Today, we have an unfortunate announcement to make. For about one month, Biology Fortified has been the target of an ongoing Denial of Service attack, which has been taking our sites offline. We have prepared a video announcement to tell you more about it, and to make an appeal to the attacker for them to stop trying to take down our site. We are seeking the support of our readers and everyone else who agrees that this kind of attack has no place in debates about science.
Facts about the Attack:
- The Denial of Service attack has been ongoing since the beginning of October.
- The attacker is primarily using a server in the Netherlands, at IP: 80.82.78.166. This server belongs to a company called Ecatel, and there is copious documentation available online that shows that Ecatel is a common server host used for Denial of Service attacks.
- The attacker is primarily using POST floods to attack our site, and may be using SYN floods as well, however we have been unable to confirm this at this time.
- Both our main site at biofortified.org and the GENERA project at genera.biofortified.org have been targeted. Other subdomains that have not been publicly named have not been targeted.
- Several other IP addresses are engaging in Brute Force hacking attacks to try to get administrative access to our sites, which may be just bots that attack random sites, but some could also be coming from the same attacker(s).
- Some of these Brute Force attacks are trying to guess administrative usernames based on the name of our organization.
- The offending IP address has sent about 300,000 requests to our server over a span of about 3 weeks.
- We do not know the ultimate goal or motivation of the attacker is.
What this Means
Someone – we don’t know who – has been denying our right to freedom of speech and expression, and denying your right to read what we write, and access the resources we publish through our site. Thankfully, due to the dedication of volunteers, we are currently successfully defending ourselves against the attack, however it is using a significant amount of resources to do so. It also means that to guarantee that we can remain online, we need to pay the services of an experienced server administrator who can devote time to enhancing the speed and security of our system to guard against future attacks and respond quickly in real-time.
We need your support to continue to defend ourselves against this attack. Please consider making a donation to help keep us online!
Checks can also be sent by mail to:
Biology Fortified, Inc.
6907 University Ave. #354
Middleton, WI 53562
#DontSilenceScience – Add your Voice
We are asking our readers, supporters, and everyone else who receives this message to lend your voice in support of our call for the attacker to stop their attacks. There are several ways you can do this. You can sign our Open Letter to express your support for us, and your opinion of this attack. You can also tell us what you think about it on social media sites such as Twitter, Facebook, and Google+ using the hashtag: #DontSilenceScience. We also encourage you to raise awareness about this attack on your own blogs – and we would love it if some of you out there could put together your own videos expressing your support for us. Send them to us and we will add them to the chorus. With your help, we can make sure that they Don’t Silence Science.
Don’t Silence Science, an Open Letter
Dear Attacker,
In October 2014, you attacked our server with a Denial of Service attack. This took our websites offline, preventing us from accessing our sites. It took down our blog, silencing our voice and the voices of our contributors. It took down our forum, silencing our readers. It took down our resources, such as our GENetic Engineering Risk Atlas, silencing the science we are communicating to the public.
Taking down our site and blocking access to the resources that we publish is wrong. This is not how people in a civilized society debate contentious topics. In fact, by blocking our views you don’t even advance your own opinions. If there is to be any resolution of the issues we discuss on our site, it will come through sharing information and perspectives, not trying to drown each other out. We ask that you consider this fact, cease your attack against us, and join us in conversation.
We are asking our supporters to add their voice to our request below, and you can read their comments on this page.
Regards,
The Board of Directors of Biology Fortified, Inc.
My computer is acting up and I had assumed it was that or my incompetence that caused me to have trouble retrieving papers recently. I have sent the info requested above. Along with a completely tactless comment. If you did not get it please let me know. And I will rephrase more strongly. As I am getting angrier and angrier. To those who support such criminal behavior. Keep your disgusting mouths shut around me for a few days. If you fail to heed this advice your ability to chew food could be painfully compromised.
Anonymous stated they were going to be going after Monsanto and other groups over the past few months. I believe Biofortified was also listed in their list of targets.
OpGreenRights may be one of the main culprits, though i’m not sure on that.
https://twitter.com/OpGreenRights
Thanks, Sterling. Do you have any more information about this? If we were named in a list of sites associated with this, that would help us to understand why this attack is going on.
I’m a systems administrator who specializes in WordPress. WordPress based pages are continuously being attacked all over the Internet, especially login pages. It’s a good idea to add a 2-factor authentication plugin (like Google Authenticator) as well as limit login attempts.
You also might want to look into using a web application firewall like Securi, Cloudflare, and the free BruteProtect.
Hopefully the major attack can be blocked at your firewall.
