MANILA, Philippines — As the Cybercrime Prevention Act goes into full effect on Wednesday, October 3, local hacktivist groups changed their mode of protest by launching Distributed Denial-of-Service (DDoS) attacks against several government websites.
As of early Wednesday morning, government websites such as that of the National Bureau of Investigation, Department of Foreign Affairs, Department of Health, Senate, Social Security System, and the Official Gazette were rendered inaccessible to Internet users.
Malacañang, however, denied that the Official Gazette was a victim of a DDoS attack, saying heightened interest for the controversial bill was the reason for the surge in the website’s server requests.
“Folks, according to @govph team, they had to tweak some server settings to optimize site to accommodate the surge in traffic,” Deputy Presidential Spokesperson Abigail Valte tweeted. “Interest in full text of RA10175 mostly driving traffic.”
On its Facebook account, PrivateX, one of the local hacking groups responsible for defacing government websites in the past week, posted a DDoS tool where interested Internet users can jump in and join in overwhelming government servers.
“Let’s support anonymous, if you have your vpn with you.. turn it on
kung wala po kayong vpn, it’s a dare to us netizens. it’s like sacrificing for our country,” the group said.
DDoS is a form of cyber attack used by hacking groups to take down particular websites, which involves overwhelming the website’s server by executing external commands from a number of terminals, subsequently crippling the server indefinitely.
Unlike site defacements, DDoS attacks leave no trace of intrusion into the website and are virtually untraceable because it uses a huge number of computer systems and users to carry out the attack.
This means that by making the tool available to the public — and encouraging them to use a Virtual Private Network to mask their true IP address and location — the hacktivist groups could have several computers on its employ to overwhelm government website servers.
As of posting time, the official website of the President has installed an anti-DDoS tool after going down and being rendered inaccessible earlier in the day. The DDoS tool is currently targeting the website of Senator Vicente Sotto III, the one who allegedly inserted the libel provision in the controversial law.
While the new law punishes misuse of devices for purposes of a DDoS attack, having a distributed network of systems used for the attack means law-enforcement agencies would have a harder time going after its originators.
The same method was used by international hacking group Anonymous in crippling the services of Mastercard, Visa, and PayPal in late 2010, after the three companies blocked people from donating to WikiLeaks, a group that leaked confidential US government communications.
The government had earlier denounced the defacement of government websites by local hacking groups, saying they do very little in terms of making their issues known.
“There are proper avenues for expressing their indignation rather than committing cybercrime to protest a bill that aims to prevent cybercrime,” said Information and Communications Technology Office (ICTO) Executive Director Louis Casambre.
“[The defacements] underscore the existing vulnerabilities in some government websites that need to be addressed in a national cybersecurity plan,” Casambre added. “In the meantime, we would like to request our government systems administrators to review their own policies and utilize industry best practices when it comes to cybersecurity.”
Signed into law by President Benigno Aquino III on September 12, the Cybercrime Prevention Act of 2012 seeks to curb the increasing incidents of cybercrimes in the country, particularly those involved in organized cybercrime syndicates.
Violators face a punishment of prison mayor or reclusion temporal and/or a fine (between P200,000 to P1,000,000) depending on the offense as stated under the new law.
Aside from defacements and DDoS attacks, protests against contentious provisions of the Cybercrime Law took the form of black-out campaigns in social media sites as well as street protests in the Supreme Court.
source: interaksyon.com
