Information Security News mailing list archives
'Pecked to Death by a Duck'
From: InfoSec News <isn () C4I ORG>
Date: Fri, 20 Oct 2000 00:16:15 -0500
Forwarded By: Small Grey <spunge () attrition org> http://www.villagevoice.com/issues/0042/ferguson.shtml 'Pecked to Death by a Duck' by Sarah Ferguson The 12,000 activists who flooded the streets of Prague weren't the only ones targeting the titans of global capital last month. In addition to the militants hurling molotovs and bricks at police and financiers during the annual meeting of the International Monetary Fund and World Bank, thousands of other protesters waged war online by squatting the two organizations' web sites. Orchestrated by a group of French cyberactivists called the Federation of Random Action and an affiliate, toyZtech, the virtual sit-in used a new "distributed denial of service" tool that even relative newbies could download in the comfort of their own homes. The plan of attackto flood imf.org and worldbank.org with requests for information, overloading the servers and clogging the pipeswas hardly original. But unlike the hackers who hijacked computers and automated them to crash the sites of Yahoo and eBay in February, the FRA announced the action up-front and created a program that required mass participation to be effective. As Oxblood Ruffin of the renowned hacker collective Cult of the Dead Cow commented, it's like "the difference between blowing something up and being pecked to death by a duck." Indeed, FRA's real ammunition was the participants' own free speech. The collective provided a chat-room toy that enabled users to pound at the IMF's and World Bank's servers for 12 hours on September 26 as they ranted to each other about economic inequities worldwide. While e-protesters typed, the program watched for key words such as poverty, finance, investment, and financial power. Each time the words appeared, the program hit the IMF and World Bank sites with requests for information. It also embedded error messages like "Our life is not for sale," "Please crush us too!" and "Do you sell sheep shavers?" "We want to plant seeds of doubt in the actual world order," explains FRA member Fazter. "The chat here is very symbolic, [in] that it is the protesters' speech which hurts the castles, a bit of poetry" to mimic actual street protest. FRA claims the action was a "half-success" that caused some intermittent slowdowns on the sites of the World Bank, IMF, and four investment firms also targeted by protesters. Just 2000 people downloaded the chat-room toy, FRA says, and perhaps 5000 got involvedfar fewer than the 452,000 who reportedly bombarded the World Trade Organization's site in December, during a virtual sit-in orchestrated by the U.K.'s Electrohippies. "There may have been a slowdown, but nothing that proved crippling," says World Bank spokesperson Merrell Tuck, who describes the organization's firewalls as "pretty good." "In one or two places there were some messages on a message screen, but they were taken down pretty quickly." The IMF similarly claims to have been unharmed. "We were aware that a number of protest groups were seeking to organize attacks on the IMF Web site at the time of our annual meeting," says spokesman William Murray. "Our Web site continued to operate throughout the meeting." Denial-of-service attacks have been evolving at a rapid clip since 1998, when the pro-Zapatista group Electronic Disturbance Theater unleashed FloodNet software that targeted sites of the Mexican government, U.S. Department of Defense, and Frankfurt Stock Exchange, and succeeded in crashing the site of former Mexican president Ernesto Zedillo. As hacktivists have refined their tactics, the attacks have grown harder to stop. Where once law enforcement had to track down only the dedicated servers hurling outsized packets of data, now they have to contend with thousands of people working with toys on their home computers. Yet the FRA's offensives are far less malevolent than the so-called zombie attacks that hackers launched against major corporate sites this year, because the collective relies on individualsnot automated applications. "They're only as effective as the numbers of people they're able to bring into their action, and that's part of their point," explains Jerry Irvine of the security firm iDefense. "It's not meant to be a two-person hack into the system, but a broad-based protest." While Ruffin and others in the hacker community dismiss hacktivists as "packet monkeys," groups like the FRA say they're seeking to democratize, and thus decriminalize, Web-based protest. More than hackers, FRA members are really art phreaks, looking to poke fun at corporate (and social) firewalls as much as they seek to dent them. Still, they take credit for a few direct hits. In February, the group launched a "Mail-o-Matic" attack on Occidental Petroleum and targeted the servers of one of its largest shareholders, Fidelity Investments, to protest Oxy's plans to drill for oil on land sacred to Colombia's U'wa tribe. The FRA claims to have swamped five Fidelity Web sites in one week. The collective has also bombed the Starbucks Web site in a joint action with New York's anticorporate prankster Reverend Billy, and it attacked the IMF and World Bank with a "doodle" tool that pestered the financiers' sites with requests whenever hacktivists scribbled on an electronic whiteboard. Of course, the impact of these virtual sit-ins is largely symbolicmore likely to annoy company webmasters than shift corporate policybut the FRA's Fazter says it's better than doing nothing. "To be creative, or destructive, makes you active," he says, elliptically. "First you draw doodles with no specific aim in mind, and after that you try to draw something else." ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- 'Pecked to Death by a Duck' InfoSec News (Oct 20)