DDoS attacks target the Philippine human rights alliance Karapatan

The Philippine human rights alliance Karapatan has suffered a massive and prolonged Distributed Denial of Service (DDoS) attack, Qurium organizations linked it to the local government.

For the past three weeks, the Philippine human rights alliance Karapatan has suffered a heavy and sustained DDoS attack. The attack comes only a month after the waves of DDoS attacks targeting the alternative media outlets Bulatlat and Altermidya, which Qurium could link to infrastructure controlled by the Philippine government and army.

The DDoS attacks are taking place amid the online solidarity campaign #StopTheKillingsPH co-hosted by Karapatan, which marks one year since human rights organizations and advocates across the world asserted the call to stop the killings in the Philippines and to prosecute President Rodrigo Duterte for his crimes against the Filipino people. The event also marks one year since the killing of human rights worker Zara Alvarez, that was an active member of Karapatan.

High level overview of traffic to Karapatan during the attack

Karapatan Secretary General Cristina Palabay states: “These new series of cowardly cyber attacks against our website were obviously made to prevent the public from accessing our reports on the worsening state of human rights in the Philippines — and we know whose interests these attacks serve.”

In the spirit of changing the landscape of commercial denial-of-service mitigation services where forensics knowledge is kept private, Qurium has decided to disclose how we fingerprinted and mitigated the DDoS attacks with the hope that other organizations can learn from our experience, and in solidarity with human rights organization and independent media that do not have the resources to mitigate and attribute targeted attacks.

Qurium’s forensics report reveals that the attack is proxied via 30,000 bots distributed in Russia, Ukraine, Indonesia and China. The attacker has modified the attack strategy a number of times during the past weeks, which illustrates his dedication to the task. However, Karapatan has not suffered any downtime during the heavy attacks and the website operates as normal.

Qurium’s forensics report compiles the technical findings about the infrastructure and techniques used to launch the attacks against Karapatan.

Qurium forensics report:
Human rights alliance ‘Karapatan’ under long lasting DDoS attack

About the author: Qurium Media Foundation is a Swedish non-profit digital security solutions provider, supporting independent media and human rights organizations in repressive regimes. Learn more at qurium.org or Twitter.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.