Tag Archives: ddos-attacks

Latest Lizard Squad hack shows increasing strength of DDoS attacks

Bill Barry, executive vice president, Nexusguard, has prepared a comment in light of the recent Lizard Squad hack on Taylor Swift’s Twitter account: “The hack on Taylor Swift proves that the Lizard Squad has another string to its bow, having previously used DDoS attacks to bring down the Sony Playstation, Microsoft Xbox and Malaysian Airlines systems rather than infiltrating them. “It’s time for businesses and brands to realise the multi-faceted security threats presented by sophisticated cyber criminals. “The DDoS for hire space has become so lucrative that these mayhem-for-sport acts of hacking  a celebrity Twitter account is a way to build brand recognition and raise awareness that anyone, anywhere could be the victim of cyber attacks. “This heightened market awareness becomes a dangerous marketing engine to allow anyone with a slight motive to launch their own attacks at intended targets. “Using this tactic has meant that in a short time over 14,000 customers have signed up to use the Lizardstresser DDoS tool. “The Lizard Squad has proved, if nothing else, that DDoS attacks are becoming more effective. The methods used by DDoS networks to locate vulnerabilities within security systems are more sophisticated and automated. “Leveraging zero-day and zero-plus vulnerabilities in unprotected networks means that they are able to recruit and add infected computers to their attack army at an ever-alarming rate. “This increased rate of botnet recruitment not only gives the attacker a flexible arsenal of attacks for causing mayhem, but increases the overall effectiveness and success rate of each attack. “Imagine the leverage a group such as The Lizard Squad could gain by bringing down a betting website on Grand National Day, for example. “The best way to guard against zero-plus attacks to is to always be vigilant and proactively try to identify vulnerabilities and weaknesses in your system before the attackers do. For an enterprise,  this may mean compiling rules and guidelines on which online applications are approved for use, and implementing proactive monitoring at an application level to detect abnormalities as early as possible. “However, this is just the first layer of total protection – an effective defence requires in-depth, tailored implementation, not a one-size-fits-all mitigation solution. “With multi-vector attacks, all avenues of attack must be detected and mitigated. For example, sophisticated attackers like the Lizard Squad may be using a mixture of DDoS and hacking – no off-the-shelf product is likely to deal with such an approach effectively. “Best practice is to seek the guidance of a security specialist that can design and customise a solution specific to your business.” Source: http://www.itproportal.com/2015/01/30/latest-lizard-squad-hack-shows-increasing-strength-ddos-attacks/

View original post here:
Latest Lizard Squad hack shows increasing strength of DDoS attacks

Nearly half of all DDoS attacks uses multiple attack vectors

Akamai released a new security report that provides analysis and insight into the global attack threat landscape including DDoS attacks. Akamai observed a 52 percent increase in average peak band…

