Bonum Certa Men Certa

Brute Force Cracking Attempts Against Techrights

Target: Manchester

Manchester



Summary: An aggressive effort to infiltrate our servers (125,000 times in one day, peaking at particular hours) considerably slowed down the Web site, in spite of overzealous filtering

Negative publicity is something that EPO (as in its management) simply cannot tolerate. Remember how negative paragraphs got removed from news articles after payments from the EPO.



Techrights has, a few times over the years*, come under attacks from numerous entities but at no point in its entire history has it come under the same sorts of attack it must deal with whilst writing about EPO abuses. We suspect there may be a strong correlation between the covered subjects and the willingness to silence the coverage. Almost 80% of our articles are about patents nowadays.

"In our eyes, it was always likely to have been someone connected to the EPO or someone who works there."Yesterday, as some people with special interest in the EPO told us, the site became unavailable. The volume of attacks on Techrights had gone up at around 11AM (G.M.T.) and at some point it doubled to around 50% of all traffic (it was around 25% of the traffic at 11AM). Brute force was being used to overcome our increasingly sophisticated filters, computationally trained and improved after previous such attacks.

Media articles coming from Germany correctly accuse the EPO of all sorts of things (and they cite Techrights), but all of them fail to mention that the EPO banned the whole site (for the first time ever). This in its own right is quite a scandalous thing. This kind of censorship we know about for sure, but we cannot confirm EPO role in the cyber-attacks. Some legitimate visitors (IP addresses) may accidentally get banned (barred from accessing Techrights) because the server is aggressively filtering traffic right now, in an effort to block the cracking attempts. We may have managed to drive away the attacker/s.

Of relevance to this issue are a few older article. Recall when SUEPO came under DDOS attacks (after and before SUEPO E-mails got altogether censored, meaning that a silencing campaign against unions was already well under way). Recall that Techrights came under DDOS attacks at around the same time (an especially sensitive time), leading to reasonable speculations. In our eyes, it was always likely to have been somebody connected to the EPO or someone who works there. For reasons explained here before, without legal action which compels law enforcement to check routers and zombie PCs (botnets), it is hard to know with high enough degree of certainty who commanders and orchestrates all this (the botmaster or script kiddie).

Let us assume that it's a deterrence tactic (against the author/Webmaster/system administrator), or an effort to make it harder for people to access the Web site. Looking back at this nuisance, which started late last year, first was potentially an attack on the Web site (to no avail because my daytime job involves dealing with exactly these types of scenarios and we patiently fought back by filtering any attacks), then blocking the entire site (Office-wide), which makes one wonder what can come next, given that EPO staff can still access the site (off duty).

It has been extremely hard to report abuse about the source of yesterday's attacks on Techrights because the hosting is provided by rogue domain with rogue SSL certificates (or none). It's incredibly hard to obtain contact details. This was a European cluster that attacked the site. Most of the cracking attempts against Techrights come from this same cluster of machines (with IP pool in Spain); we are talking about exceptionally frequent cracking attempts against the CMS (many hundreds of times per minute) and this bypasses caches and other basic defenses. If Techrights was ever forced into a CDN for supposed protection, no doubt there would be no true privacy for visitors. Without filtering, about one quarter of the traffic in Techrights would be cracking attempts, slowing the site down or taking it down for considerably long periods of time (not just seconds). Wonder who’s doing it? We sure wonder, but as people who do this for a living can tell, it's a hard question to answer, especially without access to servers and probably a warrant to legally delve into them.

If these attacks ultimately just try to hijack and deface the site (or obtain a list of visitors), then they aren't doing a very professional job. These must be just brute force login attempts -- many attempts at cracking, perhaps with a common passwords dictionary. Because it's done with brute force (as long as the server can still respond), it induces very high load, as a side effect; hence the server issues. This is similar to what SUEPO reported earlier this year, whereupon it filed a complaint with the authorities. ___ * The first time it happened we lost our Web host and the site was left orphaned, because the Web host was unable and unwilling to help us cope with a DDOS attack on a shared server.

Recent Techrights' Posts

Edward Brocklesby (ejb) & Debian: Hacking expulsion cover-up in proximity to Oxford and GCHQ
Reprinted with permission from Daniel Pocock
Microsoft Windows in Nicaragua: From 98% to Less Than 25%
Operating System Market Share Nicaragua
[Meme] Debian's 'Cannon Fodder' Economics
Conflicts of interest don't matter
According to Microsoft, It's Not a Code of Conduct Violation to Troll Your Victims Whose Files You Are Purging
The group of vandals from Microsoft think it's "funny" (and for a "nominal fee") to troll Microsoft critics
Microsoft Inside Debian is Sabotaging Debian and Its Many Hundreds of Derivatives With SystemD (Microsoft/GitHub Slopware With Catastrophic Bugs is Hardly a New Problem)
What is the moral of the story about The Scorpion and the Frog?
 
