Late last month, Jester claimed responsibility for an early round of attacks against WikiLeaks that drove the group off its usual servers and onto ones operated by Amazon.
The increasing popularity of DDoS attacks, and the enormous publicity they received when groups attacked sites belonging to companies that had pulled the plug on services to WikiLeaks -- including Bank of America, MasterCard and PayPal -- worries Zuckerman.
"I have concerns that the sheer visibility of DDoS attacks and the fact that they demonstrate some pretty effective techniques [to shut down a site] will lead to a rash of DDoS attacks against human rights sites," said Zuckerman.
And often, there's little a victimized site can do to fend off DDoS attacks.
Typically, human rights or dissident media groups can't afford to contract with hosting providers that are large enough to stymie even small- or mid-sized DDoS attacks, said Zuckerman, or they're hesitant to use a major hosting provider because they suspect it will censor their site or toss them overboard at the first sign of controversy.
"That tension is probably the most interesting part of the paper," Zuckerman admitted. "To prevent DDoS, you have to move to a [hosting provider] big enough to defend your site, but the problem with that is you have to find the right provider."
The largest hosting services, dubbed "Tier 1" firms, have a decided advantage over smaller providers, an even bigger one over organizations that try to host their own site, Zuckerman pointed out.
"If you're a Tier 1 ISP, you're on a bunch of closed mailing lists, you're part of a trusted system, you probably are friends with people who work at other Tier 1s, you have deep contacts in the space, so you can call someone up to ask them to null route traffic to help you get over this attack," said Zuckerman. "That's actually how DDoS prevention often works."
Smaller ISPs, or groups self-hosting, aren't part of this "old boy" network, and are out in the cold.
"In certain DDoS attacks, like those that simply overwhelm your site's bandwidth, you have to go upstream, filtering doesn't help," said Zuckerman, referring to the ISP that is "upstream," or higher in the Internet food chain. "If you can't access those guys at the larger ISPs, it's really hard to fend off an attack. So you're screwed."
The choices that human rights and dissident media sites face is one akin to being between a rock and a hard place, Zuckerman said. "Either you really need to keep up and get smart people on your team, or you need to get with a big provider that is politically willing to host the content of your site," he said.
The Berkman Center's report is available on its Web site (download PDF).
Sign up for Computerworld eNewsletters.