More:
Nearly half of all DDoS attacks uses multiple attack vectors

A new kind of DDoS threat: The “Nonsense Name” attack

There’s a new species of Distributed Denial of Service (DDoS) attack targeting name servers, which could be called the “nonsense name” attack. It can wreak havoc on recursive and authoritative name servers alike, and some of our customers at Infoblox have fallen victim to it—but it’s not always clear whether they were actually the targets. The “nonsense name” DDoS attack works like this: –  An attacker chooses a zone to attack, say foo.example . –  A botnet controlled by the attacker generates random domain names in the zone, with nonsense-first labels, such as asdfghjk.foo.example and zxcvbnm.foo.example . –  The bots send many queries for those domain names to recursive name servers. –  Those recursive name servers, in turn, send queries to foo.example ’s authoritative name servers for those domain names. –  The authoritative name servers send responses saying that the domain names in question don’t exist (in the DNS business, what’s called an NXDOMAIN response). –  The recursive name servers relay that response to the original querier and cache the non-existence of the domain name. –  Lather, rinse, repeat. If the attacker can generate queries quickly enough, the aggregate query rate will overwhelm the foo.example name servers. That’s when the fun really starts: –  The bots continue sending queries for the generated domain names to recursive name servers. –  Now that the authoritative name servers have stopped responding, the recursive name servers take much longer to process each query. In the case of the BIND name server, the name server can wait 30 seconds and send dozens of (unanswered) queries before giving up. –  This uses up recursive query slots on the recursive name server, which eventually runs out, denying additional recursive queries—some of them legitimate. When this happens, a BIND name server sends a message like the following to syslog : Jan 21 14:44:00 ns1 named[4242]: client 192.168.0.1#1110: no more recursive clients: quota reached At that point, the name server will refuse additional recursive queries, denying service to clients. Who’s the target? In most cases, the organization running the authoritative name servers (in this example, those for foo.examp le ) seems to bethe target. For example, some of the domain names in attacks we’ve seen are used by Chinese gambling sites. (Maybe someone is trying to exact revenge on the house for some tough losses?) However, the recursive name servers involved end up as collateral damage in the attack. Could they have actually been the targets? We’ve seen some evidence of this. Some of the zones involved in attacks against our customers have mysteriously disappeared a day or two after the attack, indicating that they likely weren’t in active use (and in fact were probably registered in a “Domain Tasting” scheme). The attackers could have deliberately registered these zones with slow or unresponsive name servers, so that resolution of domain names in the zone would take as long as possible. Of course, regardless of the target, the mechanism behind the attack remains exactly the same. Mitigation Generally speaking, you’d notice a nonsense name attack when your recursive name server starts running out of recursive query slots, as evidenced by the syslog message earlier. These messages provide the IP addresses of the queriers denied access by the lack of slots. First, ask yourself whether the IP addresses in the messages are addresses your name server should be serving. If not, you may be able to simply configure your name server with an access control list to restrict queries to authorized queriers. If the malicious queries are coming from legitimate IP addresses, clearly you’ll need to use another mechanism. One possibility is to use BIND’s very handy Response Policy Zones feature to temporarily prevent your name server from sending queries for the troublesome zone. An RPZ rule to prevent your name server from looking up foo.example domain names could be as simple as: *.foo.example.your.rpz.zone.         IN        CNAME            . You also need to set an option called qname-wa it-recurse to no ( for more information on these options click here). This will cause your name server to respond to queries for domain names in foo.example with NXDOMAIN without querying the foo.example name servers. If your recursive name servers don’t run BIND 9.10 yet (the first version of BIND that supports this option), or don’t run BIND at all, you can still temporarily set up an empty foo.example zone to prevent your name server from trying to look up data in the misbehaving one. The zone data file would be minimal: @        IN        SOA     ns1      root     2015010700 1h 15m 30d 10m IN        NS       ns1 Configure your recursive name server as authoritative for the zone—an exercise left to the reader—and it’ll simply answer most queries for foo.example domain names with NXDOMAIN (except queries for foo.example ’s SOA or NS record, obviously). Just remember that the RPZ rules or zone configuration is temporary. After the attack ends, you’ll need to remove them to be able to resolve domain names in the zone again. The good folks at the Internet Systems Consortium, who develop the BIND name server, are also working on new mechanisms to address the issue more subtly, by introducing two new configuration options: fetches-per-server and fetches-per-zone . Fetches-per-server places a limit on the number of concurrent queries a recursive name server can have outstanding to a single authoritative name server. The imposed limit is actually dynamic, and adjusted downward based on timeouts experienced when querying the authoritative name server. Fetches-per-zone places a limit on the number of concurrent queries a recursive name server can have outstanding for a single zone. Between these two features, administrators should be able to reduce the chance that their BIND name servers will be victims—inadvertent or not—of nonsense name DDoS attacks like these. Source: http://www.networkworld.com/article/2875970/network-security/a-new-kind-of-ddos-threat-the-nonsense-name-attack.html        

