Bonum Certa Men Certa

Cyberattacks on SUEPO Server Raise More Questions

World Cyber Games 2004



Summary: Several sites that are critical of the EPO's management seem to have become prominent targets of 'script kiddies'

Cyberattacks are a tricky thing to tackle. Systems analysis is hard because of the topology of the Internet (hopping possible, no fixed addresses, etc.) and administrations know the absolute limitations because other than pattern spotting not much can be done, especially when it comes to spotting the source of such attacks in a world full of zombies, botnets, and other consequences of back doors in Internet-connected proprietary software.



Last year our multi-layer servers infrastructure came under attacks which targeted both Tux Machines and Techrights. It started around the same time we published the EPO revelations, so when the webhost asked me if I could think of anyone who had the motivation to attack I said that I could think of nothing except the EPO series (although I was very hesitant to assume the EPO would resort to such attacks). These attacks lasted several months, often coinciding or intensifying with our release of EPO-related documents. Tux Machines does not have enemies because it mostly syndicates news.

"Maybe all these attacks are just a mere coincidence without correlation, but the fact remain that many critics of The EPO’s Vice-President Željko Topić suffer one way or another."Several months went by and another Web site critical of the EPO (especially the Vice-President, Željko Topić) said it had been cracked. Weeks later we learned that another such site, also critical of the EPO's Vice-President, feared retribution and decided to delete documents relating to the EPO Vice-President (knowing that he not only berates but also bullies his critics using lawsuits and apparent requests for removal/apology). Last week we learned that SUEPO, which is the staff union of the EPO (known for criticism of the EPO's notorious Vice-President), had been "cracked" based on some sources. That claim may not have been accurate because based on the following text, which appeared yesterday on the SUEPO Web site, it was a DDOS attack combined with/related to brute-force cracking attempts. "We don't have any more details beyond this," told us the source who passed us the following text (statement from SUEPO):

"The SUEPO websites were unreachable on Thursday 5 February 2015 because of a cyber attack (of the Denial of Service type). The attackers also attempted an SSH brute-force attack to take control of the server. Such attacks constitute a violation of law and SUEPO has filed criminal charges against unknown and will cooperate with the German and Dutch authorities, who are now investigating the matter."

Some comments (scroll down) in IPKat say that many of the offending addresses are in Belgium, but many are also in east Asia.

On Sunday we published an important batch of documents about the EPO's notorious Vice-President, whereupon over 50,000 cracking/login attempts were made in just 15 hours, bringing the site down for periods of time. This is not normal. Remember that when the EPO's management does not waste money 'planting' articles in the media and bullying staff it is paying a Stasi-like unit to conduct surveillance on staff. Such units have no ethics whatsoever, so consider what they're after (e.g. harvesting of IP addresses).

Maybe all these attacks are just a mere coincidence without correlation, but the fact remain that many critics of The EPO’s Vice-President Željko Topić suffer one way or another. We are not going to be intimidated by legal threats or technical sabotage and as a result of these recent events we are encouraged to actually speed up release of incriminating/damaging documents, irrespective of who's behind these attacks.

Comments

Recent Techrights' Posts

Invidious Seems to be Nearing 'End of Life' After Repeated Crackdowns by Google/Alphabet/YouTube
To Free software users, YouTube ought to become a "no-no"
Links 03/10/2024: Climate Issues and Tensions in East Asia
Links for the day
Like a Marketing Department of Microsoft, Canonical Sells Back Doors and Surveillance as "Confidential" and "Hey Hi" (AI)
Notice how Canonical has made no statement critical of Microsoft for years
Gemini Links 03/10/2024: Frozen Tofu and SGI O2
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 02, 2024
IRC logs for Wednesday, October 02, 2024
Links 02/10/2024: Microsoft Spying on Windows Users Grows, Microsoft's Surveillance Arm LinkedIn Used to Highlight Employment Crisis
Links for the day
Links 02/10/2024: Students Who Can’t Read Books and Dead Butt Syndrome
Links for the day
Gemini Links 02/10/2024: GNU/Linux Distros, Flat-File Databases, and How the Web ate Gopher
Links for the day
Technology: rights or responsibilities? - Part II
By Dr. Andy Farnell
A Cost-Free Bribe From Microsoft
Daniel Stenberg is not dumb, but he seems rather gullible or unprincipled
Plans for the Site's 19th Year
Like TechDirt, we expect to devote more efforts/time to covering free speech online
Network Getting Faster
Loading up the site in 0.077 seconds
The Manchester Experience
Yesterday Tux Machines served 436,897 Web hits
If Red Hat Has Mass Layoffs This Year, Nobody Will Tell You About It
We seem to have entered a strange quasi-cosmic era wherein layoffs aren't disclosed anymore and news sites don't bother to report them, either
IBM, Kyndryl, Subsidiaries (Like Red Hat) and Silent Layoffs
Kyndryl follows in IBM's footsteps with rolling layoffs likely affecting thousands
Anniversaries and New Beginnings
The world needs more transparency and far less secrecy
Links 02/10/2024: Microsoft Kills Off HoloLens, Media Discusses Assange Speech
Links for the day
Gemini Links 02/10/2024: New Car, Broadband, and Gemtexter 3.0.0
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 01, 2024
IRC logs for Tuesday, October 01, 2024
[Meme] October 1st: The Day Julian Assange 'Officially Came Back'
Assange: See you in Strasbourg in 5 years
Full Transcript of Julian Assange's Speech in Strasbourg
the full thing
The Full Talk by Julian Assange Including Questions and Answers Discussed Further (October 1st 2024, Council of Europe Committee Legal Affairs)
Wikileaks covered this talk in "tweets"
Julian Assange's First Publicly Delivered Talk Since 2019
Julian Assange's talk in France
Links 01/10/2024: Another Escalation in the Middle East, Software Patents Being Squashed
Links for the day
Microsoft's Collapse is Continuing
Microsoft is discontinuing its HoloLens headsets
Links 01/10/2024: Gavin Newsom's Tech Safety Legislation, YouTube Sued for Health Harms
Links for the day
Gemini Links 01/10/2024: ROOPHLOCH and Photos
Links for the day
Julian Assange Talk: Watch Live
2 hours from now
"IBM executives did not decide to buy Red Hat on their own, nor will they decide to sell Red Hat on their own should that time ever arise"
Since IBM bought Red Hat it merely made its products more proprietary
GNU/Linux and Android Rose to New Highs in September
StatCounter isn't the ground truth, but there's not much else in the public domain.
Links 01/10/2024: Climate Stories, Climate Change, and War in Lebanon
Links for the day
Gemini Links 01/10/2024: Separation, Validation, and Flatfile Databases
Links for the day
Blind Worship of Technology is a Misguided Fool's Errand
Andy Farnell of the Cybershow used the metaphor of "golden calf" last week
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 30, 2024
IRC logs for Monday, September 30, 2024