The Tor Project on Saturday morning acknowledged a cyber attack on this network, and provided the following statement to Business Insider:
This looks like a regular attempt at a Sybil attack: the attackers have signed up many new relays in hopes of becoming a large fraction of the network. But even though they are running thousands of new relays, their relays currently make up less than 1% of the Tor network by capacity. We are working now to remove these relays from the network before they become a threat, and we don’t expect any anonymity or performance effects based on what we’ve seen so far.
Tor’s service keeps users anonymous by bouncing communications around a large network of computers known as “volunteer nodes.” But as Gizmodo pointed out on Friday, if one group can control most of the nodes — which is what Lizard Squad reportedly attempted to do — it may “be able to eavesdrop on a substantial number of vulnerable users.” That obviously has massive implications on the privacy of millions of people who rely on the anonymous service.
It’s still unclear who attacked Tor, but the notorious hacker gang “Lizard Squad,” which also claims responsibility for taking down PlayStation Network and Xbox Live for two straight days over the Christmas holiday, also tweeted they were behind the Tor attack on Friday.
To clarify, we are no longer attacking PSN or Xbox. We are testing our new Tor 0day.
— Lizard Squad (@LizardMafia) December 26, 2014
Lizard Squad explained why it allegedly went after the game networks, but it’s still unclear why this hacker collective shifted its attention to Tor.
The Tor Project is one of the most effective sites for encrypted communication, making it one of the most important internet services in the world. Whistleblowers like Edward Snowden have used the service, and it’s proven pivotal in “dissident movements” in Iran and Egypt.
A few hours after Lizard Squad announced it was focusing on Tor, the international activist group Anonymous told the Lizards to “stand down” and stop attacking Tor, adding, “We don’t give a f–k about corporate bulls–t networks, we do care about 3rd world communications.”
Based on Tor’s thorough response, however, it seems like the issue is being taken seriously by the organisation, and its users will have little to worry about in that regard.
Meanwhile, days after the initial attacks began, we’re still waiting on word from both Sony and Microsoft as to what exactly happened to their game networks over the Christmas holiday. They have yet to confirm whether or not the outages were the result of a distributed denial-of-service (DDoS) attack, which overloads network servers by having botnets send a massive amount of bogus requests, or if it was something else entirely.