Responding to Attacks on MIA — One Long Night of Zombie Whack-a-Mole

Natan
30
84

Mad in America has been under a low-grade attack by hackers for several weeks.

I first noticed an odd traffic pattern in our Google Analytics account, indicating that the front page was receiving more than ten views for each unique visitor. This means that some minority of accounts was reloading our front page over and over again. This is called a botnet attack, where a hacker uses a set of zombie computers, often compromised by malware, to perform repetitive tasks.

When this came to my attention I began setting up extra security software on the site. Alas, my first attempt ended somewhat disastrously in a totally crashed Mad In America that took almost an hour to recover.

Shortly thereafter, we began experiencing a major spike in traffic due to the viral sharing of Bruce Levine‘s Why Anti-Authoritarian’s are Diagnosed as Mentally Ill article. This was last Friday, May 3rd. Curiously, our referral traffic indicates that the hacker community was a major source of this legitimate wave of new readership!

As many of you noticed, the site became virtually unusable for logged in users. Our traffic spiked considerably on Wednesday. Over the past week we’ve served more unique readers than we usually do in a month — and we are still experiencing exceptionally high traffic on Bruce’s article, which now has a very broad base of fans including almost a thousand readers from Portugal!

With the site crippled, my first priority was to keep it operational and to appease our VPS web host, who was threatening to shut us down because the load was impacting other users on our physical server. This crisis prompted me to apply a number of important optimizations to our database and web server software. I also had to turn off several plugin features of the site in order or minimize the amount of code that was being run with each view.

I am very grateful to the Cloudflare service for its “I’m under attack” security setting, which allowed us to block almost all the illegitimate traffic instantly, and return the site to a functional state where the flood of new readers and returning users could all make use of Mad in America. While this setting was active, you noticed a five-second wait time before being able to access the site, during which Cloudflare expertly determined your humanness. Sometimes you may have had to answer a CAPTCHA challenge as well.

While effective, this inconvenience of the 5-second interstitial page is not a sustainable solution. I’ve never administered a site this size before, so I was feeling eager, and also out of my depth. I spent many long hours sifting through server logs and process lists, familiarizing myself with our various firewalls, trying to identify where this bad traffic was coming from and how to most effectively stop it, to little avail.

Last night I was finally able to setup security software compatible with our site, called Wordfence, and I was astonished. It’s one thing to understand an attack like this in theory, and another thing to watch it playing out before my eyes.

I knew by this point that turning off Cloudflare’s extra security would result in our server being flooded to the point of near-failure within minutes. But with Wordfence I am able to set rules that throttle the most problematic traffic while I used a beautiful real-time access log to manually identify and block the zombie bots once and for all.

This took a long time. It seemed like each time I blocked one, another one popped up in its place, like a game of whack-a-mole. At a certain point I was beginning to lose heart. Maybe this attacker had an army of thousands of zombies, and would just throw more at us for each one I blocked. Perhaps I would have to rely on strict automated rules that would still cause some strain on the server and inconvenience readers. Just then, after around two hundred blocked IPs, they stopped coming. I defeated the zombies.

Why are we Under Attack?

There is no easy way to determine the source of a botnet attack. One might suspect that this attack was personal in nature — a professional undertaking by somebody who feels threatened by our community.

On the other hand, these sorts of hacking attempts against WordPress sites are extraordinarily common. The larger we grow, the more likely we are to experience them. Hackers go after WordPress sites because, while quite secure, they have certain predictable vulnerabilities if not setup properly. These hackers hope to leave their mark, steal useful data, or simply gain experience in the field.

False Positives

In my zealous crusade last night, some legitimate readers were swept up the banning of IP addresses.

The reason for this is that the criteria I chose to ban was based on some odd behavior I thought to be exclusive to the zombies, but wasn’t. They would always try to load certain plugin files that have long since been deleted from the site. In fact, this is why Google kept showing them hitting our front page. Our site had a legacy script from our launch last year that was set to redirect all 404 – Page Not Found errors to our front page. This was meant to help people who had bookmarked or were following links directed to the old madinamerica.com blog, which has a different file structure than the current site.

