Thursday, December 8, 2011

How a tweet turned into a DDOS attack {stories from the front}

Sometimes, I play reporter (for those of you who do not know, I was a reporter for years before I moved over to social/web).

Last night was one of those nights. 

Earlier in the day, our friends at the LATimes broke a story: Someone had posted a bunch of personal information on LAPD officers. The immediate question was “who?”

Around 5 p.m., the reporter who sits next to me figured it out. It was a hacker group called CabinCr3w. 

What did the other news sites do? They said “a hacker group.” The initial stories did not list the group’s name at all.

I have a personal interest in Anonymous, and the cloak-and-dagger side of the Internet thanks to dating one too many developer/nerd types. 

As Tami called the LAPD, I hit up the internet. I looked at the group’s tumblr, their twitter, and all their various profiles trying to find the post where they listed the info and anything else I could get. Then, using what we had, I tweeted.

Here’s what happened after that tweet.

I had more questions, so I asked them to DM me. We followed each other and then I got a DM that linked to an IRC chatroom.

I interviewed them.

Right about this time, we experienced a heavy load of traffic — what amounts to a denial of service attack. If you’ve ever experienced one of these you know it’s either that you hit something big or that there was an organized attack. We’ve had one before, but that was as a result of our stuff living on the same server as conservative news outlet. 

What is important about this to me is that no one else thought to tweet these guys. Other news outlets were too cautious or didn’t know to link to them or call them out. 

Because I sent out one tweet and @ mentioned the subject of the story, we got the story behind the story. 

That’s important to me. Being “of the internet,” I have always felt like few people have gotten Anonymous and hacktivism. I barely get it myself, but I’ve made an effort to learn as much as I could.

I asked CabinCr3w is they launched the DDOS attack. They said no. I asked if we had reported their involvement correctly and fairly. They said yes.

Just because they’re a part of a cloak-and-dagger movement doesn’t mean they are any less legitimate than any other source. 

The lessons?

  • @ mention subjects of stories, even if you haven’t interviewed them
  • Everyone is worth of an interview
  • Getting a better story using social media doesn’t take a large amount of mining or work. Sometimes, it’s a simple tweet.