Praag to lay criminal charge after cyber attack
The Pro-Afrikaanse Aksiegroep (Praag) will lay a charge with the South African Police Service (SAPS), after becoming the victim of a distributed denial of service (DDOS) attack that it says was launched by extremist anti-Afrikaans groups.
According to Praag director Dan Roodt, the object of the attack was to "bankrupt Praag and its service provider through the consumption of bandwidth and damage to network infrastructure". He says Praag's Afrikaans and English Web sites were both brought down a number of times since Tuesday, but are both up and running again.
"We are going to lay charges with the SAPS under the Electronic Communications and Transactions Act for the DDOS attack against us, [and] also against those anonymous individuals slandering us on Facebook, social media, and in relation to potential advertisers on our site," says Roodt.
Earlier this week, ITWeb reported that Google stopped channelling advertisements to the Praag Web site, because Afrikaans is not one of Google's recognised advertising languages. Roodt believes Google's decision was influenced by an anti-Praag group, which runs a Facebook page called "Speak out against Web site Praag".
"We are not going to take these attacks lying down," Roodt says. "Our readers and supporters are right behind us and hundreds have presented themselves as volunteers to counter these attempts at muzzling us. However, we will not be using the distasteful and underhanded techniques of our opponents, but will be defending ourselves in an open, transparent and legal manner."
He explains that anti-Praag bodies accuse the group of being racist and spreading division and hate-speech, but he insists Praag only aims to promote Afrikaans and publish opinions in Afrikaans.
Dominic White, CTO of SensePost, says DDOS attacks can be done in several ways, although he has no information on how the specific attack on Praag was executed. He explains that a DDOS attack means a large amount of traffic gets sent to a server from many different sources. However, this could literally mean many people are sending requests to the server, or the attacker could make use of a botnet that prompts thousands of compromised machines to send requests to the target. The attacker can also use a technical vulnerability to "reflect traffic" to the targeted server.
"There are many different ways to do this, but usually DDOS attacks are not serious and only temporary. For businesses whose money is made on the Internet, it will be more serious, but not so much for an opinion or a news site," he notes.