Security threats Toolkit

Fur trade activists planning DoS attack

Tags:
Denial Of Service,
Dos,
Fur Trade,
Hacking

Dan Ilet ZDNet.co.uk

Published: 25 Jan 2005 16:30 GMT

Fur trade protestors are planning to launch a denial-of-service (DoS) attack against the fur industry on Valentine's Day.

A group dubbed "Electronic Civil Disobedience" (ECD) has pledged to flood the email systems of unspecified organisations in the fur industry by sending emails for several days.

The plan exploits the ambiguity surrounding DoS attacks. Experts say they aren't explicitly illegal under the current law, leaving companies open to attack.

On the ECD Web site, protestors wrote: "In the action on 14 February 2005 the "Protest Online Chat" will be employed. As in a chat forum, people can talk to each other via the internet. But in the background, for every word typed, an e-mail will be sent to a chosen target. The more people who participate and the more text sent over this chat, the more mails will reach the target. In this way, their email system will be flooded and hopefully completely blocked."

The protesters appear to be developing a software tool to enable the online chat to send emails. In a later section on their Web site, they said:

"On the morning of the 14 February 2005 the link to the online chat will be opened on the website www.ecd-fur.com. Here all further steps will be clearly explained. Apart from that you will need "Macromedia Shockwave Player".

ECD claims that people who take part in this DoS attack will not be breaking the law.

"Electronic civil disobedience is not illegal. And that will continue to be the case for now. It is practically impossible to bring to account hundreds of online activists who are strewn across the world. It's also not about not taking responsibility for our own actions. People who participate in civil disobedience know what they're doing and are proud of it."

Last year, Lycos' Make Love Not Spam campaign highlighted that DoS attacks are not covered by British law. The government has indicated that it wishes to update the Computer Misuse Act to make launching these attacks a defence, but at present companies may have trouble in prosecuting anyone who starts DoS attacks.

"The Lycos thing has shown a lack of ability [in the law] to prosecute for DoS attacks," said Mark Smith, solicitor for Olswang, back in December 2004.

"You would struggle under current laws to bring a case against someone. The problem is that DoS attacks cross jurisdictions."

Security company MessageLabs has been watching the ECD Web site develop. Paul Wood, chief information security analyst, said that this is one of the first cases that public organised groups, as opposed to hackers, are to use DoS attacks in a political campaign.

"It's a grey area," said Wood. "When this happens it could be interesting. Hacking and virus attacks are illegal. DoS attacks are going down the same path. But I don't know if the attacks are against fur traders or just all people in the fur industry."