Skip to main content

Black Lives Matter is a key movement in the response against police abuse, brutality and misconduct. Since 15 April 2016, the Black Lives Matter (BLM) website has been protected by Deflect, a program made available by Canadian APC member organisation eQualit.ie, following a spate of distributed denial of service (DDoS) and hacking attacks. Deflect is a website security project laying the groundwork for open source community-driven intelligence on botnet classification and exposure.

A new report released by eQualit.ie covers attacks against the BLM website between 29 April and 15 October 2016. Over this seven-month period, more than a hundred separate denial-of-service incidents were recorded. The report reveals a variety of technical methods used in attempts to bring down this website, and notes that the characterisation of these attacks points to a “mob” mentality of malicious actors jumping on board in response to callouts made on social media and covert channels. The report also highlights the usage of no-questions-asked-hosting and booter services used by malicious actors to carry out these attacks.

Silencing online voices is becoming ever easier and cheaper on the internet. The biggest attacks presented in this report did not require expensive infrastructure, they were simply reflected from other websites to magnify their strength. “We are beginning to see authorities pursue and shut down ‘bulletproof’ hosting and booter services that enable a lot of these attacks, yet more needs to be done,” the report notes. “In the coming age of IoT [internet of things] botnets, when we begin to witness attacks that can generate over a terabyte of traffic per second, the mitigation community should not guard their intelligence on malicious activity but share it, responsibly and efficiently.”

The full report is available here .