The official website of Karapatan has been suffering a series of DDoS attacks since July 29th and were still ongoing as of yesterday, August 18th.
Swedish media foundation, Qurium, reported that a Philippine-based human rights alliance Karapatan is the latest victim of targeted DDoS attacks. Karapatan’s website, Karapatan.org, suffered a series of DDoS attacks on July 29th, and the attacks continued as of 18th August 2021.
In an official statement, the human rights watchdog referred to the attacks as “cowardly cyberattacks” launched to prevent people from accessing their reports on the “worsening state of human rights in the Philippines.”
DDoS attacks during #StopTheKillingsPH campaign
Interestingly, the unknown attackers targeted the human rights group at a time when its digital solidarity campaign was underway under the hashtag #StopTheKillingsPH. This campaign was launched to express resentment against the reported ongoing killings in the Philippines.
The campaign was launched on behalf of hundreds of human rights organizations and advocates from around the globe. According to Qurium, this campaign aimed to hold the Philippines’ President Rodrigo Duterte “accountable” for his crimes against the Filipinos.
The event was held to commemorate the killing of human rights worker Zara Alvarez. Alvarez was shot dead in Bacolod City in August 2020.
“We know whose interests these attacks serve,” stated the Secretary-General of Karapatan, Cristina Palabay.
“These attacks only benefit those who want to silence us and our human rights work amid a pervasive state of impunity in the country. We thank our friends from Qurium for documenting these attacks as we seek further investigations on the perpetrators of such attacks,” Palabay added.
Attackers specifically targeted Karapatan’s online resources
According to Palabay, attackers have specifically targeted Karapatan’s online resources, which indicates that they wanted to “suppress” their documentation and human rights activities. Moreover, the group’s secretary-general believes that the attackers wanted to limit the public’s right to freedom of information.
Qurium reported that the attackers launched billions of “malicious web requests” comprising application-layer web floods, which is a form of DDoS (Distributed Denial of Service) attack.
According to Karapatan, the website targeted in this attack contains its periodical monitors directory, year-end reports, policy position papers, and public resources.
Qurium said that the attacks on the Karapatan website were composed of application layer web floods specifically against the resources folder, which contains periodical monitors, year-end reports, policy position papers, and other public resources.
— Karapatan (@karapatan) August 19, 2021
“The attackers used the very same proxy network with the ‘headless browsers’ to flood the website,” Qurium wrote. The report revealed that the bots were from around the globe, but Russia, Indonesia, China, and Ukraine accounted for nearly half of the bots.
“The analysis of the different clusters of bad traffic shows a composition of multiple traffic generators proxying the random requests to specific pools of proxies. This behavior is very consistent across large pools of bots from Russia and China,” Qurium noted.