DDoS applications becoming democratized, tools of protest

In a presentation at SOURCE Boston, Dr. Jose Nazario of Arbor Networks stated that DDoS applications are moving from the domain of trained attackers to tools for the average person to voice a political statement. During his presentation, Nazario covered the major political DDoS events from the past 10 years, starting with DDoS attacks focused on NATO during the Kosovo campaign through the recent past's events in Georgia. One can conclude from the presentation that the attacks are either being enacted by non-regular militias and citizen armies that are being motivated by central governments or by grassroots groups protesting a significant geopolitical touchstone, such as the outcome of certain events in the Olympics. The story that was the most surprising to me was the ease of use of the tools used to wage the attacks.

While we may believe that political DDoS attacks are being waged by centrally controlled botnets, the reality is that there is a large amount of end-user complicity. The parties waging the DDoS attack are arming their militias with DDoS applications. Just like in the real world, arming a citizen militia requires easy to use weapons, and over time the weapons are becoming increasingly easy to use. The first political DDoS attacks consisted of message board posts asking individuals to run a Microsoft batch script containing a series of ping commands. The most advanced attacks consist of webapps that fire off AJAX requests against a targeted site and compilers that allow actors to create custom applications for the sole purpose of DDoSing a specific target.

When pressed, Nazario would not comment on the prevalence of such tools amongst domestic political groups, but I think we would be naive to believe that populist DDoS attacks are not occurring in the western world. Like many things, it is only a matter of time until it becomes an issue in the United States.