The Tor Project on Saturday morning acknowledged a cyber attack on
this network, and provided the following statement to Business Insider:
This looks like a regular attempt at a Sybil attack:
the attackers have signed up many new relays in hopes of becoming a
large fraction of the network. But even though they are running
thousands of new relays, their relays currently make up less than 1% of
the Tor network by capacity. We are working now to remove these relays
from the network before they become a threat, and we don’t expect any
anonymity or performance effects based on what we’ve seen so far.
Tor’s service
keeps users anonymous by bouncing communications around a large network of computers known as “volunteer nodes.”
But as Gizmodo pointed out on Friday, if one group can control most of the nodes — which is what Lizard Squad
reportedly attempted to do
— it may “be able to eavesdrop on a substantial number of vulnerable
users.” That obviously has massive implications on the privacy of
millions of people who rely on the anonymous service.
It’s still unclear who attacked Tor, but the notorious hacker gang “
Lizard Squad,”
which also claims responsibility for taking down PlayStation Network
and Xbox Live for two straight days over the Christmas holiday, also
tweeted they were
behind the Tor attack on Friday.
Lizard Squad
explained why it allegedly went after the game networks, but it’s still unclear why this hacker collective shifted its attention to Tor.
The Tor Project is one of
the most effective sites for encrypted communication, making it one of
the most important internet services in the world. Whistleblowers like
Edward Snowden have used the service, and it’s proven pivotal in
“dissident movements” in Iran and Egypt.
A few hours after Lizard Squad announced it was focusing on Tor, the international activist group Anonymous
told the Lizards to “stand down” and stop attacking Tor,
adding, “We don’t give a f–k about corporate bulls–t networks, we do care about 3rd world communications.”
Based on Tor’s thorough response, however, it seems like the issue is
being taken seriously by the organisation, and its users will have
little to worry about in that regard.
Meanwhile, days after the initial attacks began, we’re still waiting
on word from both Sony and Microsoft as to what exactly happened to
their game networks over the Christmas holiday. They have yet to confirm
whether or not the outages were the result of a distributed
denial-of-service (DDoS) attack, which overloads network servers by
having botnets send a massive amount of bogus requests, or if it was
something else entirely.
As of Saturday morning,
PlayStation Network is gradually coming back online, and several
Xbox Live apps are still “limited.”
Comments
Post a Comment