Black Lives Matter Website Saw Over 100 DDoS Attacks in Seven Months
In the last year, blacklivesmatter.com has seen a spate of cyber attacks with thousands of zombie machines.
Image: Gerry Lauzon/Flickr
When members of the Ghost Squad hacking collective first targeted blacklivesmatter.com in April, under their self-proclaimed #OPAllLivesMatter, it was just the beginning.
Black Lives Matter has inserted itself in the centre of a national conversation about race, racism, and policing, and that's made it a target for various internet activists and trolls looking to prove a point.
According to a new report published Wednesday, the Black Lives Matter website has seen more than a hundred separate Distributed Denial of Service (DDoS) attacks launched against its website over just seven months this year, most coming from a loose-knit group of cyber activists who have insisted that the group denounce "anti-white racism."
The report was published by Deflect Labs, a Montreal-based DDoS mitigation service that helped protect the Black Lives Matter site from a volley of attacks.
When those attacks first began, they garnered some media attention, but barely registered as a blip on the site's traffic. It wasn't until this summer that the Black Lives Matter website began to come under heavy fire.
By July, "the severity and sophistication increased several fold" and the site saw more than 30 million malicious connections over just 24 hours, according to the report.
Deflect Labs traces much of the malicious traffic back to botnets and malicious scripts run by the Ghost Squad hacking collective, who very publicly denounced Black Lives Matter. But, Deflect writes, their efforts were largely futile.
"Some methods...appear to have been coordinated, whilst in other cases it was clear that many actors jumped on the bandwagon of a more powerful attack to claim some of the credit. These small, loosely organized mobs appear minutes to hours after the start of the original attack and lob a hodge-podge of various attack methods, often to no effect," the report reads.
Cheap DDoS attacks can be organized with relatively little effort, and cost only a few dollars.
Two of the most vocal Ghost Squad members, it says, were responsible for "less than 20 percent" of the attacks. The report suggests that it may have been just one user may have been responsible for five attacks, spanning July to October, that deployed bot swarms to bring huge spikes in traffic to the site.
"We noticed a sophisticated actor who was able to generate malicious traffic on a level beyond anyone else that we documented targeting BLM," the report reads.
DDoS attacks are generally more nuisance than nefarious, and usually serve as a channel of protest for online activists and trolls—Anonymous used the medium to target Scientology and the NSA, while others have used it to simply knock off internet service in entire areas altogether.
The attacks rarely compromise personal information or sensitive data from the websites.
Nevertheless, DDoS attacks can be inconvenient and costly. Hosting companies could hike costs to clients who face the attacks, or drop them as clients altogether. The attacks could also damage or corrupt data on the site's servers.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.