Link Search Menu Expand Document
Publications
  1. Phases of DDoS: Technological developments

Phases of DDoS: Technological developments

While shifts in values and organisational forms are key factors in describing the historical development of hacktivism more broadly, Desiriis suggests that

25E. Gabriella Coleman, Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous (London, New York: Verso, 2014); Carolin Wiedemann, “Between Swarm, Network, and Multitude: Anonymous and the Infrastructures of the Common”, Distinktion: Journal of Social Theory 15, no. 3 (2 September 2014): 309-26.

26Romagna, “Evolution of Hacktivism: From Origins to Now”, 72.

27 Finn Brunton, Spam: A Shadow History of the Internet, Infrastructures (Cambridge, Massachusetts: The MIT Press, 2013), 188-190.

28 Lene Hansen and Helen Nissenbaum, “Digital Disaster, Cyber Security, and the Copenhagen School”,* International Studies Quarterly* 53, no. 4 (2009): 1155-75.

29 Romagna, ”Evolution of Hacktivism: From Origins to Now”, 75.

30 In this sense, the DDoS attack against Black Lives Matter mentioned in the beginning fits this description well.

technological developments are central to identifying different phases in the development of DDoS specifically.31

Some of the first political DDoS attacks, such as the “netstrike” against Strano in 199532 and the “Deportation Class” action against Lufthansa in 2001, 33 relied on users who manually and repeatedly sent requests to the targeted server by reloading a website. As Sauter shows, this first phase was quickly superseded by methods where the sending of requests was automatically performed by software such as the Floodnet software used in the Zapatista campaigns.34 Many DDoS actions performed by Anonymous involved a software called the Low Orbit Ion Cannon (LOIC) that, once installed on a user’s computer, could be instructed to send large amounts of requests to a target server. 35

The third phase in Desiriis’ periodisation of the technological development of DDoS is characterised by the increasing involvement of botnets. The most prominent example for this phase is a malware called Mirai, which succeeded in infecting huge numbers of low-end Internet of Things devices, such as security cameras, video recorders and routers, in 2016.36 This botnet resulted in some of the largest DDoS attacks to date, including an attack on DynDNS that caused major websites including Twitter,* The New York Times*, Reddit and Netflix to become inaccessible for several hours at a time. Within the course of a few months, similar attacks based on Mirai botnets were launched against telecommunication companies and media organisations, as well as blogs of individual journalists.37

Functionally, there are similarities between sending requests in an automated way via software like the LOIC and a botnet like the one assembled by Mirai. In each case, a network of computing devices is made to adhere to instructions that are issued from a specific location (a command and control server in the case of botnets, an IRC chat channel controlled by Anonymous in the case of LOIC), which makes it possible

31 Marco Deseriis, “Hacktivism: On the Use of Botnets in Cyberattacks”, Theory, Culture & Society 34, no. 4 (July 2017): 131-52.

32 Sauter, The Coming Swarm, 50.

33 Sauter, The Coming Swarm, 53-54; Ricardo Dominguez, “Electronic Civil Disobedience Post-9/11”, Third Text 22, no. 5 (2008): 661-70, 662-667.

34 Sauter, The Coming Swarm, 109-113.

35 Coleman, Hacker, Hoaxer, Whistleblower, Spy, 133-140; Sauter, The Coming Swarm, 113-133.

36 Garrett M. Graff, “How a Dorm Room Minecraft Scam Brought Down the Internet”, Wired, December 13, 2017, https://www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-theinternet/.

37 Robinson Meyer and Adrienne LaFrance, “When the Entire Internet Seems to Break at Once”, The Atlantic, October 21, 2016, https://www.theatlantic.com/technology/archive/2016/10/when-the-entire-internet-seems-to-break-at-once/504956/.

to synchronise these devices’ resources in order to target a server and overwhelm its capacities. However, while the LOIC, to varying degrees, relied on the voluntary contribution of bandwidth and computing power of those using the software, botnets consist of devices that are used for these purposes without the consent of their owners.

Table of Contents