Distributed Denial of Service (DDoS) attacks against Hong Kong websites increased a whopping 111% from September to October as pro-democracy protests in the Special Administrative Region of China took hold, according to Arbor Networks.
The DDoS mitigation firm’s Security Engineering and Response Team (ASERT) consulted anonymized data generated by its ATLAS network of 290 ISPs worldwide running Arbor products.
It found that observed attacks against Hong Kong-related online properties jumped from 1,688 in September this year to 3,565 in October.
ASERT threat intelligence and response manager, Kirk Soluk, explained in a blog post that while establishing definitive causal relationships and attribution is tricky, DDoS attacks appear to have become the “new normal” in countries experiencing political unrest.
“In this case, we observed a 111% increase in the number of DDoS attacks targeting Hong Kong-related internet properties when analyzing the months immediately before and after protester demands, on October 1, for Hong Kong’s chief executive to step down,” he added.
“Additionally, large-scale DDoS attacks were observed targeting Hong Kong-related internet properties that coincide with reports of debilitating disruptions of online media outlets sympathetic to the protest movement.”
These online media outlets included most notably Next Media, run by outspoken Beijing critic Jimmy Lai, and its popular Apple Daily publication.
In this case the large DDoS on its site coincided with reports of anti-protest crowds physically trying to prevent distribution of the Apple Daily newspaper and of a simultaneous cyber-attack which took the company’s email system out for hours.
Arbor may have had trouble with attribution but security vendor FireEye recently claimed that the attack infrastructure used to launch the DDoS campaigns could be linked to that used by likely Chinese state-backed APT activity such as Operation Poisoned Hurricane.
As for the future, Arbor is predicting that November is already shaping up to be another big month for DDoS attacks in Hong Kong, as the protesters continue their campaign for true democracy in the former British colony.
The firm said it recorded peak DDoS sizes of 30Gb/s on four consecutive days this month, for example.