was being burglarized, in the hope of triggering a violent confronta-
tion between the police and the victim.
22
Fortunately, many 911 systems have been upgraded to avoid this
problem, and several attackers have been caught. One attacker was
recently sentenced to five years in jail, and there are other trials
pending.
23
Spreading the Attack
Of course, a reputation attack of any kind is harmless if it is hidden;
shouting insults into the wind does nothing but strain the attacker’s
voice. There are as many ways to spread a smear as there are smears,
but the categories described in this section represent some of the
most common methods of attack. They all rely on either getting a
message to as large an audience as possible (in order to make many
people aware of the smear) or to as targeted an audience as possible
(in order to make the victim’s friends, family, employers, or co-work-
ers aware of the smear). Attackers frequently mix-and-match means
of spreading a harmful message in order to gain both a wide and a
targeted audience.
Hosting the Attack
The most fundamental question for most online smears is how the
attacker makes it visible at all.
Sometimes an attacker will create an entire website or blog ded-
icated to smearing the victim. It costs just a few dollars to register a
domain name (“JoeSmithSucks.com”); in addition, many blogging
sites (like BlogSpot or LiveJournal) provide their services completely
free. The attacker can put any kind of content on her own site—in-
cluding photos, videos, text, and more. But, creating an attack site of
any kind does not guarantee that anybody will see it. The Internet
can be a very lonely place. If the Internet were a Western movie,
many websites would be ghost towns, complete with tumbleweed
slowly rolling across Main Street. There are hundreds of millions of
Types of Internet Attacks 13 3
Internet users, but almost none will randomly stumble across a par-
ticular attack site unless there is a reason to find it.
Other times, an attacker will use a discussion forum or social site
to spread his attacks. This can be done by writing an attack in a mes-
sage or by using social features of the site. Social sites are often very
easy to use and provide advantages for an attacker: the site comes pre-
stocked with an audience and with functions such as “forward to
friends” links and comment functionality. But, using these sites limits
an attacker to only the types of content allowed on the site (e.g., only
videos on YouTube or only photos on Flickr), and there is always the
chance that the site owner will remove offensive or attacking content.
Many attackers use hybrids of the these methods: Attackers who
build their own websites or blogs may try to drive traffic to the attack
site by creating a link directly through social sites, community web-
sites, e-mail lists, and other places.
Targeted Social Spreading
Sometimes, an online reputation attacker tries to spread the smear to
a targeted audience, often the close friends and peers of the victim.
One of the easiest ways to do so is by taking advantage of an online
community. The most basic version of this attack uses social net-
working sites like Facebook, MySpace, and Bebo. These social sites
are designed to allow groups of users to interact. For example, Face-
book allows friends to send messages to each other and allows all
users to post short messages in regional and academic-based com-
munities and to display messages on their close friends’“wall” (basi-
cally, a bulletin board for each user). Similarly, MySpace allows
friends to post “comments” on each others’ profiles and to send short
messages to one another. An attacker who uses any of these sites can
spread a smear by simply posting a comment on the victim’s profile
or wall or by posting the smear on the profiles and walls of mutual
friends. The result is that the smear is visible to mutual friends. This
behavior is common among high-school-age users of the sites and
frequently exacerbates disagreements that started in the classroom.
Wild West 2.0134
But, attacks using these sites are somewhat limited. These sites
attempt to eliminate anonymous attacks by forcing users to register
with their real names. Enforcement of the real-name requirement is
imperfect, but the majority of users are identifiable. And each of the
sites is designed to be somewhat privacy protective: MySpace re-
quires users to register and log in before they can view most photos,
and Facebook shows very little information to unregistered users.
Offensive comments may be seen by friends and peers, but often only
temporarily. And most comments made within Facebook or My-
Space are not currently indexed by Google, limiting the reach of the
attack (at least for now).
In order to avoid the privacy-protective features of social net-
working sites, many attackers launch their attack from other websites
used by the friends and peers of the victim. These websites often
have fewer privacy protections than the social networking sites, and
some are even designed to empower anonymous online smears.
