Censor & Contend : The Use of Denial-of-Service Attacks in Autocracies

Cite This

Files in this item

Checksum: MD5:d0b1eff0ce45101b5c6602d8ec6b561b

LUTSCHER, Philipp Matthias, 2020. Censor & Contend : The Use of Denial-of-Service Attacks in Autocracies [Dissertation]. Konstanz: University of Konstanz

@phdthesis{Lutscher2020Censo-49615, title={Censor & Contend : The Use of Denial-of-Service Attacks in Autocracies}, year={2020}, author={Lutscher, Philipp Matthias}, address={Konstanz}, school={Universität Konstanz} }

eng 2020 2020-05-25T09:03:56Z Censor & Contend : The Use of Denial-of-Service Attacks in Autocracies Attribution-NonCommercial 4.0 International In recent years, cyberwarfare has been a hotly debated issue. In this dissertation, I investigate the use of one particular type of cyberattacks: Denial-of-Service (DoS) attacks. These relatively simple attacks overload servers with Internet data traffic, making them temporally not reachable. Most of the public and academic attention has been on their use during interstate conflicts. Even so, in this dissertation, I show that in autocracies domestic reasons are primarily responsible for the political use of DoS attacks.<br /><br />To explain the use of DoS attacks, I connect literature from three research fields: social movements, autocratic politics, and international relations. From this, I develop two main theoretical mechanisms for the political use of DoS attacks in autocracies. The latter are employed to censor threatening websites or to contend governmental policies of the own or other states. I rely on two new data sources that measure DoS attacks. The first comes from the Center for Advanced Internet Analysis (CAIDA) at the University of California, San Diego, measuring DoS attacks from Internet traffic data. The second is an own measurement for news websites in several authoritarian countries, where I query the websites' status codes to infer DoS attacks. Both the theoretical framework and new data sources represent a new and previously absent contribution to the study of cyberattacks.<br /><br />In the first paper, which was jointly written with Nils B. Weidmann, Margaret E. Roberts, Mattijs Jonker, Alistair King, and Alberto Dainotti, the goal is to explore whether politically domestic events increase the likelihood of DoS attacks. We investigate whether the number of DoS attacks increases during election periods from 2008 -- 2016 worldwide. We expect that the frequency of DoS attacks rises especially in autocracies as here both governments and activists have incentives to employ them. Using the data on DoS attacks provided by CAIDA, we show that election periods in autocracies are positively associated with the number of DoS attacks. However, this increase is not necessarily visible on the autocracy itself but on foreign servers where country-related newspapers are hosted. In conclusion, our study suggests that authoritarian governments use DoS attacks to export censorship beyond their borders and attack servers abroad.<br /><br />In the second paper, I investigate the censorship function of DoS attacks in greater detail and explore the reasons and timing for attacks on websites. For this, I monitor several news websites in Venezuela from November 2017 to June 2018. I argue that DoS attacks target news websites to censor sensitive information temporally, but also to send repressive signals to these media outlets. In the empirical part, I investigate these mechanisms by looking at whether reporting on specific news topics increase the likelihood of DoS attacks in the short- and medium-term. Since it is a priori unknown what news are sensitive, I employ topic modeling approaches to determine topics Venezuelan news websites report on. The results show evidence for both mechanisms. However, the use of DoS attacks on news websites as a repressive tool appears to be more pronounced.<br /><br />In the third paper, I revisit the claim by many pundits about a cyberwar between nations and investigate a potential coercive use of DoS attacks. In this paper, I focus on liberal sanctions, where one can expect a digital response by targeted states. I propose two mechanisms of why this may be the case. First, states could respond to both sanction threats and impositions with DoS attacks to achieve concessions by the sender state. Second, governments and/or groups within targeted countries may launch DoS attacks to signal discontent. For the empirical part, I again use the data provided by CAIDA and time series models. The results do not show an increase of DoS attacks against sender countries after sanction threats, and, only in a few cases, a significant increase after sanction impositions. These results question the use of DoS attacks as a widely employed coercive tool for interstate conflict. As supported by an additional case study, it is rather activists or patriotic hacking groups that may use them as a contentious response in this context.<br /><br />In conclusion, my dissertation makes at least three important contributions to the previous literature. First, I show that DoS attacks are used in autocracies for political reasons and that especially domestic events appear to trigger them. Second, I develop theoretical explanations for why and when certain actors employ DoS attacks in autocracies, finding primarily evidence for a censorship use of DoS attacks. Finally, I use two new measurements of DoS attacks, allowing to conduct more accurate empirical analyses and to get a more comprehensive picture of cyber activities. Lutscher, Philipp Matthias 2020-05-25T09:03:56Z Lutscher, Philipp Matthias

This item appears in the following Collection(s)

Search KOPS


My Account