Feeds

Scientology website shielded against DDoS attack

After the storm

The Essential Guide to IT Transformation

Updated The Church of Scientology has restored it website to normal after a campaign of denial of service attacks prompted it to use DDoS mitigation service Prolexic.

Web sites associated with the Church of Scientology were intermittently unavailable last week after an internet group calling itself Anonymous declared war on the controversial organisation.

Anonymous justified its actions by alleging the Church of Scientology has misused copyright and trademark law in censoring criticism against the church. The campaign was sparked off by the church's attempts to remove a promotional video featuring Scientologist Tom Cruise from YouTube. The clip shows a video from Cruise's Freedom Medal ceremony from late 2004 in which the actor speaks with (frankly scary) intensity about the responsibilities of being a Scientologist. After the Church of Scientology lodged a copyright infringement complaint, YouTube pulled the video, but the material has since resurfaced on Gawker.com.

As well as directing sympathisers to use denial of service software, Anonymous is calling on its members to make nuisance calls, host Scientology documents the Church claims as protected by copyright, and fax black pages to the Church's fax machines in an effort to waste ink. Longer established critics of Scientology have criticised the actions of Anonymous as counterproductive.

Wired reports that miscommunication between hactivists briefly resulted in a Dutch school web site becoming a target of attack on Friday.

The progress of the attack was closely monitored by network security tools firm Arbor Networks. Dr Jose Nazario, senior security engineer at Arbor Networks, said threats to attack the websites associated with the Church of Scientology were acted out.

The waves of ongoing attacks witnessed by Arbor lasted an average of 30 minutes consuming an average of 168 Mbps and peaking out at 220 Mbps.

"This is on the high side of an attack, but significantly smaller than the largest ones we commonly see nowadays," writes Nazario. "The attacks used in this case are common, garden variety DDoS attacks."

Danny McPherson, chief research officer at Arbor, added that the attacks were ongoing though diminishing in intensity. He stated that the ferocity of the attacks was on the same level as those thrown against Estonia last year. The technical sophistication applied to the attacks is fairly basic. Networks of compromised machines are being used in some cases, he added.

"The attacks are mostly brute force flooding. Some of the attacks start and stop from a bank of machines at exactly the same time so there have definitely been bots employed," McPherson told El Reg.

In response to the attacks, the Church of Scientology moved its systems over to a managed service run by security firm Prolexic, Netcraft reports.

The Church of Scientology has issued statements suggesting that controversy over the Tom Cruise video had increased traffic to its Web site. It has also said that the video was taken out of context. It did not comment directly on last week's denial of service attacks.

As the Church previously announced, the pirated and edited excerpts of Mr. Cruise were contained in an official Church event in 2004, an event attended by 5,000 Scientologists and their guests and further available for viewing in any Church of Scientology world over. Having presented these selective and out-of-context excerpts with the intent of creating both controversy and ridicule, nevertheless resulted in people searching for an visiting Church of Scientology websites as evidenced by “most searched for” lists of various search engines. Those wishing to find out the Church of Scientology’s views and to gain context of the video have the right to search official Church websites if they so desire.

A search on YouTube reveals other clips from the now famous Scientology Freedom Medal ceremony of 2004 remain available, whilst controversy about the affair has sparked several satirical responses of variable quality. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.