Cyberattacks on PH group traced | Inquirer Technology

Cyberattacks on PH group traced

/ 05:30 AM August 27, 2021

A Swedish digital forensic group has traced to an Israeli proxy server company a series of sustained cyberattacks since July against rights group Karapatan—an effort estimated to have cost at least hundreds of thousands of dollars, indicating a clear intent to take down the site.

On Thursday, Qurium published a report saying it had reviewed hundreds of servers linked to a wave of distributed denial of service (DDoS) attacks against Karapatan’s website that came from a proxy network operated by Bright Data (formerly Luminati), based in Netanya, Israel.


According to Qurium digital forensics technical director Tord Lundstrom, Bright Data “offers access to millions of proxies and other [information technology] services to mobile operators, data centers and residential buildings … a perfect infrastructure to hide the source of the DDoS attacks.”

Far from cheap

Based on the gravity and frequency of the attacks, Qurium estimated these must have cost around $260,000.


“Luminati traffic is far from cheap. One [gigabyte] of traffic ranges between $26-$35 for mobile proxies and $10-$15 for residential proxies,” it said in its report.

Between Aug. 10 and Aug. 20, the group estimated close to 10 terabyte worth of traffic attack from Luminati.

When Qurium asked the Israeli company for an explanation, it admitted that the IPs involved in the attacks “belonged to Bright Data, [although] we did not find any of them in the requests that were sent to the reported domain.”

It added that it had already blocked the reported domain for all its customers.

Last week, Qurium published a separate report noting a “long-lasting” series of DDoS attacks against Karapatan dating back to July 29.

DDoS attacks operate by overwhelming the target with malicious requests to disrupt normal traffic in the server, service or network.At that time, Karapatan was cohosting the online #StopTheKillingsPH solidarity campaign in the leadup to the first death anniversaries of peace talk consultant Randall Echanis and former Karapatan member Zara Alvarez.

30,000 bots

The attacks were carried out by 30,000 bots, half of which were distributed among Russia, Ukraine, Indonesia and China.


The Quirium report concluded that the attacker/s used several traffic generators to generate random requests.

In a statement, Karapatan secretary general Cristina Palabay condemned the “cowardly cyberattacks” that were “obviously made to prevent the public from accessing our reports on the worsening state of human rights in the Philippines.”

“We know whose interests these attacks serve,” she said, adding that “specifically targeting Karapatan’s online resources only means that these attacks were clearly trying to suppress our documentation and human rights work, and, of course, the people’s right to freedom of information.”

The latest tech news delivered to your inbox

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.
TOPICS: Crime, Cyber attack, Karapatan, tech
Read Next
Don't miss out on the latest news and information.

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

For feedback, complaints, or inquiries, contact us.

Subscribe to our technology news

By providing an email address. I agree to the Terms of Use and
acknowledge that I have read the Privacy Policy.

© Copyright 1997-2021 | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.