Search Mailing List Archives
[liberationtech] Message from Ricken on Avaaz cyberattack
jim at media.mit.edu
Tue May 8 11:51:04 PDT 2012
Having dealt with these problems at various scales (but perhaps not at this scale-the facts are fuzzy) i am made very uneasy by the amount of money that is claimed both spent and additionally necessary for "DDOS protection." Those would be appropriate sums to pay an extortionist as "protection money" but they seem to be talking about technology spending here, and the whole story is just too much hyperbole and not much that seems reasonable at any scale, particularly the overt declaration that "DDOS protection" (whatever that means) is a linear function of money applied ( above a threshold that imo should have been passed several tens of thousands of dollars ago)
Yosem Companys <companys at stanford.edu> wrote:
Message from Ricken on Avaaz cyberattack:
Hi all - I've heard there's some concern on your list about Avaaz's DDoS trouble. Thanks so much for the offers of help, much appreciated and I know some of you have been great allies in the past, but I think we've got great people working on it and the attack ended last week. Also surprised to hear some of you thought we made this up! If you want to ask a third party, Datagram, Arbor Networks and to lesser degree Croscon were the three groups involved that we asked for advice and help from.
The other concern I heard is, was this an exaggerated fundraising ploy? Datagram told our tech team it was one of the largest attacks they'd seen, and if we hadn't just 8 weeks ago spent $35k on much fancier DDoS protection it would have completely disabled our site for days. They also said the attacker was constantly adapting to our defenses, the attack was surprisingly sustained, and a key origin appeared to be Amsterdam where we were told some groups for hire operated from - suggesting someone was paying for this. All that triggered our level of concern in writing the fundraiser. Over the last 6 months, we've grown by an average of almost 300,000 people per week, so being disabled for a few days can be super costly. When we brought the guys from Arbor Networks in, they dialed down the concern a little bit, questioning the amsterdam part, and saying it was bigger than the large majority of DDoS attacks, but much larger ones were possible. But that last bit also dialed up ou
concern, because we knew we were at the limits of what we could handle and we didn't have budget for more. That had been the main reason for the fundraiser.
And yes, of course we need the money - both for more DDoS protection and also for ramping up our tech security across the board - there was a short list of things in the email. That list also dealt with a wider range of needs, including the physical security of our staff in places like Russia and Lebanon, which also has a tech security component to it. Our community was extremely supportive so we ended up raising more than we need immediately, but this is the first appeal like this we've done in 5 years and we probably won't do another for a long while, so the money has to last. That's part of how online organizing works - you leverage bursts of engagement with particular campaigns and issues to support longer term objectives sustainably. If we find that our plans mean we don't anticipate using a lot of the money for the purpose raised, we email the donors and ask them to either request a refund or tell us what we can use the remainder of the funds for.
Hope that helps, and I hope you'll forgive us for a few days delay in replying and not being able to engage and collaborate with you all like we would if we were more a part of your community. We have a small team working in a dozen languages with staff spread across the world, and cover an enormous number of issues in an enormous number of countries. We run about 10-14 campaigns per week, and every campaign we run has a relevant civil society community and often several in different countries (e.g. a French tech community is also demanding our engagement on this one, and even threatening us with a DDoS attack if we don't!). So while I am told that you have norms about collaboration and engagement among you, I regret that we can't follow them. Hope you'll forgive us and judge us by the quality of our work over time. Good luck to you with yours.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech