Raspberry Pi Foundation hit by grudge DDoS attack
Hands off the Pi
The tiny Raspberry Pi Foundation website and forum has been hit by two short but nasty DDoS attacks in the last week, the second attack flurry that has targeted the organisation since last summer, staff have confirmed.
The first botnet attack that disrupted the site for an hour on the afternoon of 3 March was described as “grimly familiar” after a spate of similar SYN flood bombardments last summer.
Although not massive by DDoS standards - about 100kbps - the Foundation’s ISP reacted in orthodox fashion by swapping DNS servers, which the probably automated attack didn’t adjust to.
Related Articles on Techworld
The attackers then came back for another bite on 5 March before eventually giving up after a couple of hours.
The scale and size of the attacks is probably less significant than the fact that a small non-commercial Foundation could be the target of a grudge attack in the first place.
But having invented the most famous computer to emerge from Britain in a generation, the Raspberry Pi Foundation isn’t any small non-commercial organisation as far as outsiders are concerned.
DDoS attacks are utterly routine but based on the description offered by staff this one looks as if it had more conscious design.
“We had a little flurry of SYN attacks last summer; but when the people on the other end of the botnet realised they weren't having much luck knocking raspberrypi.org over they decided to target some Raspberry Pi fan sites,” said Rasperberry Pi Foundation spokesperson, Liz Upton.
“[They] ended up focusing especially on a group of teenagers who were running a 48-hour Python hackathon to try to raise some money for our charity.”
After being overwhelmed at first, the youngsters treated the DDoS defence as a learning experience and fended off the attack, she said.
The Foundation received no blackmail demand and has assumed the attacks are the work of a “lone sociopath.”
“It's uncomfortable knowing you've attracted this sort of attention; we're pretty confident we've not done anything to outrage the blackhat community,” said Upton.
Although the organisation's website isn't used as a sales channel it is an important starting point for the computer's million-strong user base, as well as hosting its busy developer and user forum.
“It’s sad to see the Raspberry Pi Foundation, a charity with a good cause at its heart, has been the focus of a vicious attack," commented Arbor Networks channel director, Jeremy Nicholls.
"The explosion of inexpensive and readily-accessible attack tools is enabling almost anybody to carry out DDoS attacks."