These sites are usually targeted at a particular community of which
the victim is a member—perhaps a discussion site for the victim’s
college classmates, an unofficial gossip board for the employees of a
particular large company, or an unfiltered message board targeted at
aspiring doctors or lawyers. These discussion sites often allow an
anonymous attack to reach a wide swath of the victim’s peers and col-
leagues.
For example, the now-defunct site JuicyCampus.com marketed
itself as a gossip hub for college students, complete with subsites for
almost every U.S. college. The site’s homepage bragged that the site
was “totally anonymous—no registration, login, or e-mail verification
required.” Students were encouraged to anonymously submit short
tidbits of gossip, which were then displayed to other students. Pre-
dictably enough, the site became home to vast amounts of scandal
and innuendo. One typical JuicyCampus post claimed that “[name]
is the biggest fag/dick in [dorm]. agree?” Another typical post listed
eight women “guaranteed to [have sex] on the first night,” described
by full name and residence. Another series of posts attempted to
Types of Internet Attacks 13 5
identify the “ugliest” and “sluttiest” girls on campus. In the interest of
gender equality, some popular posts also described the “biggest
manwhores on campus” and tried to identify men “on the downlow”
(i.e., who were secretly homosexual).
Googlestuffing
The fastest way to hurt a man is now through Google.
—MODERN REALITY
The attacks we have described rely on reaching the peers and col-
leagues of the victim directly. But Google is so powerful that it can
do a lot of an attacker’s work for her.
Search engines like Google, Yahoo!, Microsoft Bing, and others
possess immense power. Most Web users look for information by
starting with a search engine. If a Web user wants to know more
about you or your company, the odds are quite high that she will
start by entering your name (or the name of your business) into a
search engine.
Attackers know the power of search engines and try to harm
their victims by inserting false or misleading information into the re-
sults of a search for the victim’s name. In many ways, search is a per-
fect way to spread a smear: search engines reach a massive audience,
and the attack is targeted precisely at people who are looking for in-
formation about the victim.
Attackers hope to cause the search engine to return a link either
to an attack site or to another site that has a copy of the attack (like
a forum discussion about the victim). To be effective, an attack of this
kind must appear near the top of the search results for the victim’s
name so that many users see the attack. The attacker would like
nothing better than to cause the entire first page of search results to
be smear sites, a practice we call Googlestuffing. But there is no way
for attackers to directly insert their sites into the search results; each
Wild West 2.0136
search engine has its own secret means of calculating which sites will
be ranked the highest, and there is no way to override it.
Instead, attackers try to trick search engines into ranking their
attack very highly. If the attacker has set up her own attack website,
the attacker may try to “optimize” the site by filling it with carefully
selected links and by making repetitive use of the victim’s name.
These tricks are intended to make a search engine think that the site
is highly relevant to a search for the victim’s name.
Even if an attacker isn’t completely successful at bringing her
own attacks to the top of a search, she can still cause damage by a
modified form of Googlestuffing: She can simply try to increase
the prominence of false or misleading content created by others.
This form of Googlestuffing can be just as effective as creating his
own attack, especially because it is often easier to bring older con-
tent to the top of a Google result than it is to have that effect on
newer content.
Googlebombing
A spirited attacker may also try to manipulate search engines in
other ways. In many ways, a practice called Googlebombing is the op-
posite of Googlestuffing. The goal is to use a search engine to spread
a smear to people who aren’t looking for information about a partic-
ular person or company. For example, the most famous early Google-
bomb was intended as a smear of then-President George W. Bush.
By carefully manipulating links, pranksters were able to trick Google
into returning a link to the president’s official biography to anyone
who searched for the term “miserable failure.” The point was obvious;
Web searchers who weren’t looking for information about Bush still
got a message about President Bush’s popularity.
This kind of attack is less targeted than Googlestuffing, in that
it reaches people who aren’t looking for information about the victim
(and might not even know the victim). But, because tens of millions
of Google searches are performed each day, a Googlebomb attack can
Types of Internet Attacks 13 7
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.