News organisations and independent journalists are frequently the targets of DDoS (Distributed Denial of Service) and message bombing attacks. In this second article of a three-part series on cyberharassment, Reporters Without Borders (RSF) offers preventive measures against these types of attacks.
The websites and mailboxes of news organisations and independent journalists are frequently the targets of cyberattacks, which prevents them from sharing their work and thus has a direct impact on the public’s ability to access information. Here are the two most common group cyberattack techniques:
- Distributed Denial of Service (DDoS) consists of purposely flooding a server with requests until it becomes unstable or no longer accessible. Targeted online media could therefore see their main platform become inaccessible, jeopardising their work and reach. It is specially used against independent media and human rights websites. As an example, the Russian government has been using DDoS to target the websites of Ukrainian news outlets since the beginning of the war in Ukraine.
- Message bombing consists of flooding with thousands of messages a target’s communication channel – like an email inbox of a chat app – until the latter is unable to receive new messages. A common tactic is to use an automated bot to register the target’s email address to thousands of online subscription services, often to hateful or pornographic websites. There are even companies that sell registration emails to paying users for as little as USD 5 for 1,000 email addresses.
Preventive measures
- Avoid displaying one’s email address: To counter message bombing attacks, journalists should try to limit the places they post or enter their email address in plain text online. They should go through old accounts or web pages where their email address may have been listed and try to get it removed, and always be prepared for a potential mail bombing attack by keeping their email services and antivirus software up to date.
- Set up filtering systems: Journalists and media workers should enable filtering systems on their devices to be able to react quickly against group cyberattacks. For DDoS attacks, there are services available that distinguish malicious requests from genuine ones. These include Google’s Project Shield and Couldflare’s DDoS Protection Service. For message bombing attacks, journalists can apply spam filters or block suspicious contacts.
- Report attacks to service providers: When it comes to message bombing attacks, journalists should immediately report it to their email or messaging service providers, and ask them for assistance on how to work around it as service providers have the means to counter and resolve the flooding.
← Read Part 1: Stalking and swatting
→ Read Part 3: Doxxing