So the bots’ attempt to load old files and poke around for vulnerabilities resulted in epic traffic redirected to our front page. Ironically, our front page is the most resource intensive page on our site to load, so in a way we were complicit in our own attack!

As it turns out, some of your browsers are also loading these old, non-existant files. I’m honestly not sure why yet. It may have something to do with your local cache. Last night when I noticed anybody loading the files I deleted months ago from the site, I just went ahead and banned them. I even banned the IP address Robert Whitaker was accessing the site from!

So, please, do not be too alarmed if your IP address was banned. Just shoot me a message at: [email protected] and I will remove the block right away.

Thanks for your patience, and for your ongoing support. Happy reading!

30 COMMENTS

    • Who knows. I find all of Matthew’s explanations possible, including that this was some experiment by some hacker group that is polishing their hacking methods.

      However, there is a little bit of “fishiness‎” in that this attack was coincident with the NIHM announcement and the increased traffic to MIA. But then again that also meant that probably the visibility of MIA increased amongst the hacker groups that look for targets.

      In any case, it was great the Matthew kept the site afloat during this critical time. We have witnessed history in the making during the last two weeks. It can only get better from here.

  1. I think Mad in America is being punked on a much bigger scale than just this hacking incident.

    One pharma astroturf group that’s prided itself on using hacker skills in web attacks on consumer activists is the Skeptics.

    The Skeptics are a really bizarre collective of “radical atheists” who prosylitize idesa which are not supported by most mainstream atheists– like violent rhetoric about nuking Islam off the planet based on Richard Dawkins’ pseudoscientific Lamarckian throw-back concept of “memetic evolution.” The group seems to include a lot of “religiously injured” which Einstein (an atheist) spoke of when he discussed his disinterest in fanatical atheism. The aimless, fanatical rage of the “religiously injured” was very easy to corral once the Skeptics began turning into an obvious industry-defense front group. From the moment their anonymous Schedule B donations shot into the millions, the group began defending pharmaceutical products, Big Ag and the nuclear industry. The group became enough of a threat that Chris Hedges, one of the most prominent voices of the Occupy movement and former NY Times correspondent who filed suit against the Obama administration for “indefinite detention,” wrote a book about radical atheism (as opposed to less radical atheism, which Hedges defends) and cultish “scientism” in 2007 called “When Atheism Becomes Religion.” http://www.yuricareport.com/Religion/ChrisHedgesI_DontBelieveInAtheists.html

    The Skeptics are now enmeshed with and active in trying to revive Stephen Barrett’s pharma-defense front, Quackbusters, Peter Breggin’s old nemesis. I could easily include a list of links which demonstrate the direct ties but it would take up a lot of space: anyone interested could find these ties that bind on their own. Skeptic Magazine founder Michael Schermer, a transparent corporatist, is on the board of multi-industry front group, the American Council of Science and Health, which includes pharma alum like Fred Goodwin and Skeptic-enmeshed figures like Steven Novella, Barrett and others.

    The Skeptics have also played entryist into the Mad Rights movement and Anonymous. Entryism into Anonymous was made pretty easy because of Wikileaks’ “leak” of Scientology documents, which Assange apparently thought was a very minor gesture since the group usually goes after government corruption. But since then a clearly Quackbusters-leaning faction has formed within Anonymous whose sole aim is to revive Scientology’s very useful Straw Man status in order to renew the 90’s front group trend of tarring all independent pharmaceutical whistleblowers with the “Scientology” brush. After the Zyprexa Paper’s scandal, the Scientology Straw Man approach became increasingly feeble and toothless. If you comb through the threads on this Anonymous faction site, the lines of influence, the sources of pharma propaganda and the entryist factor should be pretty obvious: https://whyweprotest.net/community/

    Since Assange vowed to release millions of documents, including many exposing pharmaceutical fraud, after the web attacks on Wikileaks after the Manning scandal errupted, clearly Wikileaks’ agenda towards Scientology was not about stealth defense of the pharmaceutical industry and the Anonymous/Quackbusters/Skeptic faction was not a Wikileaks-approved offshoot.

