So let’s say you’re a New York–based publication which has just published the words and portraits of 35 women who have accused Bill Cosby of rape — on your cover no less. Then a hacker decides to launch an all-out distributed denial of service (DDoS) attack, bringing your servers to their knees. The first reports suggest it’s not even because the hackers object to your story — it’s because one time they went to new York (their preferred capitalization) and got “pranked” and have decided to exact revenge by taking down all Internet entities with the city in the name. Okay. (Though later it will come out that a member of the hacking group knew one of “them females” on the cover.)
That’s the day that New York magazine is having today. Happy Monday everyone. (Also: is this one of those let’s-send-pizza times?)
So what do you do? How do you direct readers to find the piece when you no longer have a website? For New York, it was complicated. First there was the announcement of technical issues:
Six hours later, with the site still not back up, it started implementing a strategy to make the story more visible on its other social media platforms, starting with Instagram:
Beginning with two of the women’s testimonies, New York then worked to put more and more up on its Instagram feed, announcing each on Twitter as the testimonies went up.
At around 12:30 p.m. Monday, with the site still down, New York announced it had republished the article in full on Tumblr.
Throughout all, there was a sense that this was not a story New York was going to allow to be suppressed:
Finally, around 2 p.m., the site was back up.
How did this happen? A DDoS attack is when a bunch of computers all target one server in a short span of time. The intent is to overwhelm the server so it’s unable to serve the content requested. The intention is to shut down the site, which is what happened to New York.
According to researcher Molly Sauter, author of last year’s The Coming Swarm: DDOS Actions, Hacktivism, and Civil Disobedience on the Internet, there are a variety of DDoS mitigation tactics available to those targeted. “DDoS attacks come down to the idea that there is too much water in your bucket and you have to get it out.” To do that, says Sauter, a news organization might try to get the water out by essentially creating a giant sponge: “One way is to get as many servers as possible mirroring the content, and soak up the excess traffic.” Private companies like Akamai rent their services for this to companies, though not for cheap. Another method is to try to pinpoint where the traffic is coming from and block it. However, says Sauter, “in the case of a distributed denial of service, the traffic may be coming from machines that are themselves geographically distributed,” making this exceedingly difficult.
DDoS attacks are not particularly hard to launch and require relatively little technical know-how or money to start. One popular (and effective way) to launch an attack is to rent out a bot net for $20 or so — or less on bitcoin. A bot net uses the unwitting power of thousands of compromised machines to launch the requests that make up DDoS attacks. Because they’re relatively unsophisticated, DDoS attacks have become a vector of choice for activists as well as people just looking to “fuck shit up,” says Sauter. While there are no real numbers available on what share of DDoS attacks are launched against news organizations, Sauter says that the attacks in general are getting bigger as the bots are getting bigger.
What can newsrooms hoping to avoid the kind of day that New York is having today do? Unfortunately not much, says Sauter. “This is like someone buying out the entire print run of New York magazine, for the same reason — that they didn’t want anyone to see the cover. Unfortunately, this is a case where some hacker wanted to do something, and unfortunately it coincided with a day when New York magazine wanted to do something bigger.”