It sounds like you have things under control, but feel free to contact me if you need any pro-bono advice.
Sigh. Thugs. Destroying scientific research. Destroying science communication web sites. You must be a big threat to them.
But you can’t keep science down for long. I’ll kick in some funds for the defense of science and speech.
Here, here MaryM.
Found out from IT guy that I might have to get rid of yahoo. They are having problems. I signed up to get follow comments and received no e-mails for the following 3 comments. Trivial, but might be related?
@ Karl, Why is simple. When I sign out of e-mail. I get taken to yahoo. news. I often read and comment on history, economics and other topics, including g.e.s I am seeing folks posting your articles more and more. You folks are becoming a primary source for those attempting to refute the crazies. Thus you must be silenced. Is probably the criminal thinking. I would be very surprised to learn the GLP is no under attack as well. Also Kevin Folta is a likely target.
If the attacks are coming from mostly one IP address, why not just block it?
Sadly, this is not uncommon. The motivation may be random malice, financial gain, or a specific response to the content of your site (a badge of honor?).
Blocking known IP addresses is straightforward; distributed attacks are more of a threat. I wouldn’t be concerned about people trying to guess your login ID and password. I also wouldn’t try to appeal to the hacker’s better nature: it’s a bit like asking a piranha not to bite.
I’m sorry it has come to this, but not surprised given the vitriol of the anti’s of late. My check is in the mail and it is more than last time.
Karl, Here is the discussion from Mike Roth on GMO SkeptiForum. I don’t see Biofortified listed, but their list might have grown:
https://www.facebook.com/groups/GMOSF/permalink/469801383159117/
If its just one site, you can block it at the network layer level so the request never gets to your web server, which takes a massive load off your server and prevents it brute-forcing an exploit. On Linux, a tool like fail2ban can do this automatically by spotting failed logins and other bad behaviour in log files and then blocking hosts for time periods at the network layer level by putting them in a jail. The real nasty DOSs are distributed DOS where a master host directs a bunch of slave “bots” to hammer a site. This is hard to block at the network layer level because so many different hosts are attacking. But this looks trivial…
We did block this IP address, but for a time we let it keep trying so that we could gather data on how they were doing it. They can switch to other IP addresses and start again if all we do is just blackhole that address. Instead, we sought a robust solution that would recognize the attack if it continued from a new IP.
Thanks, Mike. We were thinking about Sucuri and Clourflare, and we didn’t know about BruteProject, so we’ll check it out!
We use the WordPress plugin “Limit Login Attempts”, which blocks multiple attempts while keeping a log of IP addresses and attempted login ID’s.
Many attempted attacks on our site also showed up in the Project Honeypot database https://www.projecthoneypot.org
Folks, DoS mitigation is doable via technical means much more effectively than by writing a letter to the attackers. This starts with the organization hosting the site. If yours doesn’t offer this service, it might be time to relocate. I can help; feel free to email me.
I threw in $20 bucks. This site has been invaluable to me. The donation is about the closest I can come to flipping the bird to censorship, whatever its form. Mr. Olins is probably correct, appeals to reason probably won’t sway the hackers. But, if the result is that for their efforts, the hackers caused this site to expand its funding base and it comes out other end even more resilient to such tactics, that might be a disincentive.
Good Luck.
I wonder if the attack was timed to coincide with the heat of the recent election. Any links to Biofortified would have been inaccessible during the time when most people would want to use this site as a prime resource.
Either way this attack proves they are desperate to not only silence those that don’t agree with them, but silence any one with questions about biotechnology in general.
I had this happen on one of my machines. I decided to disable the xmlrpc.php by editing my .htaccess file and putting the following in it to deny access:
Order Allow,Deny
The code I left got cut off but this page shows multiple ways to disable or block access to xmlrpc.php http://wordpress.stackexchange.com/questions/156522/restrict-access-to-xmlrpc-php – The way I used is the htaccess method.
I’ve recently had the opportunity to participate in the last COP 7 in Korea. Latin America in general, is moving forward to biotechnology (including GMOs), Southern Asia is on the same track (and many of those countries didn’t even care to attend the meeting). The discussions around Cartagena Protocol are changing, more researchers are involved, more people is learning. But these eco-terrorism groups are really a drag! They were the ones printing and using lots of paper, they are the ones who waste lots of money carrying their people and flying here and there. I use biofortified for several reasons and as a reliable source for scientific information in my job. I too have to struggle with people who thinks all this technology is wrong. An attack to the work that is been done, shows how SCARED people is to LEARN and be informed. Next will be synthetic biology.