    Since many followers of Anonymous are very young, some are apparently naive about these industry lines of influence, industry entryism and clearly aren’t familiar with or canny about the clearly industry-generated jargon used by industry moles within Anonymous. It was probably very easy to just sic some of these young activists after the religious group due to Scientology’s cult history and because Scientology made threats against Wikileaks after the document leaks. The Anonymous rank and file don’t seem to be aware that Scientology may have been initially built up as a Straw Man when Scientology reportedly blindly accepted anonymous donations by Eli Lilly in the 1980’s (according to Robert Whitaker’s research). If this is so, it was a rather brilliant industry scheme to defend itself against legitimate and independent whistleblowers. All in all, the continued silly distraction of Operation Chanology has successfully diverted factions within Anonymous from bigger and more serious “hacktavism” targets and unfortunately has attracted some rather aimless hacktavists who bird-dog on targeting the cult and have grown invested in attacking sites which criticize drugs. This may in part have to do with the fact that much of Anonymous draws from the “Ritalin generation,” but frankly I think there are less naive followers of this entryist faction than there are simply Skeptic “moles,” many of whom are just fanatical ideologues in their own right.

    Fortunately not all Anonymous activists are fixated on this and the Occupy movement, which has several points of ideological crossover with Anonymous, is increasingly starting to focus on the threat of pharmaceutical drugs as means of social control.

    I assume the attack on Mad in America was done by some group of individuals related to the above interwoven collective who were either fully knowledgeable and cynical about their reasons for doing it or else were simply confused fanatical attack dogs typical in the Skeptics rank and file who were directed to bark in a certain direction. Using hackers from this collective provides the all-important “plausible deniability” for industry. Then again the attacks on Mad in America might be random. I kind of doubt it.

    For these reasons I’ve been extremely “skeptical” about Skeptic Magazine’s reasons for drafting people like Marcia Angell and publishing Bruce Levine’s “Killed by the Huffington Post.” https://www.madinamerica.com/2012/06/killed-by-the-huffington-post-article-now-on-the-newsstands-in-skeptic/

    I think the psychiatric reform community should be more wary of the fact that some front groups’ are growing sophisticated enough to use more time-honored and stealthy methods of propaganda, including the “hijacking” of figures from the opposition who are used to give an “eau de independent” smell to an industry-embedded publication. As MediaLens editors wrote in The Guardian in critiquing how George Monbiot guards his position as “pet progressive” by carefully retracting his claws in regards to select institutional and industry sacred cows (or brandishing them at select consumer dissident groups),

    “Their appearances stifle the idea that there is a need to turn elsewhere, to develop new forms of media. The more dramatic the better, from the media’s perspective – arrest Blair! Marvellous! This is just what they want to see – tiny doses of high-profile dissent keeping us all in our corporate media consumer boxes. This is actually a disaster for progressive change.” (Medialens editors, 27/10/09)

    Consumer dissidence has a long history of being hijacked and “absorbed” into astroturf operations and then systematically brought to heel. Activists get tired of censorship and become desperate and overly grateful to be given a pulpit and fail to look gift horses in the mouth or they may tell themselves that the manipulation “goes both ways,” and maybe they can shift the direction of an industry-leaning forum. When this kind of entryism, drafting and hijacking happens within the environmental activism, it’s part of “Greenwashing.”

    If Mad in America continues to allow itself to be used as the “progressive lipstick” on the front group pig, there’s really no hope that it’s going to make much of a lasting impact on important issues, partly because it shows a lack of scope and partly because this may mean it’s “letting in” the very forces that seek to destroy consumer dissent.

    Like Jim Gottstein’s refusal to have direct truck with Scientology- which is a good idea on many levels– I think there’s even more reason not to get tangled in the Skeptic’s astroturf scientism cult web. At least Scienotology, for all their crap, doesn’t call for genocide or support the new eugenics. Meanwhile the Skeptics… have called for medical mandates and imprisonment of consumer dissenters from commercial science; increased their ranks in the “alternative media” (Wired, Scientific American, Science Blogs, The New Yorker); have concertedly tried to cover up the original Skeptic icon James Randi’s pedophile tapes and are on board with Randi’s ties to the False Memory Syndrome Foundation (pool of expert witnesses that specializes in defending rapists and pedophiles by generating tobacco science to disparage victim testimony and has no branched out into creating strategy to deflect tort claims in pharmaceutical injury cases); long supported Skeptic Sam Harris’s support of torture and calls to nuke Islam off the planet and Dawkins’ eugenic neo-Platonism. If these associations continue won’t follow the MIA forum anymore, figuring at some point that there will be a repeat of the insider attack on Vera Sharav’s blog (which may have compromised subscriber privacy).

