Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security The Internet

Internet Archive and the Wayback Machine Under DDoS Cyberattack (archive.org) 31

The Internet Archive is "currently in its third day of warding off an intermittent DDoS cyber-attack," writes Chris Freeland, Director of Library Services at Internet Archive, in a blog post. While library staff stress that the archives are safe, access to its services are affected, including the Wayback Machine. From the post: Since the attacks began on Sunday, the DDoS intrusion has been launching tens of thousands of fake information requests per second. The source of the attack is unknown. "Thankfully the collections are safe, but we are sorry that the denial-of-service attack has knocked us offline intermittently during these last three days," explained Brewster Kahle, founder and digital librarian of the Internet Archive. "With the support from others and the hard work of staff we are hardening our defenses to provide more reliable access to our library. What is new is this attack has been sustained, impactful, targeted, adaptive, and importantly, mean." Cyber-attacks are increasingly frequent against libraries and other knowledge institutions, with the British Library, the Solano County Public Library (California), the Berlin Natural History Museum, and Ontario's London Public Library all being recent victims.

In addition to a wave of recent cyber-attacks, the Internet Archive is also being sued by the US book publishing and US recording industries associations, which are claiming copyright infringement and demanding combined damages of hundreds of millions of dollars and diminished services from all libraries. "If our patrons around the globe think this latest situation is upsetting, then they should be very worried about what the publishing and recording industries have in mind," added Kahle. "I think they are trying to destroy this library entirely and hobble all libraries everywhere. But just as we're resisting the DDoS attack, we appreciate all the support in pushing back on this unjust litigation against our library and others."

This discussion has been archived. No new comments can be posted.

Internet Archive and the Wayback Machine Under DDoS Cyberattack

Comments Filter:
  • by MikeDataLink ( 536925 ) on Tuesday May 28, 2024 @06:04PM (#64506479) Homepage Journal

    Its not the DDoS you should worry about, its their ability to fend off the the music industry and hollywood.

    Donate here: https://archive.org/donate [archive.org]

    • Re: (Score:3, Interesting)

      by Moryath ( 553296 )
      There's a coinflip chance that it's someone in the music industry, hollyweird or similar that's funding the DDoS hoping to knock the internet library offline and fuck the preservation of our collective history over.
    • by AmiMoJo ( 196126 ) on Wednesday May 29, 2024 @03:53AM (#64507137) Homepage Journal

      As much as I love the Internet Archive, I think Lawful Masses summed it up when he said they were pretty screwed: https://youtu.be/HUx2mbBhjI8 [youtu.be]

      The issue is that there is a lot of copyrighted material on there, and the IA doesn't have any mechanism for users to flag it as being e.g. a book that should be part of the lending system. So when a user uploads music, it instantly goes public and can be downloaded by anyone, an unlimited number of times.

      You can send the item to the IA for them to scan/rip, but there is a backlog of several years. And you probably aren't getting your item back.

      I don't know why they don't just add a "make this lendable" button to their upload form. It may be because the code is a complete mess - it's closed source and I get the impression a nightmare to work on, because they won't let anyone help with it.

  • Probably AI (Score:5, Interesting)

    by Anonymous Coward on Tuesday May 28, 2024 @06:15PM (#64506509)

    We had a customer (childrens charity) who experienced a 20000% rise in traffic in a month, they weren't sure what they had done to piss someone off but it dragged them down and so called us for some help, we investigated and it turned out it was all coming from Google Compute (15,000 machines) and Amazon AWS (12,000 machines) crawling them over and over grabbing everything, PDFs, zip files, lectures (mp3), videos, annual statements, you name it if it was accessible it was downloaded, repeatedly (despite having a robots.txt).
    if we blocked a single IP they would just retry from Asia, or Ireland or USA or SG, it was just like a criminal DDOS and wackamole with an adversary that had basically infinite bandwidth.

    So what was their response ? well, if we fill out a fsking giant form wanting every little personal detail they will forward our PII to the offenders and that was the best they could do, both of them took no responsibility for the abuse at all.

    We finally stopped them by writing code to trawl the logs and IP ban every single one of them, ending up with a massive list,
    USA needs to get serious with these fskers, this AI frenzy is ridiculous and the sooner they are sued into the dirt the better.

    • What?

