Sri Lanka’s Colombo Gazette news website crashed yesterday after a bot attack traced to IP addresses in China, Managing Editor Easwaran Rutnam said.
Rutnam told EconomyNext this morning that the English-language edition of the website was recovered a few hours after the attack but the Sinhala-language edition is still down.
Yesterday’s denial-of-service (DDoS) attack is a sequel to a similar event that occurred in March last year, he said, when the site could not be recovered for two full days.
On both occasions, Rutnam said, the Colombo Gazette developers traced the IP addresses of the botnet to China and Hong Kong.
“A massive amount of Tor and bots were detected by cloud flare tracing networks for AS53667 PONYNET, AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone,” Rutnam said, quoting the developers.
A bot attack is the use of automated web requests to manipulate, defraud, or disrupt a website, application, API, or end-users. Bot attacks started out as simple spamming operations and have branched into complex, multinational criminal enterprises with their own economies and infrastructures, online resources say.
A DDoS attack is when cybercriminals command their infected bot army to overload a website to the point that it stops functioning and/or access is denied.
It is unclear at present what the motivations of the attackers might be in attacking Colombo Gazette.