Early this year, swarms of thousands of bots took aim at the main website for the Palestinian BDS National Committee, with the intent of taking the website offline for good.
The Distributed Denial of Service (DDoS) employed tens of thousands of unique IP addresses to send a huge flux of malicious traffic to the website. To do it, they employed two so-called 'botnets' — basically linked networks of dummy or infected computers that work in unison.
But the committee's website, bdsmovement.net, wasn't the only one targeted, raising the possibility that this wasn't run-of-the-mill cyber vandalism, but instead a targeted campaign by the opponents of the boycott, divestment, and sanctions (BDS) movement.
The BDS movement seeks to encourage individuals and businesses to end their financial relationship with Israel and any organizations based there, in order to apply pressure on the government to end the occupation of Palestine and improve human rights conditions for those living in the occupied territories.
The group targeted by these cyber attacks say this criticism has put them in the cross-hairs of Israel's considerable cyber offensive capabilities.
"I want to create a community of fighters."
Critics of the movement, however, say it essentially to the existence of Israel at all. In a 2014 speech, Prime Minister Benjamin Netanyahu told a crowd that "BDS sets back peace because it hardens Palestinian positions and it makes mutual compromise less likely." But the country has only recently come around to taking the movement serious — last year, Israel's president called the movement a "strategic threat."
The attacks were uncovered, and defended against, by Deflect Labs, a small cyber security group headquartered in Montreal that seeks to protect activist and independent media organizations from organized cyber attacks — a prospect that can be an otherwise costly prospect for many groups.
"Attempts to bring down the bdsmovement.net website were made using several (at least two distinct and relatively large) botnets and varied in their techical approach," concludes a report released on Thursday from Deflect on the attacks. This shows a level of sophistication and commitment not generally seen on the Deflect network."
Deflect, in order to protect the websites under its umbrella, works to detect, filter, and block malicious traffic, but also to spread the influx of hits across an array of websites in order to mitigate the effects of the attack.
The group has been protecting a host of websites since 2014, thanks in part to nearly $500,000 in funding from the Canadian government.
"These latest cyber-attacks against BDS seem to be part of a full-fledged Israeli war on the movement."
DDoS attacks are generally considered to be more of a nuisance than an outright declaration of war — webcomic XKCD explains it best — but for small activist groups like those that make up the BDS movement, a targeted DDoS attack could be ruinous. Apart from the possible costs incurred from huge surge in traffic and possible damages that may come as a result, the hosting companies that support these websites may end their relationship with the organization outright in an attempt to avoid the costs and headaches of these sorts of attacks.
While Deflect managed to link some of the attacks together, it couldn't prove that they all came from the same source. The attacks ran in spurts from late February, into April.
It did find that one botnet, however, "appears in other attacks against Israeli websites, on our network, and on the network of our of our peers."
The sites targeted by that botnet were not directly linked, but the report says that all the websites targeted, including one based in Israel, share an "emphasis on issues relevant to the protection of human rights in the Occupied territories."
A representative of the Palestinian BDS National Committee told VICE News that "the websites of around six or seven BDS organisations in North America and Europe faced denial of service attacks at the same time as our site was attacked."
It's unclear who exactly is targeting these websites, but the BDS movement certainly has no shortage of enemies.
An AP report from last February — published just weeks before the attacks begin — revealed that the Israeli government had dedicated $26 million to combat perceived anti-Israeli information living on the web.
"I want to create a community of fighters," Sima Vaknin-Gil, the director general of Israel's Ministry for Strategic Affairs and Public Diplomacy, told a room of Israeli tech developers, according to AP.
Vaknin-Gil told the entrepreneurs that the government wants to "flood the internet" with positive material on Israel, but underscored that they were not interested in funding illegal or unethical practises.
Israel's anti-BDS push has also gone international. Casino magnate Sheldon Adelson has launched an organization to fight back against the group. Meanwhile, in Canada, a majority of the House of Commons recently voted to condemn the movement, while the legislature in Ontario briefly considered — but ultimately voted down — a movement to defund universities that support the initiative.
A breakdown of the traffic by country of origin. (Deflect Labs)
Mahmoud Nawajaa, general coordinator of the Palestinian BDS National Committee — an organization headquartered in Ramallah, but with offices elsewhere in the Middle East and London — told VICE News that "these latest cyber-attacks against BDS seem to be part of a full-fledged Israeli war on the movement."
The government of Benjamin Netanyahu has certainly lashed out against the BDS movement. The BDS National Committee specifically highlighted the case of Omar Barghouti, a co-founder of the movement who is being punished by the country with a de facto travel ban, and who may soon see his Israeli residency cancelled.
Nawajaa said the attacks are a sign that their movement is succeeding in applying pressure, but adds that without Deflect and their supportive web hosting company, things could've been worse.
"We're aware that many political groups who use private sector services have their web hosting accounts closed by their hosting companies when they are targeted by denial of service attacks or are unable to keep their websites live," Nawajaa said.
The cybersecurity organization has been releasing public reports about these sorts of attacks. The first of these reports analyzed attacks on an independent Ukrainian news website that had been slammed with a heavy stream of malicious traffic.
Follow Justin Ling on Twitter: @Justin_ling