If you haven’t heard, the website of the BBC crashed for about an hour last night. Almost immediately, rumors circulated that Anonymous had brought it down in protest over unfavorable coverage of the UK Uncut protests.
In fact, one blog quoted a UK Uncut activist saying that Anonymous had taken credit for the website being down. However, I find this rather unlikely for a number of reasons.
Anonymous and the media
The main faction engaged in protests via DDoS, known as “Anonops,” has a policy of not going after media outlets, regardless of their media coverage. This has come up in operations in Libya, where Anonops has repeatedly refused calls to bring down Gadaffi’s media outlets, as well as closer to home, as calls to DDoS Fox News have gone unanswered.
Over the course of the various actions to register grievances over the past four months or so, Anonymous has attracted some occasionally negative coverage from media outlets, but seems somewhat indifferent towards lashing out at media outlets for unsympathetic media coverage.
Lone wolves and splintering
Of course, Anonymous is bigger than any one faction, and it’s possible that any number of the collective might have rolled out a DDoS campaign. Previously, as few as five or ten have been able to open their LOIC’s and bring down websites of groups they disagree with.
However, the websites most susceptible to small numbers are, much as was the case with Mastercard and Visa, glorified corporate pamphlets. Especially if these websites are hosted on private servers rather than on a cloud infrastructure, they can be very susceptible to small-numbers fire from LOIC’s. Contrast this with the BBC which regularly serves streaming audio and video through its iPlayer product, and it seems unlikely that even a medium-sized LOIC cohort would be able to bring the nebula of websites down with page requests.
The outage also appears to have been complete for the duration of the downtime, which is very unusual for a DDoS attack. DDoS typically causes the server to run slow because of a massive amount of page requests, which means that a trickle of legitimate traffic will get through. Thus, we should see exclamations on Twitter of the likes of “It’s back,” which wasn’t seen.
In fact, the outage is much more consistent with a hardware failure than with a software issue like DDoS. This ZDnet article chalks up the outage to a router failure and to stupendously bad backup management, which is much more likely, in my opinion.
As noted in this paper, DDoS attacks have been around for decades and have been perpetrated long before the Anonymous collective started using them as a means of protest. Anonymous has, however, opened an entire new avenue of use for DDoS’s which will likely continue to pick up steam.
However, a critical component of using DDoS as a form of protest involves publicizing the reasons for doing so. Therefore, one ought to be skeptical about claims that Anonymous did this or that attack unless seeing some kind of evidence. Or, as the saying goes, “pics or it didn’t happen.”
Websites are bound to go down from time to time simply due to the nature of IT. While I can’t blame the average netizen for expecting Anonymous, it’s important to differentiate when Anonymous in part or in whole is or is not acting.
- You can follow any responses to this entry through the RSS 2.0 feed.
- Both comments and pings are currently closed.