Largest ever DDoS attacks carried out on Hong kong’s Democracy Moments
Looks like Hong Kong’s protest against its government isn’t just limited to its streets. Its effects are being felt on the world wide web as well with reports emerging that a DDoS attack on a scale never before imagined has been carried out against media houses in the city state. The distributed denial of service (DDoS) attacks have been carried out against independent news site Apple Daily and PopVote, which organised mock chief executive elections for Hong Kong. Now the content delivery network Cloudflare, which protects Apple Daily and PopVote, says the DDoS attacks have been unprecedented in scale, pounding the sites with junk traffic at a remarkable 500 gigabits per second.
DNS Attack
What is striking about these attacks is the way they are being carried out. The attack involves bombarding DNS servers. A DNS server is responsible for taking a request from a user fro a website, resolving it and forwarding the request onto the website. What has happened in this attack is, the attacker/attackers have been bombarding the DNS servers with multiple request for these specific sites, which is ensuring that the DNS server resolves every request. “We’re seeing over 250 million DNS requests per second, which is probably on par with the total DNS requests for the entire Internet in a normal second,” said Prince.
Largest ever in history
The distributed denial of service (DDoS) attacks have been carried out against independent news site Apple Daily and PopVote, which organised mock chief executive elections for Hong Kong. Now the content delivery network Cloudflare, which protects Apple Daily and PopVote, says the DDoS attacks have been unprecedented in scale, pounding the sites with junk traffic at a remarkable 500 gigabits per second. It’s been “many times larger” than the Spamhaus cyber attacks last year that were credited with slowing down Internet speeds across the globe, and which saw 300 Gbps of attack traffic. The record since then had been a 400 Gbps DDoS attack in Europe, reported in February.
“[It’s] larger than any attack we’ve ever seen, and we’ve seen some of the biggest attacks the Internet has seen,” said Cloudflare CEO Matthew Prince in a telephone interview. Cloudflare provides DDoS protection service for Apple Daily and PopVote, the Hong Kong site which held an unofficial civil referendum on extending suffrage rights to Hong Kong.
Response
Though 500 Gbps is a very huge number, it has forced some ISPs like Virgin Media in the UK, to bow down to the attacker’s wishes. Virgin Media has on its own, blocked access to these sites to avoid the extra pressure on its servers. Just to put things in perspective, the amount of requests coming onto the system is the same amount of requests made across the entire internet at any point of time.
It’s perverse because it means that even though the PopVote infrastructure and Cloudfare were able to defend the attack, there were still some ISPs around the world who were blocking access to the site. It’s safe to say the attackers are not sympathetic with the Hong Kong democracy movement, but I don’t think we can necessarily say it’s the Chinese government. It could very well be an individual, or someone trying to make the Chinese government look bad.”
The worrying trend about such attacks, feels Prince, is that it can act as an inhibitor for the internet to be the unbaised medium it has always been. It might force websites to rely on firewalls and other protective mechanisms themselves. “The thing that’s great about the Internet is you can be a protestor in Hong Kong and tell your story in New York or London,” says Prince. “There’s no technical solution that Cloudflare can create to solve this problem unless we re-architect the Internet.”
