When you’re a non-profit community organization trying to reduce the environmental impact of discarded electronics, the last thing you expect is a cyber attack online.
But that’s what happened to Free Geek Vancouver, whose website and phones were rendered inaccessible for nearly a week by an anonymous Internet attacker.
Free Geek, which also provides education, job skills training, Internet access and free or low cost computers to the public, suffered a DDoS—distributed denial of service—cyber attack from Sept. 2 to 8. DDoS is a coordinated attack using different IP addresses directed at one place, bombarding the server with requests at such a rate that the local server can’t keep up and the site slows down or crashes.
Free Geek Vancouver sales coordinator Tim Adkins said the incident was a big deal and he wants people to know that Free Geek is still open. Adkins noted its telephones also went through the Internet, which added to the problem.
“With our website being down, it was impossible for people to reach us either over the web or by phone for the better part of a week,” he said, adding, “It’s very labour intensive [to fix] and it could happen again. We have taken various measures so that we’re better prepared for it, but what’s interesting is that normally with this kind of attack you hear about it with larger organizations or different targets, like some organizations might be politically targeted… For me the big question is the purpose here of this kind of attack.”
Large corporations and governments are frequent targets of such attacks, especially if they promote policies considered hostile to large swathes of Internet culture. In August, hackers launched a DDoS attack, which took down the federal parliamentary website after the federal government introduced an online surveillance bill.
Free Geek recycles electronics, teaches skills and gives free computers to non-profits.
Adkins said its website is not hosted off-site. The organization has been hosting the site—and only its own websites—on its own server, which is on the Free Geek premises on Pandora Street.
“The organization’s logs showed that the attack was coming from various sources, and therefore it was a distributed DoS, although at times it appeared to be originating from certain parts of the world, mostly Poland and UAE,” he added. “My understanding is that DDoS attacks, though they appear to be coming from all over, are centrally directed—as in triggered from a single source—and that therefore these places may not have anything directly to do with the attack, and may simply reflect Internet infrastructure.”
Hasan Cavusoglu, an associate professor in the management information systems division at UBC’s Sauder School of Business, said the pattern Adkins’ describes looks like a DoS/DDoS attack.
“There seems to be two possibilities. One is that they have been intentionally targeted. This is the most likely option given that they host their site in their own server. However, if we consider the scale of the organization and the nature of the business that they are in, it does not fit into the general description for sites which are targeted by the DDoS. The possibility two is that their address/server’s IP were accidentally added to the list of sites that a botnet would target to. While this is possible, the likelihood of that happening is quite slim,” Cavusoglu said in an email to the Courier.
“Given that one can easily purchase to use a botnet to launch such an attack for less than $100 in the underground market, it might be that one person (a client, a partner) might have gotten upset about their organization, and he/she decided to launch such an attack as a form of his/her reaction/retaliation. It’s indeed bizarre why they would be attacked.”