[Meme] 12 Years a Fedora Volunteer
IBM gives me a 'free' Fedora badge as recognition
IBM Slavery: Not a New Problem
When IBM got rid of Ben Cotton it showed the world how much it valued Fedora
Why They Want to Abolish Master/Slave Terminology (Because This is What They're Turned Free Software Into)
It used to be about community; GAFAM turned that into exploitation and worse
Roy and Rianne's Righteously Royalty-free RSS Reader (R.R.R.R.R.R.) Version 0.2 is Released
They say summer "officially" started some days ago
Torvalds' Number Two Quit Linux a Decade Ago and Has Since Then Earned an Honorary Doctorate
Revisiting Fuzix and Alan Cox
GNU/Linux Reaches All-Time High in Tunisia
Based on statCounter
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 23, 2024
IRC logs for Sunday, June 23, 2024
You Know the Microsoft Products Really Suck When...
"Qualcomm and Microsoft go 'beyond the call of duty' to stop independent Copilot+ PC reviews"
IBM and "Regime Change"
Change of regime is not the same as freedom
Techrights in the Coming Decade: The Community Angle
Somebody needs to call them out on their BS
Techrights in the Coming Decade: The Free Speech (Online) Angle
Free speech is a fundamental tenet of a free society
Techrights in the Coming Decade: The Software Angle
Gemini Protocol has just turned 5 - i.e. roughly the same age as our Git repositories
Techrights in the Coming Decade: The Patent Angle
Next month marks 10 years since we began covering EPO leaks
Wookey, Intrigeri, Cryptie & Debian pseudonyms beyond Edward Brocklesby
Reprinted with permission from Daniel Pocock
[Meme] Choice Versus Freedom
So When Do I Start Having Freedom? Freedom is choice between the GAFAMs
Digital Liberation of Society at Times of Armed Conflicts and Uncertainty
We have technical contributions, not just written output
Links 23/06/2024: More Microsoft Cancellations, Growing Repression Worldwide
Links for the day
Gemini Links 23/06/2024: The Magician and the Hacker, tmux Tips
Links for the day
Links 23/06/2024: Twitter/X Wants Your Money, Google Reports a Billion DMCA Takedowns in Four Months
Links for the day
Digital Restrictions (Like DRM) Don't Have Brands, We Need to Teach People to Hate the Underlying Restrictions, Not Companies That Typically Come and Go
Conceptually, the hens should fear humans, not the farmer who cages them
Going Above 4% Again
Maybe 4% (or above) by month's end?
Conviction, jail for Hinduja family, Debian exploitation comparison
Reprinted with permission from Daniel Pocock
Links 23/06/2024: Hey Hi (AI) Scrapers Gone Very Rogue, Software Patents Squashed at EPO
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 22, 2024
IRC logs for Saturday, June 22, 2024
Gemini Links 23/06/2024: LoRaWAN and Gemini Plugin for KOReade
Links for the day
Links 22/06/2024: Chat Control Vote Postponed, More Economic Perils
Links for the day
[Meme/Photography] Photos From the Tux Machines Parties
took nearly a fortnight
Uzbekistan: GNU/Linux Ascent
Uzbekistan is almost the same size as France
SLAPP as an Own Goal
We have better things to with our limited time
Independence From Monopolies
"They were ethnically GAFAM anyway..."
GNU/Linux at New Highs (Again) in Taiwan
latest numbers
Links 22/06/2024: More Layoffs and Health Scares
Links for the day
Rwanda: Windows Falls Below 30%
For the first time since 2020 Windows is measured below 30%
[Meme] IBM Lost the Case Over "Dinobabies" (and People Died)
IBM agreed to pay to keep the details (and embarrassing evidence) secret; people never forgot what IBM called its staff that wasn't young, this keeps coming up in forums
Exactly One Year Ago RHEL Became Proprietary Operating System
Oh, you want the source code of RHEL? You need to pay me money and promise not to share with anyone
Dr. John Campbell on Gates Foundation
Published two days ago
Melinda Gates Did Not Trust Bill Gates, So Why Should You?
She left him because of his ties to child sex trafficker Jeffrey Epstein
How Much IBM Really Cares About Software Freedom (Exactly One Year Ago IBM Turned RHEL Into Proprietary Software)
RHEL became proprietary software
Fedora Week of Diversity 2024 Was Powered by Proprietary Software
If instead of opening up to women and minorities we might open up to proprietary software, i.e. become less open
18 Countries in Europe Where Windows Fell Below 30% "Market Share"
Many people still use laptops with Windows, but they're outnumbered by mobile users on Android
[Meme] EPO Pensions in the UK
pensioners: looks like another EPO 'reform'
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 21, 2024
IRC logs for Friday, June 21, 2024
During Fedora Week of Diversity (FWD) 2024 IBM and Its Subsidiaries Dragged to Court Over Discrimination at the Corporate Level
IBM is a deplorable, racist company
Workers of the European Patent Office Take the Office to Court Over Pension
pensions still precarious
Gemini Links 22/06/2024: FreeBSD vs XFCE and Gemini Bookmarks Syncing Solution
Links for the day