    • Re:Probably AI (Score:5, Informative)

      by Seven Spirals ( 4924941 ) on Tuesday May 28, 2024 @06:27PM (#64506541)
      I recently had the same experience with a consulting client. In their case, it was mostly something called "sqlmap", followed by GoogleBot, PetalBot, Bingbog, and Anthropic's "Claudebot". The customer had a Linux server and they'd written a script like yours to populate some IP tables with attacker IPs. However, there were so many, the firewall filter started to slow down absolutely everything on the system (and it's a type of load that's a bit harder to track than regular processes, but not much). Interesting that IP tables machines would slow down to a crawl but the same ruleset on a *BSD box produced next to zero extra load. Maybe I needed to do a better job structuring the rules on Linux or something.

      We noticed that, other than SQLmap (which didn't have more than 100 sock puppet servers), they all populated their USER_AGENT with some kind of unique string. Our solution was to add an Apache redirect so they'd all end up with a "403 Forbidden" error and nothing else. Here's the snippet in case anyone else is interested:


      DocumentRoot /var/www/html/
      RewriteEngine On
      RewriteCond %{HTTP_USER_AGENT} (sqlmap|bingbot|PetalBot|AhrefsBot|SemrushBot|YandexBot|DotBot|wpbot|magpie-crawler|coccocbot-web|MJ12bot|SeznamBot|Amazonbot|ClaudeBot|yacybot|Bytespider|Barkrowler|ImagesiftBot|Applebot|keys-so-bot|Go-http-client|ZoominfoBot|facebookexternalhit) [NC]
      RewriteRule .* - [F,L]
      • Big messy routing tables has always been something the BSDs have exceled at, although modern linux is no slouch, configured correctly But theres a reason BSD has been so popular an OS to base router OS's from

    • by AmiMoJo ( 196126 )

      For smaller sites, sticking Cloudflare in front of them (the free version) seems to be effective. I was getting a low of crawler traffic for a while, but Cloudflare mitigated it.

    • I wonder if whoever was DDoS'ing your client from Google / Amazon actually paid their bills. I hope not so that Google / Amazon knows that next time their "client" launches an attack on someone, they going to lose a bunch of money if they don't stop it.

  • by Indy1 ( 99447 ) on Tuesday May 28, 2024 @06:17PM (#64506513)

    I really don't get it. What does anyone have the gain by DDOS'ing archive.org ?

    If you're ddos'ing the feds, or some Hollywood studio, or M$, I'd get it (even if its rather pointless in the end), but archive.org ??

    • Re: (Score:3, Interesting)

      by Moryath ( 553296 )

      You'd be amazed how many companies, publishers, etc... might have a hand in it. Archive.org has all sorts of things that are abandonware or public domain, and they HATE that. Could even be a book publisher trying to fuck over their checkout system for digitized out-of-print volumes.

    • Changing history might be worth it.

      "Threat attackers have been observed conducting DDoS attacks to deflect attention away from their intended target and using the opportunity to conduct secondary attacks on other services within a network."
      https://www.cisa.gov/sites/def... [cisa.gov]

      Similar industry comments:
      https://www.cyberdefensemagazi... [cyberdefensemagazine.com]
      https://www.cloudflare.com/lea... [cloudflare.com]
      https://www.kasada.io/credenti... [kasada.io]

    • I really don't get it. What does anyone have the gain by DDOS'ing archive.org ?

      If you're ddos'ing the feds, or some Hollywood studio, or M$, I'd get it (even if its rather pointless in the end), but archive.org ??

      In a litigious world ripe for legal discovery, history can easily be used as a weapon.

      Perhaps this is why some may have issues with those who literally exist to preserve it.

    • With the prevalence of lying, flip-flopping, and general hypocrisy in politics these days, I have no problem thinking that some particular people might want past comments they've made become "unfindable." And with some of these hypocrites having ties to foreign governments with capabilities of doing such things, this doesn't seem like a very far-fetched thing.

  • by Mirnotoriety ( 10462951 ) on Tuesday May 28, 2024 @06:55PM (#64506595)
    Anonymous Troll [slashdot.org]: “This is retaliation from Israel because the archive is refusing to take down videos of the IDF committing war crimes and genocide. One of the videos in question shows the IDF pulling part of a dead infant from bombed out rubble and proceeding to cut the head off. You won't hear about this on either Fox or NPR.

    Do you have any verifiable citations for that statement?

You know you've landed gear-up when it takes full power to taxi.

Working...