My webhost, Deflect, has provided me with a report on the DDOS attack mounted against this site earlier this week. I’m keeping the report private so as not to allow future hackers access to information that might permit them to penetrate my host’s mitigation measures. The report says that the site was attacked via a botnet consisting of other WordPress sites. Unfortunately, since WP is one of the most popular blog hosting platforms with a large number of users, that means there are many poorly defended websites. All it takes is for a site with poor password protection or some other exploitable weakness to be hijacked for this web vandalism. In addition, WordPress enables a useless feature permitting sites to send pingbacks and talkbacks when they link to other sites. It was this feature which permitted the hackers to attack my site. Unfortunately, WordPress refuses to disable pingbacks despite the serious opportunity they offer to attack their users’ sites. And even if a WP user turns off this feature, it does not prevent the attack since it is a native feature built into the product.
The attack lasted for approximately twelve minutes. However, the site was down for a longer period of time. Deflect continue to investigate the lag time and what caused it.
The report also notes that the attack originated from the IP address 18.104.22.168. That IP is associated with a company called Host Solution Ltd. It is a Russian company whose servers use the domain king-servers.com. Deflect says that this web host is known as a “bullet proof hosting provider.” However, it appears that in this case it let a rotten apple into the bunch.
I also received a comment (which was not published) with threatened further cyber-attacks against the site. Since this is the third cyber-attack in the past decade, that seems obvious.
Whoever orchestrated this attack is acting either officially or unofficially on behalf of Israeli interests as outlined in numerous statements from the strategic affairs ministry, which has announced open season on critics of Israel. The ministry has elaborated on a campaign of harassment, cyber-attacks, sabotage and dirty ops intended to sabotage such activism. Just as countries like Saudi Arabia, Russia, and North Korea have engaged in social media trolling and hacking, Israel has now entered the business in a big way.
The method used in the DDOS attack is called a pingback attack, which is explained technically here.