MCLC: cyberattack on HK referendum

Denton, Kirk denton.2 at osu.edu
Sat Jun 21 10:30:00 EDT 2014 

MCLC LIST
From: kirk (denton.2 at osu.edu)
Subject: cyberattack on HK referendum
***********************************************************

Source: Sinosphere blog, NYT (6/21/14):
http://sinosphere.blogs.nytimes.com/2014/06/21/cyberattack-on-hong-kong-vot
e-was-among-largest-ever-security-chief-says/

Cyberattack on Hong Kong Vote Was Among Largest Ever, Security Chief Says
By ALAN WONG 

The online voting platform for the unofficial referendum now underway on
Hong Kong’s political future has been subjected to one of the most severe
cyberattacks of its kind ever seen, according to the head of the Internet
security company tasked with protecting it.

Matthew Prince, chief executive and co-founder of the San Francisco-based
company CloudFlare, said in an email Friday that the distributed
denial-of-service attack (also known as DDoS) on Occupy Central’s voting
platform was “one of the largest and most persistent” ever.

Mr. Prince said the attackers appeared to have commanded a network of
compromised computers around the world to overwhelm the platform with
traffic in hopes of disabling it. The owners of the computers exploited in
such attacks are usually unaware that they have been compromised.

Despite minor hiccups in the voting system, apparently caused by the
denial-of-service attack, by Saturday it had recorded
<https://popvote.hk/english/project/vote_622/stat/> more than half a
million votes in less than 30 hours, in a city with a population of 7.2
million. Voting in the unofficial referendum, which asks permanent
residents of Hong Kong to choose one of three methods for nominating
candidates for chief executive, is to continue until June 29.

On Friday, the first day of voting, Beijing denounced the referendum as
“illegal and invalid.” Hong Kong’s chief executive, Leung Chun-ying, said
none of the three proposals complied with Hong Kong’s Basic Law, the
territory’s de facto constitution. All three plans would allow candidates
to get onto the ballot by collecting enough signatures, which would mean
the Chinese government could not screen candidates through allies on a
nominating committee.

Occupy Central supporters suspect that the central government is behind
the attack; opponents have asserted that it is a ploy by the campaign’s
sympathizers to rally public support.

Mr. Prince said that about 20 percent of the computers used in the attack
were from Indonesia, 10 percent from Brazil and the rest from elsewhere.
Indonesia and Brazil are known to have a large number of compromised
computers, he said.

China, notably, was not among the 10 countries with the most computers
involved, Mr. Prince said. “That’s actually surprising, and not just for
the political reasons that may be motivating this attack, but more because
China typically has a very large number of compromised machines,” he said
in the email.

While the computers used in the attack could be traced, it was impossible
to tell where the “herder,” the person directing the attacks, was located,
he said.

Next Media, which publishes Apple Daily, a Chinese-language Hong Kong
newspaper supportive of Occupy Central, was also subjected to a severe
cyberattack before the voting began.

The polling organization commissioned by Occupy Central to conduct the
referendum said Friday
<http://webcache.googleusercontent.com/search?q=cache:evIEOOFmbkoJ:hkupop.h
ku.hk/chinese/release/release1155.html+&cd=1&hl=en&ct=clnk&gl=hk> that it
would increase the number of voting booths to be provided on June 29, the
last day of voting. It also said that a police investigation into the
denial-of-service attack had begun.

The mobile application used for voting has become the most popular iPhone
app in Hong Kong and the second-most-popular for Android-based devices.

While the initial attacks interrupted much of the online registration
process, the actual voting has been smooth. Many supporters of the
campaign, including Charles Mok, a legislator representing the information
technology sector, have praised CloudFlare for its work.

Responding to his sudden popularity in Hong Kong, Mr. Prince said that he
might come to the city during the first week of July. (A large
pro-democracy march is held in Hong Kong each year on July 1, the
anniversary of the former British colony’s return to Chinese sovereignty.)
He also said he might open the company’s first Asian office in Hong Kong
instead of Singapore.

More information about the MCLC mailing list