Cyberattacks on PH group traced | Inquirer Technology

Cyberattacks on PH group traced

/ 05:30 AM August 27, 2021

A Swedish digital forensic group has traced to an Israeli proxy server company a series of sustained cyberattacks since July against rights group Karapatan—an effort estimated to have cost at least hundreds of thousands of dollars, indicating a clear intent to take down the site.

On Thursday, Qurium published a report saying it had reviewed hundreds of servers linked to a wave of distributed denial of service (DDoS) attacks against Karapatan’s website that came from a proxy network operated by Bright Data (formerly Luminati), based in Netanya, Israel.

According to Qurium digital forensics technical director Tord Lundstrom, Bright Data “offers access to millions of proxies and other [information technology] services to mobile operators, data centers and residential buildings … a perfect infrastructure to hide the source of the DDoS attacks.”

Article continues after this advertisement

Far from cheap

Based on the gravity and frequency of the attacks, Qurium estimated these must have cost around $260,000.

FEATURED STORIES

“Luminati traffic is far from cheap. One [gigabyte] of traffic ranges between $26-$35 for mobile proxies and $10-$15 for residential proxies,” it said in its report.

Between Aug. 10 and Aug. 20, the group estimated close to 10 terabyte worth of traffic attack from Luminati.

Article continues after this advertisement

When Qurium asked the Israeli company for an explanation, it admitted that the IPs involved in the attacks “belonged to Bright Data, [although] we did not find any of them in the requests that were sent to the reported domain.”

Article continues after this advertisement

It added that it had already blocked the reported domain for all its customers.

Article continues after this advertisement

Last week, Qurium published a separate report noting a “long-lasting” series of DDoS attacks against Karapatan dating back to July 29.

DDoS attacks operate by overwhelming the target with malicious requests to disrupt normal traffic in the server, service or network.At that time, Karapatan was cohosting the online #StopTheKillingsPH solidarity campaign in the leadup to the first death anniversaries of peace talk consultant Randall Echanis and former Karapatan member Zara Alvarez.

Article continues after this advertisement

30,000 bots

The attacks were carried out by 30,000 bots, half of which were distributed among Russia, Ukraine, Indonesia and China.

The Quirium report concluded that the attacker/s used several traffic generators to generate random requests.

In a statement, Karapatan secretary general Cristina Palabay condemned the “cowardly cyberattacks” that were “obviously made to prevent the public from accessing our reports on the worsening state of human rights in the Philippines.”

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

“We know whose interests these attacks serve,” she said, adding that “specifically targeting Karapatan’s online resources only means that these attacks were clearly trying to suppress our documentation and human rights work, and, of course, the people’s right to freedom of information.”

TOPICS: Crime, Cyber attack, tech
TAGS: Crime, Cyber attack, tech

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.