    Know thine enemy, as they say.

    • “If Mad in America continues to allow itself to be used as the “progressive lipstick” on the front group pig, there’s really no hope that it’s going to make much of a lasting impact on important issues, partly because it shows a lack of scope and partly because this may mean it’s “letting in” the very forces that seek to destroy consumer dissent. ”

      Not to take undue credit but I have warned in the past as well about MIA not getting into the temptation of being absorbed by so called “progressive” causes different from the matter at hand. There is a great deal of commonality among those who have been harmed by psychiatry. If MIA became by either admission or omission associated with those groups, it would lose a great deal of the appeal it has.

      However, there is very encouraging news that, at least by those at the leadership, it is not the case. No “leftist fringe” group would have been invited by the Vatican to speak about the dangers of drugging children, for instance.

  2. Matthew– I appreciate your description of how people on medications can be turned into freebie sales reps for industry because it’s almost a “belief system” they’ve been drafted into. There is something like this going on with the Skeptics. I’ve been following the issue long enough to have caught several active members of the group discuss their own or their children’s med regimens.

    Your general response is really reassuring, especially coming on Mother’s Day. Because of the risk that my children– anyone’s children– could be targeted for drugging (via schools, via child welfare as in increasingly typical cases like Maryanne Godboldo, etc.) I have a pretty visceral awareness of the need for independence among various consumer rights and pharma-reform groups and hopes that these various groups can trade and share information and perhaps even combine forces over certain interrelated issues. I have a lot of concerns about what will happen if consumer rights becomes captured and fractured.

    There’s safety in numbers in the consumer rights and psychopharm reform is absolutely key to this for many reasons– which I’m afraid the industry front groups are all too aware of as well. Occupy, which may have avoided the controversy ballast of getting too specific about pharmaceutical dangers for a while, has been changing this tact in the past year especially, which is consequently increasing the threat to industry posed by independent psychiatric reformists and drug critics. Because so many people in the US have been harmed by drugs, psych reform could be a watershed to make these issues mainstream. So I see the increasing attempts to “capture” the psych reform movement and cause divisions as a direct result of a growing unity in consumer rights. I think the attempt to form divisions is glaringly obvious, but only because my starting point in researching the Skeptics was via their link to the False Memory Syndrome Foundation, Randi, Elizabeth Loftus, Susan Clancy and their pet NY Times columnists Abigail Zuger and Susan Dominus (http://www.nytimes.com/2010/01/26/health/26zuger.html?_r=0 ) and their “friends” at Wired, Salon, etc. The organized rape-defense association coupled with Sam Harris’ long-standing high status with the Skeptics (https://www.youtube.com/watch?v=CqVNz7kdvd8 )put the group beyond any redemption as far as I’m concerned, even as they currently attempt a more open-handed “appearance” (Sam Harris was finally spanked for calling for genocide after years of enjoying total support from the group– and now he’s still involved and still calling for genocide).

    I don’t buy the new diplomacy– I believe they’re just taking a few strategic hints from the New York Times’ tablecloth trick of marching up to the edge of progressive discourse occasionally on rather trivial issues or periodically breaking “brave” stories… all the better to serve their traditional institutional and industrial bent while feigning independence.

    After getting the full aroma of what the Skeptics were about via FMSF and Harris and armed with informed cynicism, it’s quite easy to follow the money on their corporate defense agendas. I don’t think it would be that obvious to agnostics or mainstream atheists who got sucked in through the Skeptics’ freedom-from-religion stance and fish-in-a-barrel attacks on really dumb and transparent paranormalists, which only appeals to people who once bought into Psychic Network and now feel “brilliant” for seeing through what most people dismissed as crock from the start. Unfortunately, even with their goofy or hideous history, the Skeptic positions, due to their currently more sophisticated and orchestrated campaign to culture-jam and capture “progressives,” may prove to be an even more dangerous type of fanaticism than religious fundamentalism.

