Inside view of a cyberattack


The folks at Revision3 have a detailed article about a Denial of Service (DoS) attack which was perpetrated upon them over Memorial Day weekend 2008. The kicker is that the attack was either intentional or negligent misconfiguration on behalf of a RIAA "watchdog" company named MediaDefender.

It's unclear whether appropriate civil litigation will follow, but I'm happy to hear that the FBI is looking into this. From my perspective, the most plausible explanation is that MediaDefender's servers have been designed to plant poison files on publicly-accessible "trackers" and to attack them automatically when their access is shut down at some later point. If they are to assume that all publicly-accessible trackers are engaged in illegal activity, then it would "make sense" (in their twisted view) that anyone who cut off their access would be doing so in order to allow piracy to continue on their servers. Having made that flawed leap, they then institute an attack to take the server down. This is the type of behavior that's even more poisonous than a few kids hacking up a DDoS.

I hope they sue MediaDefender in order to reclaim lost revenue and flight this kind of bad citizenry on the net.