Cyberattacks attempt to crash 6 media sites globally using U.S. company RayoByte

Members of the Somali Journalists Syndicate and local journalists protest the persecution of secretary general Abdalle Ahmed Mumin, third from right, in December 2022. (Photo courtesy SJS)

Media sites from at least six countries — Somalia, Kosovo, Nigeria, Kyrgyzstan, the Philippines, and Turkmenistan — have faced distributed denial-of-service (DDoS) attacks using U.S. company RayoByte’s services over the last two years. Such cyberattacks often take place alongside other threats to journalists’ safety and press freedom.

Headquartered in Nebraska, RayoByte is one of many companies that sells clients access to Internet Protocol (IP) addresses, unique numbers assigned to internet-connected devices, for “scraping,” a method for extracting large amounts of data from websites. When IP requests are directed quickly and en masse toward a specific site in order to overwhelm it and knock it offline, this constitutes a DDoS attack. 

The website of the Somali Journalists Syndicate (SJS) was knocked offline in a DDoS attack in early August. Days later, authorities arrested SJS staff member Mohamed Ibrahim Osman Bulbul. Later cyberattacks involved RayoByte’s tools, said Qurium, a nonprofit that began hosting and defending SJS.

Similar DDoS attacks began almost immediately after Kosovo-based news site Nacionale began publishing in March 2022. Alongside ongoing cyberattacks, Nacionale’s staff were recently physically attacked on the job.

Qurium’s technical director Tord Lundström wants RayoByte and other companies that profit off the sale of proxy and VPN services to do more to address the fact that attackers access such tools to target media sites.

🗯️ “You can have technology providers doing appropriate things to protect their users and others at the same time as they build their service in a way that protects privacy,” Gabe Rottman of Reporters Committee for Freedom of the Press told CPJ’s Jonathan Rozen. “If… you become aware of bad actors doing bad things, notify the authorities, stop them from using your service.”

Dive deeper:

💡 Read CPJ’s new feature about the cyberattacks

🔎 Explore CPJ’s website to read about other cases of DDoS attacks against outlets conducting critical journalism

⚠️ Protect your site from a DDoS attack by registering it with a service such as Project Shield, and review CPJ’s digital safety kit for additional digital security advice

Global press freedom updates

Spotlight

Policemen guard India’s parliament in New Delhi on May 28, 2023. (Reuters/Adnan Abidi)

Ahead of the G20 New Delhi summit this weekend, CPJ’s Asia Program Coordinator Beh Lih Yi wrote in The Diplomat today about how the worsening press freedom situation in India undermines its reputation as the world’s largest democracy and president of the G20.

She writes: “As the world’s leaders embark on New Delhi, it is imperative that G-20 members — many of which purport to support a free press — call on India to course correct and abandon mounting legislation that threatens press freedom.”

⚡️ Read the full op-ed in The Diplomat.

In late August, CPJ urged Indian lawmakers to review three bills that threaten the independence of the press, and asked the government to withdraw and significantly amend its new data protection law. CPJ has covered the increasing number of social media accounts belonging to media outlets that have been blocked by authorities in the last month.

📖 Read CPJ’s coverage of additional press freedom violations in India on our website.

📣 In May, CPJ called for the release of four imprisoned journalists in Kashmir ahead of the G20 meeting on tourism in Kashmir.

What we are reading (and listening to)

Exit mobile version