Euro Security Watch with Mathew J. Schwartz

DDoS Protection , Security Operations

Trump Inauguration Protest Seeks to DDoS White House Site

Separately, Anonymous Threatens Trump With 'Regret'
Trump Inauguration Protest Seeks to DDoS White House Site
Warning: DDoS attacks remain illegal. (Image via Protester.io.)

The Jan. 20 inauguration of Donald Trump as U.S. president has led to a call for a mass online protest designed to "occupy" the White House website.

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

"Can't make it to Washington, D.C. on inauguration day to protest Trump's presidency? Don't worry, we can be there virtually," according to a post on protest-organizing Protester.io (the post is currently unreachable) proposed by Juan Soberanis, a San Francisco-based iOS software engineer.

Soberanis has urged others to refresh "www.whitehouse.gov" as often as possible on Jan. 20 to create rolling distributed denial-of-service attacks. "When enough people occupy www.whitehouse.gov the site will go down," he claims.

File Under 'Distributed Denial of Illegality'?

As acts of civil disobedience go, it's not exactly earth-shattering. Furthermore, as a number of security experts have opined, technologically speaking, it's also not likely to be effective, because the White House could just spool up more content management system resources and DDoS defenses if access to the site becomes intermittent. Any inability to access the whitehouse.gov website would also have little real-world effect, since it's purely a public-facing, informational website that has nothing to do with the day-to-day running of executive branch operations.

But what say the people? Crowdsourcing the related ethics question, a poll launched by English security researcher Kevin Beaumont found significant disagreement with the proposal.

More to the point, the legality of what Soberanis is proposing looks highly questionable. In 2013, notably, the Feds charged 13 people with participating in the 2010 and 2011 pro-WikiLeaks Operation Payback DDoS attacks against the Visa, MasterCard and other organizations, which were organized under the Anonymous banner.

The relevant statutes relating to "conspiracy to intentionally cause damage to a protected computer" haven't changed since then. "Participating in a DDoS attack is a crime; regardless if you use a tool, a script, a botnet for hire, or a finger and a keyboard," according to Stephen Gates, chief research intelligence analyst at security firm NSFOCUS.

Not the First 'Free Speech' Attempt

The Occupy White House proposal isn't the first time that someone has tried to interpret DDoS attacks as free speech, which would give attackers First Amendment protection.

Back in 2013, a "We the People" petition filed with the White House - ascribed to "Dylan K" of Eagle, Wis. - sought to make DDoS attacks "a legal form of protesting."

The petition, backed by elements of Anonymous, claimed that DDoS "is the equivalent of repeatedly hitting the refresh button on a webpage ... [and] in that way, no different than any 'occupy' protest." The petition also called for anyone who had been jailed for a DDoS-related crime to be immediately released and their criminal record expunged.

But the petition earned only 6,048 supporters, far short of the 25,000 that would have been required to earn a comment from the White House.

Set Bluster to 'Stun'

This isn't the first time that DDoS attacks have been leveled against Trump's online presence. In March 2016, Anonymous declared "total war" against Trump, then a Republican presidential candidate, as part of Operation Trump, or #OpTrump. Attackers managed to temporarily disrupt several Trump websites on April 1. "Dear Donald Trump, how do you plan to protect the world if you can't even protect something as simple as your websites?" Anonymous asked in a video posted to YouTube.

Now, however, Anonymous is taking a different tack, threatening Trump with "regret" and promising to work overtime to try to unearth compromising materials once he takes power.

Anonymous won't be the only group reviewing Trump's prior dealings. In what may be a parting gift from the outgoing administration, the FBI, NSA, CIA and Treasury Department's financial crimes unit are probing Trump associates' business dealings in Russia, The New York Times reports. It notes that no evidence of any wrongdoing has been found.

Beware 'Weapons of the Geek'

While it's easy to dismiss the Anonymous threats as bluster, it's important to acknowledge that hackers have increasingly transformed our collective political discourse, becoming "authoritative and public participants in our daily geopolitical goings-on," according to anthropologist Gabriella Coleman, who dubs this phenomenon "weapons of the geek."

"We have seen [hackers] ... engaging in politics for a variety of purposes, with a variety of ends in mind: from liberal, civic engagements designed to enhance government statecraft to anarchic attempts to develop software and communities that exist outside of the capitalist economy and its concomitant liberal political institutions," Coleman, who holds the Wolfe Chair in Scientific and Technological Literacy at McGill University, writes in the journal Current Anthropology.

Major examples include WikiLeaks - and the "collateral murder" video that it received from then-Army Private Bradley Manning - and the efforts of Anonymous, as well as former NSA contractor Edward Snowden's whistleblowing.

Who knows what the next four to eight years will bring?



About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.