Táctica

Distributed denial of service (DDoS)

Bees work together to disable a much larger attacker—in this case, two hornets who are engulfed and being heated to death in a “bee ball.” Photo: Takahashi.

¿No ves todo el texto en el idioma elegido? La caja de herramientas evoluciona continuamente y parece que aún no hemos traducido completamente esta entrada. ¡Ponte en contacto para ofrecerte como voluntario para traducir más piezas!

En breve

A coordinated online effort that brings together vast numbers of people to target a powerful entity’s website by flooding it with high levels of data traffic. A powerful means to draw attention to your cause.

Pretty things will swarm you like that, like your heart was a hive of electric bees.

— Katherine Dunn

In January 2019, following a week of protests against raised fuel prices and high living costs, Zimbabweans found themselves facing a government-ordered internet shutdown. Shortly afterwards, the hacktivist collective Anonymous launched #OpZimbabwe, a series of distributed denial of service (DDoS) attacks that took down at least 73 government websites, severely impacting banking and other systems. A similar operation, #OpSudan, also staged a series of attacks against Sudanese government websites, using Twitter to present the Transitional Military Council with an ultimatum: restore internet access immediately or your cyber infrastructure will suffer (see: TACTIC: Hashtag campaign).

Distributed denial of service, or DDoS, is a coordinated swarm that interrupts the operation of powerful targets by flooding their sites with high levels of data traffic. If successful, access to targeted websites is restricted and services are temporarily disabled.

At its simplest, this involves individuals working together to continuously reload a website, thereby aggregating their digital ‘requests’ for access to the site to overwhelm the target website’s resources, forcing it to shut down. The fact that it is distributed, with a large enough number of participants from various locations, makes it extremely difficult to trace back to any one or more individuals.

To be truly effective as a pressure tactic, any DDoS action needs to be embedded within a larger campaign of publicity and messaging.

A successful DDoS can take down websites and servers for hours at a time, which can cause significant loss of revenue for big businesses or reputational damage to government institutions and private companies (see: METHODOLOGY: Points of intervention).

Over the last few decades, DDoS has been frequently used as a tool for online protest. It’s not surprising why: Firstly, participants don’t have to be physically present to engage. Unlimited numbers can take part globally. Secondly, it requires very little technical skill; anyone with a digital device and an internet connection can join or offer up their devices as part of the action while they go about their business elsewhere. Thirdly, it’s low cost with the potential for big impact.

In 1994, the German government began a program to deport asylum seekers and refugees, using Lufthansa flights. The Deportation Class Action campaign, initiated by the Electronic Disturbance Theatre (EDT), coordinated a DDoS with 13,000 online participants, rendering the Lufthansa website inaccessible for short periods of time. The action was carried out alongside stockholder meetings, press releases, and other physical actions, and resulted in drawing enough public attention to the airline’s business that it stopped allowing its flights to be used for deportation purposes (see: PRINCIPLE: Put your target in a decision dilemma).

In and of itself, the Lufthansa action may not have yielded enough pressure to change corporate behaviour, but, when carried out as part of a multi-pronged public campaign focused on a company seeking to avoid negative press, the pressure proved enough to secure victory (see: PRINCIPLE: Create online-offline synergy). To be truly effective as a pressure tactic, any DDoS action needs to be embedded within a larger campaign of publicity and messaging. If the motivations and cause for which you are demanding action are not clearly communicated, simply putting a website out of service temporarily can easily be explained away as a mere technical glitch.

More recently, tactics for carrying out a DDoS have had to significantly evolve to effectively pressure large and powerful targets, which have invested heavily in their digital defenses. As a result, the use of botnets, traffic multipliers, automated tools and other exploits to ‘increase’ numbers — and by extension the technical power of DDoS — are becoming commonplace. Criminal networks have also seized on these tools to extort powerful targets, resulting in many governments treating DDoS “cybercrime” as a felony. This can pose both ethical and legal dilemmas for organizers who may opt to use tools that do not reflect the numbers of real-life participants to the action. What’s worse, a group may find their own online platforms being targeted by large actors with big resources, or find cybercrime law being weaponized against their just cause.

DDoS reflects the double-edged nature of information communication technologies: they can be employed as a tool of censorship to silence public opposition, and they can be used to challenge and resist that censorship (see: TACTIC: Hashtag hijack). DDoS also carries a unique potential for mass participation, offering large numbers of people a meaningful way to climb the ladder of engagement (see: TACTIC: Distributed action).

If attempting a DDoS, it is vital that participants are informed and prepared for the risks they may face individually, as well as the implications for the campaign — including the legal risks participation may entail (see: PRINCIPLE: Take risks, but take care) (see: PRINCIPLE: Escalate strategically). Anonymity is never guaranteed, and the legal risks, as in any act of civil disobedience, should not be entered into lightly.

Ejemplos del mundo real

Thai Netizens Stage ‘Virtual Sit-in’ Against Single Internet Gateway Plan

Tens of thousands in Thailand coordinate a mass-refreshing to disable government websites and protest internet control.