History of DDoS: from digital civil disobedience to online censorship

Short thesis

Deflect has been at the forefront protecting human rights and independent media organizations from Distributed Denial-of-Service attacks. We will give a brief history of DDoS, from digital civil disobedience, to inter-state aggression, retaliatory hacker operations, and online censorship. Leaning on real-life cases we will describe the problems posed to civil society by DDoS actions today. We will involve the audience to share their experience of DDoS and propose community driven solutions.


During this session we will offer a short history of DDoS – from the Zapatistas’ use of Floodnet and the “Netstrikes” and “Virtual Sit-Ins” at the turn of the millennium, to Anonymous’ campaigns and political actions against Estonia, Georgia and Ukraine, up to more recent and disruptive episodes like the attacks against Krebs on Security and Dyn. A description of 3 case studies reported by Deflect Labs in 2016 – targeting an independent news site in Ukraine, the website of the Palestinian global campaign BDS Movement and the official website of Black Lives Matter – will illustrate how DDoS is being used by governments, local authorities and hacker crews alike to censor critical voices online. Beyond the hype generated by Mirai and other software for managing botnets, launching a DDoS attack is becoming easier and cheaper by the day, and the risk of a “democratization of online censorship”, as Brian Krebs has called it, is growing.

Even if websites of independent media and civil society organizations can be protected by free DDoS mitigation infrastructures like Deflect.ca, the protection measures these services can offer have their limits, and it’s important to explore solutions based on community action.

This session will aim at starting a conversation with groups that are particularly vulnerable to DDoS attacks, to find common ground in solidarity against the threat of DDoS-based censorship. How big are the risks? What are our needs before, during and after the attacks? How can we defend ourselves and band together to do so more effectively?

During the second part of the session the public will be invited to share their experiences of DDoS attacks, those at risk of attack to discuss their needs, and those in a position to help to consider how we can collaborate.

The purpose of this session is to gather information on our community’s needs and capabilities and to start developing standards for threat-intelligence sharing among peers and participants of re:publica.