On Politics, Protests and DDoS Attacks

Pro-democracy Hong Kong protests have been a feature of the mainstream news in recent months. However, it almost passed unnoticed that the Chinese government allegedly launched a distributed denial of service (DDoS) attack against the LIHKG Forum, a social media site that is reportedly used by the pro-democracy protesters to organize their anti-government protests. Though the LIHKG Forum mostly fended off the attack, the huge volume of junk service requests caused internet congestion and overload on the LIHKG server, limiting service availability.

The method used by that state-operated cyber weapon, known as The Great Cannon, is interesting in that it does not harness a botnet to launch its DDoS attacks, which is the most common method used by cybercriminals. Rather, according to Forbes, “The Great Cannon has the potential to be a much more significant threat. It works by hijacking web traffic from users within the boundaries of the government-controlled Great Firewall of China and redirecting that traffic to websites external to it. This is achieved by “injecting” malicious JavaScript code into the insecure HTTP connections of sites visited by Chinese users. This interception allows the operators of the cyber-weapon to target a chosen web resource with a DDoS attack.”

This incident could be considered an act of cyber warfare but, as it was conducted by a government suppressing freedom of discourse and organization among its own citizens, it is not so clear cut. Either way, this type of intervention is unsettling. However, one may find some small comfort in knowing that state-sponsored DDoS attacks against Western democracies have thus far been rare, or unproven. An earlier Forbes article discusses how businesses could suffer collateral damage in a cyber war, and that North Korea, Russia and China are the most likely nation states to launch cyber warfare attacks against Western countries, but thankfully that has not knowingly happened, so far.

However, lone-wolf actors and other non-state cybercriminals have launched DDoS attacks against the websites of political parties and election candidates. In September 2019, Rolling Stone magazine reported that there had been over 800 cyberattacks against political campaigns, parties, and pro-democracy groups around the world in the past year, from phishing emails to malware infections, as well as four DDoS attacks against Bryan Caforio, a California Democrat who ran an unsuccessful bid for Congress in 2018.

As the United States enters a presidential primary season in early 2020, government agencies and political parties should be wary of the potential for cyber attacks (conducted by individuals, hacktivist groups or foreign states) to interfere with the democratic and electoral processes, including launching DDoS attacks on voter registration systems, candidates’ websites, or the actual voting systems. Any organization today, that relies on the Internet, needs real-time, always-on, automated DDoS protection to avoid disruptive and damaging downtime, and that includes those responsible for upholding the democratic process.

For over a decade, Corero has been providing state-of-the-art, highly-effective, automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions deliver protection for on-premise, cloud, virtual and hybrid environments, without the downtime associated with other solutions. If you’d like to learn more, please contact us.

Sean Newman is VP Product Management for Corero Network Security. Sean has worked in the security and networking industry for twenty years, with previous roles including network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.