More:
A new kind of DDoS threat: The “Nonsense Name” attack

Facebook downtime was due to server fault, not DDoS attack

Unless you were living under a rock or had something better to do than check Facebook every single minute, you would have realised that both Facebook and Instagram was down for many people. However, despite claims that it was due to a DDoS attack, Facebook has said that the outage was because of a server fault. “This was not the result of a third-party attack but instead occurred after we introduced a change that affected our configuration systems,” Facebook said in a statement to the ABC. “Both services are back to 100 per cent for everyone.” Other services that also suffered an outage were Tinder and HipChat – both are now accessible at the time of writing. While Tinder hasn’t confirmed what caused the outage, HipChat has suggested that it was a database error. Facebook’s explanation is different to what Lizard Squad, known for their high-profile DDoS attacks on PlayStation Network and Xbox Live, recently posted on Twitter. A post suggested that they did a DDoS attack to take Facebook down. Another news organisation has casted doubt on Facebook’s explanation, citing a screenshot of IP Viking as evidence. IP Viking is a website maintained by security company Norse and displays cyberattacks in real-time. However, that does not necessarily proof that Facebook was taken down by a DDoS attack by attackers. IP Viking only tracks cyberattacks on Norse’s honeypot servers only – which emulate vulnerable servers to gather intelligence on attackers, such as IP addresses. While Facebook might have data centres in particular city, so do many other companies – like Norse. So, unless something drastic happens – like a massive data dump of personal information – to prove otherwise, then the outage was just a system change gone wrong. Source: http://techgeek.com.au/2015/01/27/facebook-downtime-due-server-fault-not-ddos-attack/

Read the article:
Facebook downtime was due to server fault, not DDoS attack

Malaysia Airlines Website Hacked by Group Calling Itself ‘Cyber Caliphate’

Airline’s Site Attacked by Group Claiming to Be Aligned With Islamic State Malaysia Airlines had its website hacked by a group that appeared to be trying to settle a score with a U.S. videogame company. Most visitors to MalaysiaAirlines.com for several hours Monday saw a message that said “ISIS WILL PREVAIL” at the top of their browser’s window, and the airline’s ticket booking and other services were unavailable. Instead, a large picture of a Malaysia Airlines Airbus Group NV A380 plane and the messages “404-Plane Not Found,” and “Hacked by Cyber Caliphate,” were displayed. Later, the site displayed a different image: a tuxedo-adorned, pipe-smoking lizard sporting a top hat and monocle. “Hacked by Lizard Squad, Official Cyber Caliphate,” it said, giving the Twitter handle for a group called Lizard Squad. A group calling itself Lizard Squad in December claimed responsibility for a cyberattack on videogame servers of Sony Corp. and Microsoft Corp. Later Monday, the carrier replaced the hacked version of its site with a pared-down version that allowed users to book flights. Both images displayed the Twitter handles for the accounts of what appear to be two men who work for Roxana, Illinois-based U.S. gaming company UMG, which hosts videogame events across the U.S. “We were not involved in any website being hacked in any way,” one of the men, Chris Tuck, told The Wall Street Journal via a direct message on Twitter. “The group who did it is a group of kids who aren’t fond of our company,” he said. “I presume they added our names to either scare us or warn us.” The other man whose handle was shown, UMG Chief Executive Robert Terkla, couldn’t be reached for comment. The Twitter timeline for Lizard Squad revealed recent Tweets directed at the two men about the alleged banning from events of certain gamers. It was unclear whether the gamers allegedly banned were involved with Lizard Squad. The owner or owners of the Lizard Squad Twitter account didn’t immediately respond to a request for comment via Twitter. It was unclear why Malaysia Airlines was targeted. The airline’s loss of two aircraft last year, which left 537 people dead or missing, brought global attention to Malaysia Airlines, which to that point hadn’t been widely known outside the region. In a statement, the company said its web servers are “intact” and customer bookings and data are secure. It said that its domain name system was compromised. Malaysia Airlines said the matter was immediately reported to CyberSecurity Malaysia, a forensics and analysis agency under the Ministry of Science, Technology and Innovation, and the Ministry of Transport. CyberSecurity Malaysia Chief Executive Amirudin Abdul Wahab said its investigation determined that it was a case of domain hijacking. Domain name servers are Internet phone books that translate Web domain names, such as MalaysiaAirlines.com, into numeric addresses computers use to reach individual machines. Tampering with domain names to divert traffic from the intended site would generally require less sophistication than a more complex breach in which a company’s servers are compromised and data is exposed. In December a group called Lizard Squad claimed responsibility for attacking Sony’s PlayStation Network and Microsoft’s Xbox Live videogame services. The group said that attack was a distributed denial of service attack, which disrupts websites by overwhelming them with data traffic. Source: http://www.wsj.com/articles/malaysia-airlines-website-hacked-by-group-calling-itself-cyber-caliphate-1422238358

