Online media company Revision3 suffered a severe Denial of Service (DoS) attack over the weekend, which brought down the main site, the RSS server, and even its internal corporate email. Although DoS attacks far from uncommon in the modern internet era, the real mystery was who would actually want to close down Revision3.
After some digging, Revision3’s engineers found the interesting and very concerning answer – it was a subsidiary of public company, Artistdirect, called MediaDefender. MediaDefender’s purpose in life is to “stop the spread of illegally traded copyrighted material over the internet and peer-to-peer networks.”
Ironic, considering that Revision3 is one of the relatively few internet video sites designed to LEGALLY trade in its own copyrighted material over the internet, including popular shows such as Diggnation.
So what inspired this attack? Needless to say it’s complicated, but if you want a fascinating, superbly written explanation, do check out the Revision3 blog post. The short version is this: MediaDefender was interested in Revision3 because of its use of BitTorrent technology. BT is often (most commonly, I expect) used for internet piracy. Revision3, however, uses it to distribute its larger files legally and cheaply.
MediaDefender apparently wasn’t interested in that and found a back door into Revision3’s network, “allowing their networking experts to exploit its capabilities for their own personal profit.” Revision3 engineers spotted the unauthorised use of its tracking server and locked them out, which in turn initiated a flood of SYN packets attempting to reconnect to the files. And basically everything went arse over tit in pretty short order.
MediaDefender has since explained how it happened to Revision3 but not the why of it. MediaDefender has had clients including Sony and Universal Music and it works by targeting peer-to-peer networks, propagating fake files and launching denial of service attacks against distributors. Not exactly the most above-board thing we’ve ever heard, but you can hardly be surprised that the big companies want to fight P2P file sharing at its own game. Of course, offering competing, practical and appealing alternatives at a reasonable price is thinking just a little too far outside the box.
Anyway, MediaDefender’s actions are classic example of why real or online vigilantism is very bad idea. Pretty soon some innocent person or organisation gets caught in the crossfire. Fortunately, the FBI is looking into the matter. Presumably Revision3 would have also have the opportunity to seek compensation for its lost weekend too.
Revision3 (via InformationWeek)