New Activist Tool: Cyber Sit-Ins

Dan Lohrmann, Michigan's chief information security officer, found out about the cyber sit-in from a reporter. It was Tuesday, May 15, 2007, and a group calling itself the Electronic Disturbance Theater asked Michigan residents to voice their opposition to proposed cuts in state healthcare programs by targeting the Michigan gov Web site.

Over the next two days, participants accessed the group's Web site and downloaded a small browser plug-in that repeatedly hit Michigan.gov. Though Electronic Disturbance Theater sees its actions as a mixture of performance art and civil disobedience, to Lohrmann, it looked very much like a denial-of-service attack.

"Had a million people joined in, it would have been interesting," says Lohrmann. "Not in a good way."

A Sit-In Element

To Lohrmann's relief, far fewer than 1 million people hit the Michigan.gov site on the day of the sit-in. Web counters reported a jump of several hundred thousand page views -- about a 10 percent bump in traffic. Cyber sit-ins came of age nearly a decade ago, but recently, these disruptions have been cropping up again.

There was a "sit-in element" to the attacks on Estonia's online infrastructure, according to Jose Nazario, senior security engineer at Arbor Networks. Though many of these attacks were conducted via networks of hacked, botnet computers, the attackers also created code that anybody could download to voluntarily turn their PC into part of the protest.

Who is Participating?

Lohrmann was struck by the type of people who were drawn into the Michigan protest. "This was parents working with bad guys," he says.

Unlike DoS attacks, cyber sit-ins do not really have to disrupt service to be effective, says Dorothy Denning, professor of defense analysis at the Naval Postgraduate School in Monterey, Calif. Like the sit-in protests of the 1960s, these actions are effective whenever they bring publicity to a particular cause. "That's mostly what they do," she says. Electronic Disturbance Theater may not have taken down Michigan.gov last May, but the Michigan press and this magazine covered the cyber sit-in, Denning points out. "Obviously they're getting a little publicity," she says. And that may just be enough for the activists.

Subscribe to the Security Watch Newsletter

Comments