Hackers attack Manila broadsheet’s website

CMFR/Philippines – A Manila broadsheet newspaper’s website almost shut down due to a barrage of bogus page-requests, in a “distributed denial of service” (DDoS) attack on 13 September 2013. The attackers also exploited vulnerabilities of the news website’s content management system (WordPress), to redirect requests for news reports and opinion articles to a porn site, which resulted in Google and Facebook’s marking the web-pages as malicious spam and banning the web-pages from being shared.

Manila Standard Today advisory

Writers for the broadsheet pointed out that the “cyber-attack” happened the day after an opinion column critical of the Philippine president was published. A presidential spokesperson denied that the President’s communication team was behind the attack.

Manila Standard Today (MST) online editor Christian Cardiente said the cyber-attacks that started on Friday, 13 September, were not the first the site had experienced, but were more intense.

“Our site was bombarded with huge request packets which caused the server (central processing unit) resources to be utilized to the brim of shutting down – by as much as 98 percent,” Cardiente said in an e-mail to CMFR last 27 September 2013. “The attackers wanted to simply shut us down.”

Aside from the DDoS attack, the attackers also targeted the site’s social media sharing function. “The hacker used the “addthis” exploit in WordPress and it evidently wanted the sharing features of (Facebook) disabled,” Cardiente said. “All September 16 articles were inaccessible and could not be shared over Facebook.”

Although the attacks were still ongoing at the time of writing, Cardiente said MST’s service provider was already able to mitigate the worst of it.

MST reporter Christina Herrera said the cyber-attack intensified when the newspaper published former senator Francisco Tatad’s op-ed articles critical of President Benigno Aquino III and the administration’s allies.

“Who else could have benefited from the attack?” Herrera asked CMFR in a phone interview on 20 September 2013.

On 16 September, when the cyber-attack prevented Facebook sharing of all articles on the MST website, the newspaper published Tatad’s op-ed, “‘Napoles had lunch at Palace before she surrendered to PNoy’”. Tatad alleged that the Malacañang Palace (the President’s official residence) staged the surrender of Janet Napoles, the woman at the center of a multi-billion peso scam involving the plunder of government funds.

On 17 September, another MST columnist,  Jojo Robles, wrote that while it is easy to think that the attack was done by “anonymous people who are just, on their own, sympathetic to the Aquino administration … you can’t help but ask if this is another (Presidential) Communications Group operation.”

In an e-mail to CMFR on 26 September 2013, deputy presidential spokesperson Abigail Valte denied the speculation.

“We are not in the habit of attacking the websites of any newspaper that publishes reports or columns that are critical of the administration,” Valte said.

“It is public knowledge that our own websites have also been the subject of cyber attacks from various groups. We have condemned actions like it and certainly do not tolerate such. Certainly, finger-pointing based on circumstantial evidence is counter-productive and helps no one,” the spokesperson added.