a lot further than most people realize. For instance, there are entire DDoS botnets dedicated to attacks on free speech and, by extension, democracy. Yes, freedom of speech and they’re even taking their fight to Twitter.

A history of aggression

A distributed denial of service attack is a type of cyber attack, one that gains its power from the use of a botnet. What is a botnet? A botnet is a network of computers and other digital devices that have been infected by malware, allowing them to be controlled remotely, and collectively used to overwhelm a targeted website’s server or network infrastructure with the end goal of taking the target offline.

Once the pastime of hackers and script kiddies, DDoS attacks are now being used as cyberwarfare. While businesses have been hugely impacted by these attacks, government websites, media outlets, political organizations, and journalists are now finding themselves in the cross-hairs of these attacks. DDoS attacks have allegedly and famously been used by nation states including Russia, China, and North Korea. It might be quicker to name countries in which media outlets haven’t been targeted, but outlets in the United States, United Kingdom, Sweden, Belgium and Latin America have all been hit with high-profile attacks in the last two years.

Taking it to Twitter

Cybersecurity blogger Brian Krebs ends up in the news for being on the receiving end of DDoS assaults more often than he would presumably like, and he’s back making headlines for ending up the target of a horde of Twitter bots. After Tweeting about Russian President Vladimir Putin, US President Donald Trump and the bots that tend to follow any Tweet about Putin or Trump, Krebs suddenly found himself with 12,000 new followers and a similar number of retweets in a targeted attack.

This might be confusing, since gaining new followers and retweets are generally two goals of Twitter users. However, this massive influx of both alerts Twitter’s anti-abuse tools, making it look as though the account on the receiving end of these followers and retweets is engaging in suspicious activity. While Krebs did not find his account suspended after this attack, other journalists have, including Daily Beast cybersecurity reporter Joseph Cox who was swarmed by bots after publishing a story on pro-Kremlin bots.

While these attacks are a little different than a standard distributed denial of service attack, they fit the definition because the computing resources of a botnet are used to render an online service – in this case, Twitter – unavailable to its legitimate users. It may be only one user at a time affected, but the end result is that voices are silenced by their opposition. In the case of Krebs, Cox and a number of other journalists uncovered by Cox, that opposition seems to be botnets working in defense of Putin or the Kremlin. It must be noted that nothing has been proven in regards to where the botnet is located, who is behind it, or their motivations.

DDoS as protest

Depending on your personal beliefs, it may be easy to characterize the Twitter DDoS attacks on journalists or allegedly state-sponsored DDoS attacks on news websites, US presidential candidate websites and Hong Kong’s pro-democracy websites as attacks on freedom of speech, possibly even democracy. What of the planned attack on whitehouse.gov during President Trump’s inauguration, however? Or the Anonymous-led attack on the Brazilian government’s website as a reaction to the 2014 FIFA World Cup? Are these attacks on freedom of speech and/or democracy? Or are they a valid form of protest?

One possible distinction is the source of the attacks – distributed denial of service assaults from groups of citizens may be easier to characterize as protests than attacks coming from groups that have connections to nation states. Even that may present a slippery slope, however. A DDoS attack from a group of citizens that takes down a media outlet is arguably as big of a blow to free speech as an attack on a nation state.

The bottom line

Distributed denial of service attacks are coming from nation states, hacktivist groups, lone wolves, competing businesses, disgruntled gamers, DDoS for hire services, the list could go on. No matter the motivation, the intended consequences, the message behind the attacks or any other factor, one simple truth stands out: DDoS attacks are a major problem for targets ranging from governments to businesses too small websites and now Twitter accounts, and anyone who doesn’t want their freedom of speech or ability to go about their online business impacted needs to invest in professional protection where possible.