More here:
Malaysia Airlines Website Hacked by Group Calling Itself ‘Cyber Caliphate’

DDoS dilemmas: how far can you predict attacks, and what can be done?

Distributed Denial of Service (DDoS) attacks are back in the news; it seems that barely a month goes by without media reports of a website or service being brought down by a DDoS attack. Sony’s PlayStation Network again became the victim of such an attack recently, while hacking group Anonymous is on a disabling offensive of extremist websites. DDoS attacks can come in a variety of shapes and sizes. However, the aim of a DDoS attack is always the same: to saturate a server with so many requests that it simply cannot cope, leaving legitimate users unable to connect. Attackers will sometimes use their own network of computers to launch DDoS attacks, but what is now more common is for them to use a network of PCs across the world that have been infected with malware that is capable of joining in a DDoS attack without the owner’s knowledge. We’ve written before about the easy availability of DDoS attack kits, which anyone can download and use to launch their own attacks. DDoS attacks were one of the primary methods used by Anonymous and LulzSec to tackle their victims: the Vatican, the Church of Scientology, the Australian government were all hit, as were Amazon, PayPal, MasterCard and Visa in response to their perceived lack of support for whistleblowing website WikiLeaks. Some of these big name companies could perhaps have predicted a DDoS attack was on its way; taking a stance against Anonymous would often leave a company in its firing line. In fact, Anonymous often warned targets that an attack was imminent. But for many other businesses, predicting a DDoS attack is difficult, and the results can be disastrous: loss of revenue-generating applications as well as reputational damage can negatively impact a business for years. Why would a company be a target for DDoS attacks? Hacktivism is certainly one reason, competition with rival businesses is another. But beyond that, it is tough to establish whether a business is at risk and, if so, from whom? With the exception of the aforementioned Anonymous messages, DDoS attacks can start without warning. So while predicting an attack may be difficult, protecting against one is less so. There are ways a company can keep its applications, services and even its whole network online without stopping legitimate traffic. A sophisticated firewall manager, application security manager and local traffic manager combined provide the protection needed to mitigate DDoS attacks, from blocking attack traffic to re-routing legitimate requests to ensure uptime. Analysis is also key: understanding who is attacking you, as well as how and why, can help prevent an attack from causing too much damage and can help protect against future attacks. Establishing which layer is being attacked (application, network or session, for example) will help a company know where to focus its resources, and intelligent firewall management will be able to inspect all traffic coming into a network and stop traffic that is coming from a DDoS attack. Source: http://memeburn.com/2015/01/ddos-dilemmas-how-far-can-you-predict-attacks-and-what-can-be-done/

Continue reading here:
DDoS dilemmas: how far can you predict attacks, and what can be done?