    I hope MIA will consider Hedges’ warning, research the Skeptics, follow the money regarding this groups’ increasing rallying around industry and institutional agendas, start recognizing the sources of some of the jargon being spread within the Mad Rights movement and take the Skeptics’ periodic “open handed” inclusion of pharma reformists’ POV with a serious grain of salt. The CSI/Skeptic collective is not about freedom of religion/freedom from religion but para-religious.

    As French political philosopher and historian Tzvatan Todarov wrote: “Scientism (the cult of science) does not eliminate the will but decides that since the results of science are valid for everyone, this will must be something shared, not individual. In practice, the individual must submit to the collectivity, which “knows” better than he does.” The autonomy of the will is maintained, but it is the will of the group, not the person…scientism has flourished in two very different political contexts…The first variant of scientism was put into practice by totalitarian regimes.”

    I risk putting too fine a point on this because, as Hedges also warned, it only takes a tiny minority of fanatics to shift history and this group is a lot more dangerous than many perceive. Again, not because they represent atheism but because they represent a new fundamentalism and idolatry which worships commercial science (and is amply rewarded for it apparently). Once any consumer group lies down with those dogs, I don’t think they’ll ever get rid of the fleas.

    Rejecting the enticement to take a Monbiot-like role with groups like this is going to become harder to do as forums such as Huffpost and other presumably independent media become increasingly tainted with industry control. It’s like being herded towards the mouth of a trap. MIA’s open-minded bid to look into the issue is extremely important.

  3. Just a quick thanks for navigating all of that and I definitely appreciate your (Matthew’s) recognition that a lot of young computer aficionado’s have gotten pegged with psych labels.

    Also, big thanks for ATG’s astute analysis on the misindentification of anything related to psychiatric human rights as being somehow affiliated with Scientology and what that means to Anonymous.

    I hope that soonsoonsoon the folks invested in global liberation and justice movements will recognize that, in many ways, corporate mental health and psychiatry are (in the Western world)among several keystones that help to hold the current economies and cultures of compliance in place. There seems to be more developing awareness of this.

    Thanks again for keeping things up and running!

  4. And I thought madinamerica.com is attacking my browser. Seriously, having several MIA tabs open sucked up a lot of resources from Firefox (and often the page didn’t finished loading, even it was rendered just fine). I think this behaviour stopped last week or the week before.

  5. Matt,
    My browser tab is set to load madinamerica.com when opened and I may open and close it more than ten times a day. So with that said and with the site blocking those over 10 views you are effectively blocking some routine viewers. If you continue this practice your viewership will effectively decline.

    I’ve enjoyed viewing this great site and it’s a shame that you’ve blocked out great viewers. If every inet site were managed in this manor the web would cease to function.

    My tip …. Hire a professional to manage security because there is a trojan hourse setting inside the firewall all ready.

  6. ATG is correct in his views. As I, and Cannotsay, have discovered, if one attempts to debate any view critical of psychiatry on any Skeptic discussion group, we are banned. (Debunking Denialism also). Steven Novella blogs http://theness.com/neurologicablog/ or http://www.sciencebasedmedicine.org/
    are prime examples, as are the JREF forums (Dr Novella is a director).

    This ‘religious’ movement in association with the hacker group Anonymous who for some reason have an issue with scientology, are probably behind these attacks. See this vid

    http://www.youtube.com/watch?v=y8gvllFQNlI

    There are many others that are similar on youtube.

  7. I have to say I am a little bit amused by this – but only at my end – not for the troubles you have experienced from the attack. It seems I came back to the site at the wrong time after not accessing it for quite a while. I just happened to read (at that very time) the article by Bruce Levine as I enjoyed reading ‘Commonsense Rebellion’ some years ago, therefore I might have initially been thought of as part of the attack.

    I do come back occasionally to this subject as there is still a spark of interest in me after many years of being passionate about it a long time ago. I just basically gave up because of there seemingly being not much support for alternate views (at least here in Australia at that time).

    It’s much better now however with the internet, Facebook etc as people can access endless information and connect with others who share similar views.

    When I read the current articles I felt right at home, nothing has changed in the way I think about it.