Loading
‘Hacktivist’ assault on World Youth Day site provides insights
A screenshot of the World Youth Day Madrid website
A screenshot of the World Youth Day Madrid website
By Kevin J. Jones
Facebook Twitter Google+ Pinterest Addthis

.- An internet security firm’s report on an apparent anti-Catholic “hacktivism” attack has renewed interest in an assault on World Youth Day computers in August 2011.

Rafael Rubio, communications director of World Youth Day, said Feb. 28 that the electronic assault that took place during the Aug. 17-21, 2011 event caused some disruptions but that they “survived the attack more or less,”

The hackers’ actions had an effect on days when the server crashed, but event organizers had set up a warning system and a social network system asking volunteers and others to report if they noticed the servers going down.

“(T)hanks to the early warning system we set up on the social networks, we were able to respond to the attacks in real time, and the site was only down for a few hours.”

Rubio said the consequences could have been serious.

“In reality, any kind of attack like this not only could have brought down the website but the mail servers as well, and that really would have caused the collapse of the entire organization,” he said.

The California-based computer security company Imperva has reportedly analyzed the attack in a new report called “The Anatomy of an Anonymous Attack.”

Robert Rachwald, Director of Security Strategies at Imperva, told CNA he would not confirm or deny that the World Youth Day site was the target examined in the report. The New York Times said two people briefed on the investigation confirmed that “the Vatican” had been the target, meaning the World Youth Day website www.madrid11.com.

Yago de la Cierva, executive director of the World Youth Day Madrid organizing committee, said Feb. 28 that the attacks were “very limited” in scope.

“They mostly made life hard for accredited journalists, who had to wait longer for their registration and had to receive the translations of the Pope’s words in print, instead of in electronic format. But otherwise, there were no major effects and the pilgrims never noticed anything.”

In mid-2011, hackers posted a video on the World Youth Day website threatening some kind of attack. The event’s web services provider Telefonica then organized several meetings to reinforce security and to ensure the website had enough capacity to respond to increased traffic.

Rubio was unsure whether Telefonica had contracted with Imperva, though Rachwald said the website examined in the report used an Imperva application firewall product that worked “beautifully.”

The Imperva report found 25 consecutive days of hacker activity: 19 days of preparation, communications and recruitment; four days of reconnaissance and hacking tool attacks; and finally a two-day denial-of-service attack distributed across many computers.

In the recruitment and communications phase, the Anonymous branch created a website and used Twitter and Facebook to publicize it. YouTube videos also “rationalized the attack by denigrating the target and exposing perceived transgressions,” Imperva said. One such promotional video received over 72,000 views.

The Anonymous campaign “Operation Pharisee” specifically targeted World Youth Day, citing clergy sex abuse as a motive for protest. One of the campaign’s recruitment videos used a computer-generated voice and stock video of a man in a Guy Fawkes mask. It called Pope Benedict XVI a “Pharisee.”

“It’s outrageous seeing how many young people march like sheep to the Vatican’s orgy that will take place in Madrid,” the English-language video said.

“It’s humiliating seeing all the crowd in ecstasy, loving Benedict XVI like a god,” it continued, showing a video of cheerful Catholics at a youth event.

The video cited several Bible verses. It attacked the sacrament of confession for encouraging “dependency of souls,” saying that people should confess directly to God. The video also charged that the Catholic Church is using Jesus’ image to get rich and that it is hypocritical for the Pope to wear ornate liturgical dress while condemning vanity.

“Prepare your weapons, my dear brother, for this Aug. 17-21,” the video concluded. “We will drop the anger over the Vatican.”

Eighteen days into the attack, a group of “savvy hackers” then evaluated the security of the targeted website, the Imperva report says. They used hacking tools and anonymity services to disguise their identity. They kept a “low profile,” but still created relatively high internet traffic compared to normal days.

The hackers failed to find vulnerabilities in the website’s applications and fell back on a distributed denial-of-service attack intended to flood the target’s web server with crippling levels of traffic. This tactic used recruited individuals to run programs on their computers and mobile devices. Many of these recruits did not use anonymity services.