French DDoS attacks spike after terror protest

The firm leveraged its Arbor Atlas initiative, which receives anonymised internet traffic and DDoS event data from 330 internet service providers (ISPs) worldwide, to view events in France in the days after the protest, which was in response to the Charlie Hebdo shootings that left 20 people dead. The magazine was targeted by ISIS sympathisers and others unhappy with the satirical magazine’s ridiculing of Islam, including its depiction of the Prophet Muhammed. The publication also satirised other religions. Comparing the DDoS attacks between January 3-10 and 11-18, the US security firm found that there were 1,342 unique attacks – an average of 708 attacks a day – during the two week period. However, the firm noted in a recent blog post that the number of DDoS attacks after the march rose by 26 percent with the average size of DDoS attack growing 35 percent. In the eight days prior to the attack, the average size was 1.21Gbps but this later increased to 1.64Gbps. The vast majority of these DDoS attacks were low-level although the number of attacks larger than 5Gbps did double in the days after the protest. Arbor reports that one attack measured as high as 63.2 Gbps on January 11. “This is yet another striking example of significant online attacks paralleling real-world geopolitical events, wrote Arbor’s threat intelligence and response manager Kirk Soluk. Speaking to SC after it first emerged that ‘thousands’ of French websites were facing cyber-attacks, Corero Network Security CEO Ashley Stephenson said that DDoS attacks were increasingly being used as an attack tool during international conflicts. “Whatever the motivation – cyber-terrorism, retaliation, religious incitement, radicalisation… It is clear that modern conflicts will be fought in the cyber-world as well as the real world,” he said via email. “The internet should be better protected against all of these associated cyber-threats. Increasingly we are seeing DDoS used as a tool in and around these conflicts and we should be prepared to institute increased cyber-security to protect this vital resource.” Last week, Admiral Arnaud Coustilliere, head of cyber-defence at the French military, said that about 19,000 French websites had faced cyber-attacks in the days after the shootings, although one source closely connected with the clean-up operation for some of these sites later told SC that hacking groups from Tunisia, Syria, Morocco, the Middle East and Africa had largely ignored DDoS as an attack vector because such attacks “didn’t work”. Instead, Gérôme Billois, senior manager of Solucom, said that these groups – also believed to often be ISIS sympathisers – had looked to scan thousands of websites to identify and exploit common WordPress, Joomla and other content management system (CMS) vulnerabilities. Source: http://www.scmagazineuk.com/french-ddos-attacks-spike-after-terror-protest/article/393796/

Read this article:
French DDoS attacks spike after terror protest

City of Fort Lauderdale Spends $430,000 on Cyber Security After DDoS Attack from Anonymous

After getting hacked by cyber activist group Anonymous last month for its homeless laws, the City of Fort Lauderdale beefed-up its cyber security network with a hefty $430,000 worth of improvements. But city officials say it wasn’t the Anonymous attack that made them spend almost half a million dollars on computer upgrades – they were planning on doing it anyways. Back on December 1, hacktivists attacked the city’s main website – fortlauderdale.gov – and the Fort Lauderdale PD’s website – flpd.org – with a distributed denial-of-service (DDoS) hack, which bombarded the websites with so much traffic that they had to shut down. The attack only lasted a few hours, however, and the sites were back up by evening.   In a video warning of the attack, a masked hacker wearing the Guy Fawkes mask that has become synonymous with Anonymous demanded that the city drop the three controversial ordinances in the next 24 hours. “It has come to our attention that Mayor John P. Seiler has become an embarrassment to the good law-abiding citizens of Fort Lauderdale,” the hacker says. “You should have expected us, Mayor John Seiler.” City officials hope the new upgrades will be able to prevent this and other types of attacks in the future. But Seiler is quick to point out that these plans were in the works before a group of hackers in plastic masks made good on a threat to shut down an entire city’s web presence if laws against feeding homeless people weren’t struck down. “Certainly, Anonymous probably expedited the work that needed to be done and probably exposed some areas that needed to be addressed,” Seiler tells the Sun-Sentinel . “I wouldn’t say that [the expense] was all tied to Anonymous in any way, shape, or form.” The vast majority of Fort Lauderdale’s computer upgrade bill is going for consulting and oversight. From the Sentinel : City manager Lee Feldman broke down the emergency expenses: $366,989 for specialized security consulting and oversight services; $45,398 for software licenses to manage and control computer activities; and $17,907 for hardware to strenghten the computer infrastructure. The City of Fort Lauderdale is just one of the latest victims of Anonymous’ DDoS attacks. Past victims include credit card giants Visa and Mastercard, as well as online payment system Paypal, which lost almost $6 million in 2010. The reason for the hack was because Visa, Mastercard, and Paypal decided to stop allowing people to donate to Wikileaks via its systems. Two of the three hackers, who are from the United Kingdom, were caught and sentenced to prison terms of seven months and eighteen months. And Fort Lauderdale isn’t the first city to be targeted by Anonymous DDoS attacks, either. That distinction is shared with Albuquerque’s police department, whose website was crashed in March, 2014 in retaliation for the police-killing of James Boyd, an unarmed, mentally ill homeless man who was shot to death. Source: http://blogs.browardpalmbeach.com/pulp/2015/01/city_of_fort_lauderdale_spends_430000_on_cyber_security_after_hacktivst_group_anonymous_attack.php

