clock menu more-arrow no yes

Filed under:

On the eve of an election, the Malaysian web comes under attack

New, 33 comments

Opposition party websites and Facebook pages are falling to DDoS and web censorship

Crashed Terminal
Crashed Terminal

Malaysia holds its national election this Sunday, pitting the ruling National Front party against an unusually strong People's Alliance coalition in what observers are calling the most closely contested race in the nation's history. But as citizens head to the polls, the country has seen a flood of ISP blocks and DDoS actions against opposition sites and independent media.

The most visible actions are DDoS attacks, a technique that floods sites with bogus traffic, making them inaccessible to normal users. It's a technique often aimed at opposition parties in the days leading up to an election. DDoS mitigation service Cloudflare told The Verge it has seen several news organization come under attack in the past week, and that the vast majority of the actions have been Layer 7 attacks originating from within the country. It strongly suggests that whoever's behind the attack is local.

Opposition party Facebook pages were also targeted by the blocks

Alongside the denial-of-service attacks, Malaysian ISPs have instituted a more sophisticated kind of web censorship. An Access Now report detailed five Malaysian ISPs that had begun blocking domains, simply refusing to serve requests made to certain web addresses. After early complaints, ISPs also blocked specific content within those domains that was critical of the standing regime. In one example, the blocks targeted a specific YouTube video seen as damaging to the regime, targeting the "return" stream rather than the user request to make it seem as if YouTube's servers were the source of the problem. Opposition party Facebook pages were also targeted by the blocks. Based on the nature of the interference, Access suspects the ruling party is instituting the blocks using deep packet inspection, with the assistance of the (supposedly independent) ISPs.

"We're used to seeing DDoS and hacking attacks prior to elections, but in this case they're doing a lot more, like arresting bloggers for old posts and jamming radio stations," said Gustaf Bjorksten, technology director at Access Now. "There seems to be very little they won't do to stop information they don't like."