About 500,000 denial-of-service attacks happened on the first day of this phase, while almost 600,000 happened the following day. One PC can generate up to 200 attacks per second.

The Imperva report advised potential targets’ internet security staff to monitor social media for hints of coming attacks.

“Hacktivism is loud by definition,” the report said.

Rachwald said the use of social media is “the only thing that’s really unique about this attack.”

“Typically an attack is not pre-announced,” he explained.

“The big difference with hacktivism in general is they need to recruit and they need to announce ‘We’re going after target X.’”

Such hackers are typically after user data, he explained. In one instance, hackers under the banner of Anonymous stole user data from Sony and exposed information on 100,000 credit cards, causing customer outrage and a drop in stock prices. They also exposed police officer data from the San Francisco mass transit system.

“If you steal and expose data, then you can really hurt an organization,” he said. “What they’re looking for is vulnerabilities around data exposure.”

Traditional defenses such as network firewalls, anti-virus programs and intrusion protection cannot be the sole defense, he advised. A proper application security program is necessary for websites that transact user information and for e-commerce sites where goods and services are sold.

“Whoever was in charge of security in this case had the foresight to recognize that data would be a target,” Rachwald said. “I think that recognition is really, really important.”

Vatican spokesman Fr. Federico Lombardi reported Feb. 27 that there were “no problems” in the Vatican from the hacker attack because the World Youth Day website systems were “totally independent.”
 
World Youth Day communication’s director Rubio characterized the attack as “a waste of time” and “disrespectful.”
 
He saw the targeting of World Youth Day as “an obvious sign of the worldwide impact that World Youth Day was having at that moment.”

“We never really understood, because the video wasn’t clear either, what they hoped to gain by attacking World Youth Day. I think the only thing they wanted was attention.”

Additional reporting by Walter Sanchez Silva in Lima and David Kerr in Rome.

Tags: World Youth Day

Ads by AdsLiveMedia(What's this?)

* The number of messages that can be online is limited. CNA reserves the right to edit messages for content and tone. Comments and opinions expressed by users do not necessarily reflect the opinions or beliefs of CNA. CNA will not publish comments with abusive language, insults or links to other pages

RESOURCES »

Ads by Google (What's this?)
Ads by Google

Featured Videos

Little Sisters of the Poor press conference in Denver
Little Sisters of the Poor press conference in Denver
Family thrilled to see Pope Francis in Istanbul
Syrian Refugee, Sara, 14, Before Meeting Pope
Ebola orphans thousands of children in West Africa
One year after Haiyan: Philippines rebuilds homes, lives
An Indian contribution to the Vatican's Synod on the Family
Christ Cathedral CNA video Sept 2014
Alejandro Bermudez of CNA accepts ice bucket challenge
'The Real Albania,' remembering those who fled
Pope Francis in Albania, "one of the most important visits of the post-communist era in Albania"
Pope Francis greets paralyzed man who risked all to see him
Franciscans on the banks of the Tiber in Rome, working for the New Evangelization
Pilgrimage from Czech Republic to Assisi and Rome for intentions
Testimony of young Indian who met Pope in Korea
Preparations of the Closing Mass of 6th Asian Youth Day
Missionary of Charity, Korea
Testimony of Christian Love during Pope's Visit to Korea
Religious Sisters in South Korea react to Pope Francis kissing a baby
Warm atmosphere during Holy Mass at Daejeon World Cup Stadium
Images inside Pope Francis flight to South Korea
Dec
19

Liturgical Calendar

December 19, 2014

Advent Weekday

All readings:
Today »
This year »

Catholic Daily

Gospel of the Day

Mt 21:23-27

Gospel
Date
12/15/14
12/14/14
12/13/14

Daily Readings


First Reading:: Judg 13: 2-7, 24-25A
Gospel:: Lk 1: 5-25

Saint of the Day

St. Romuald »

Saint
Date
12/15/14

Homily of the Day

Mt 21:23-27

Homily
Date
12/15/14
12/14/14
12/13/14