View article:
City of Fort Lauderdale Spends $430,000 on Cyber Security After DDoS Attack from Anonymous

Thousands of French Websites Face DDoS Attacks Since Charlie Hebdo Massacre

Nineteen thousand French websites have been attacked since the Charlie Hebdo terrorist attacks last week, according to French military head of cyberdefense Adm. Arnaud Coustilliere. The attacks have been carried out by a variety of hackers, including “more or less structured groups” and some well-known Islamic groups, Coustilliere said. Most have been minor DDoS attacks, carried out on sites for everything from military regiments to pizza shops. “What’s new, what’s important, is that this is 19,000 sites — that’s never been seen before,” the Associated Press quoted Coustilliere as saying. “This is the first time that a country has been faced with such a large wave of cyber-contestation.” The Huffington Post published a story earlier this week on Algerian hackers attacking French sites in response to the publication of offensive images by the French magazine. Those hackers included members of a group called Anonymous Algeria, though the similarly named group Anonymous explicitly expressed support for Charlie Hebdo while vowing to disrupt terrorist websites. Coustilliere characterized the attacks as a response to the public outpouring of support for free speech and the victims of the attack. Arbor Networks counted 1,070 DDoS attacks in a 24 hour period this week, CBC said. For comparison, Arbor says the US hosts 30 times more sites and suffered four times more attacks, meaning French sites are roughly 750 percent more likely to be attacked. Jihadist hackers also hacked US military social media accounts on Monday, and the intersection of hacking with the revived “war on terror” promises to further muddy a whole raft of long awaited regulatory reforms related to internet communication and security. The European Union and UK have both suggested more monitoring of internet communication is necessary since the attacks. Source: http://www.thewhir.com/web-hosting-news/thousands-french-websites-face-ddos-attacks-since-charlie-hebdo-massacre

More:
Thousands of French Websites Face DDoS Attacks Since Charlie Hebdo Massacre

Anonymous launching DDoS attack against the Montreal Police for Their Treatment of Homeless People #OpSafeWinterMTL

