As Hong Kong Occupy Central protests continue to grow, so does an online battle. The largest cyber attack in history has been carried out against independent media news sites in Hong Kong over the past months, according to the security firm behind them.
The massive Distributed Denial of Service (DDoS) attacks have been carried out once again towards independent media sites Apple Daily and Popvote, sites that organized mock chief executive elections for Hong Kong. Cloudflare, the web performance company with added security benefits who protects the two sites, Apple Faily and PopVote, says the DDoS attacks have been unheard of in terms of size, spamming the sites with faulty web traffic at a record breaking 500 gigabits per second.
The latest cyber attacks towards these companies are off the chart in terms of size, seeing as last year the largest DDoS attack we saw was 300Gbs. Then earlier this year a 400Gbs DDoS attack was launched, affecting U.S. and European victims.
“[It’s] larger than any attack we’ve ever seen, and we’ve seen some of the biggest attacks the Internet has seen,” said Cloudflare CEO Matthew Prince in a telephone interview with Forbes.
This is not the first time PopVote has suffered record breaking DDoS attacks, PopVote suffered one of the largest DDoS attacks back in June, and attackers have since moved to Apple Daily, evolving in their ability to spam the websites with faulty traffic. The spammers behind the attack are employing at least five botnets worth of power.
Forbes reports that though the 500Gbs attack is extreme in size, attackers are making it harder and harder for internet service providers to distinguish legitimate visitors from spam traffic.
Due to the endless attacks, some internet providers, in particular Virgin Media in the UK, have actually blocked access to the pro-Hong Kong protest sites to protect their own infrastructure from being abused, something Prince says he has never seen before.
“It’s perverse because it means that even though the PopVote infrastructure and Cloudfare were able to defend the attack, there were still some ISPs around the world who were blocking access to the site.”
Who is behind the attack currently?
Many were quick to point fingers towards the Chinese government, but CloudFlares CEO says he doesn’t know if that’s the case, citing last year’s attack on Spamhaus, the spam filtering company whose service was taken offline by a lone teenager in London.
“It’s safe to say the attackers are not sympathetic with the Hong Kong democracy movement, but I don’t think we can necessarily say it’s the Chinese government. It could very well be an individual, or someone trying to make the Chinese government look bad.”
Attackers have had large success in launching DNS amplification and reflection attacks on the Hong Kong sites, allowing hackers to achieve high volumes of network traffic.
Attackers have begun flooding the DNS services linked to the Hong Kong sites, in hopes of overwhelming the server forcing it offline. As ISPs are forced to look up the IP address in the DNS infrastructure, providers like Virgin Media have blocked all connections, even legitimate requests to the sites.
“We’re seeing over 250 million DNS requests per second, which is probably on par with the total DNS requests for the entire Internet in a normal second,” Prince reported.
Due to the amass of requests, CloudFlare has individually contacted dozens of ISPs located in Hong Kong and around Asia, explaining that the attackers are targeting the internet’s DNS infrastructure, giving them steps they can take to “hard-code their responses,” allowing only genuine visitors to access the sites.
Such attacks ultimately threaten the Internet landscape, and threaten the flow of information. Some experts warn DDoS attacks could reach unsettling rates of 900Gbs by 2015, only increasing the risk of cyber threats.
“The thing that’s great about the Internet is you can be a protestor in Hong Kong and tell your story in New York or London,” Prince said. “There’s no technical solution that Cloudflare can create to solve this problem unless we re-architect the Internet.”