Members of the hacktivist collective Anonymous have launched new protests in reaction to the dismantling of a homeless camp at Viger Square in downtown Montreal as part of a project they started last year dubbed #OpSafeWinterMTL. The group has executed one distributed denial of service (DDoS) attack against the Service de Police de la Ville de Montréal (SPVM) and occupied the square for a short time; members are calling for a permanent moratorium on police winter raids of homeless encampments. On January 7, without warning and in the middle of a cold snap—temperatures had dropped under -22 degrees Fahrenheit during the night—city crews bulldozed the encampment while SPVM officers watched. Last week, in an interview with the CBC, Montreal police spokesman Laurent Gingras argued that it’s a matter “of cleanliness, of public health,” and that the City had mostly collected garbage and soiled needles. “There was some good stuff in there,” said Jacques, 49, who returned to Viger Square on Monday after camping at the site for about three months. CBC’s footage from the dismantling clearly shows bulldozers piling up mattresses, blankets, pillows and sleeping bags. “This is all they have,” an Anonymous activist told VICE, outraged at how the Montreal government destroyed and confiscated all their belongings—including winter gear provided by Op Safe Winter Montreal activists on December 23. “This has nothing to do with public health, it has to do with aesthetics,” the activist said. “What’s actually a hazard is still on the floor,” They pointing out that used syringes were still lying around in a corner of the destroyed encampment site. The encampment is located in the lower downtown area, right across the street from the new Centre Hospitalier Universitaire de Montréal (CHUM) construction site and half a kilometer from City Hall and the tourist-friendly Old Montreal—leading some to believe that the camp’s removal had more to do with optics than public health and safety. Brutally removing the homeless population is nothing less than “an act of war against the poorest of the poor,” the activist told VICE. “The encampment was tolerated for a long time,” another Anonymous activist added, saying there was no reason to dismantle it in the middle of winter. SPVM Commander Vincent Richer insisted, however, that “the interventions that were made, in the context of extreme cold weather, were made with regards to the safety and health of homeless people.” He also noted that interventions with homeless people were made in partnership with health services and with the Old Brewery Mission, and that the material the city bulldozed was soiled and caught in the ice. In response to the city’s raid on the Viger Square homeless encampment, Anonymous launched a call for an occupation of the site and threatened the city of Montreal with attacks on its cyber infrastructure. “Anonymous will not stand by and allow the SPVM (Montreal police) and the City of Montreal to attack homeless camps in the middle of winter,” the hacktivist group stated in a January 11 press release. “We love this camp,” said one #OpSafeWinterMTL activist. “We want to help. We’ve got people ready to build a kitchen,” the other added. Two SPVM officers came by early Monday afternoon and took down all the signs that had been put up around the square. They told the activists that the occupation would not be tolerated. “Encampments have always been forbidden,” an officer named Fradette told both activists before she and her partner went to check out the site where homeless people had already started setting up a new camp. When the activists were told they would be evicted by nightfall, Anonymous launched a DDoS attack on the SPVM’s website, and successfully brought it down just before 5 PM. In recent years, Montreal police have been criticized for their questionable handling of the homeless population. A year ago an SPVM officer was caught on video threatening to tie a homeless man to a pole in the biting cold of January. A 2012 study showed that homeless people counted for 25 percent of all tickets gave out by the SPVM in 2010—a 7 percent increase from 2006. At Viger Square, Jacques told VICE, “Every week we get harassed by police… That’s not right.” SPVM officers have also been involved in the killing of several homeless men in mental health crises. A public coroner’s inquiry was launched this week into the shooting of Alain Magloire, who was gunned down on February 3, 2014, just a few blocks north of Viger Square. With an estimated homeless population of around 30,000, the homelessness crisis in Montreal is serious. In an attempt to alleviate the problem, last fall the city adopted an action plan on homelessness, which includes “reinforcing the exercise of citizenship.” “Raiding encampments and destroying precious cold weather gear belonging to the homeless is an act of war against the poorest of the poor,” Anonymous declared in its statement on Sunday, accusing Montreal of neglecting the needs most vulnerable population. The action plan adopted in September 2014 does involve creating a position of “homeless people’s protector” who would engage in regular consultation with homeless people and launch public consultations into issues of social profiling by the SPVM. But the watchdog for homeless people’s rights has yet to be appointed—and apparently Anonymous is attempting to step into that role instead. Source: http://www.vice.com/read/anonymous-has-targeted-montreal-police-for-their-treatment-of-the-homeless-283

See original article:
Anonymous launching DDoS attack against the Montreal Police for Their Treatment of Homeless People #OpSafeWinterMTL