You send a tweet and you set up a short website with some vague text and you make the VTM news seen by a million people
this is the power of the tradename (mark) Anonymous (as Al Qaida - without placing any links between them). They are call-names for whatever person or group who wants to set up or do something that falls somewhat in the action and ideological framework of what Anonymous seems to have been (and just as Al Qaida regroups the most diverse framework of actions and tendencies)
they will liberate the Belgian web from the proxies in a month from now ?
how will they do that ?
* the easy way : publish daily servers outside of Belgium that will circumvent these filters
* the legal way : you distribute a proxyserver or DNS server that one can install easily on webservers (just like TOR gateways) and they will redirect the blocked domains to one that isn't blocked
You can also do that with software that one can install.
The problem is off course that you have to be sure that the softwarepackages stay clean or that they have no vulnerabilities so that as with previous installation
The other problem is that the law on cybercriminality is so vague that one could interpret it that every one who is hosting or distributing this helping a criminal activity (as some of the blocked are said to be childporn or illegal gambling sites)
* the illegal way : by ddossing the Belgian proxy infrastructure with help from external friends or botnet networks (some of the biggest ddos attacks by Anonymous were in fact helped during some time by criminal control botnets) you could force the ISP's to take down the filters to ensure a full service for all their other (business clients).
FOR EVERY ACTIVIST IN BELGIUM WHO FEELS HE SHOULD PARTICIPATE in this event : read this clearly
You can be found, you can be identified and you can be prosecuted and sentenced for thousands of Euro's and probably if this is the action technique that would be launched, than some of you will be - to set an example
DO NEVER BELIEVE THAT AS A BELGIAN ON THE BELGIAN WEB YOU ARE ANONYMOUS. IF NECESSARY THEY WILL LOCATE YOU (except if you go out to another city and use an open network out of your car - untill the owner sees his tv and networkconnections fail, calls the internetcompany who will see the interference and storms out of the house after pulling the plug). What is even more legally you DO NOT HAVE THE LEGAL RIGHT IN BELGIUM TO USE OR ABUSE AN OPEN INTERNET CONNECTION (people have been sentenced for that).
it is up to you to think if this is worth it (I don't think so)
The other problem with DDOS attacks is that Belgium is totally not prepared. I just have to laugh when I read about the big cyberattacks on the federal infrastructure that even nearly took down the central portal website from Belgium (belgium.be) and even had - according to the press - some disturbances in the back office infrastructure of the website. In total last year there were 6 ddos attacks on all of the federal infrastructure. And it shows clearly how poorly prepared they are for this kind of attacks.
the other problem with ddos attacks in Belgium or against some of its infrastructure is that the crisislevel will increase enormously if the repercussions are felt in the central internetinfrastructure of Belgium. This means that if the central (ISP) infrastructure of Belgium is attacked (as they do the filtering) it will have repercussions for the international firms and institutions who are located here - and as you have read here above - there is no way the infrastructure will be prepared in a month to withstand ddos attacks
what can you do ?
first you should use this as an exercise. There are very few occasions to set up a real live exercise in which you can prepare, eventually execute and evaluate afterwards without spending thousands of euro's and hours of preparations for consultants and collaborators working on scenario's that look like they could happen or that have happened but of which you are never sure that this is the way things will evolve. There is nothing better than a real live scenario. You should grab this unique opportunity with your two hands to put into place a test anti-ddos strategy. If you are in the future a victim of a ddos attack or feeling the consequences of ddos attacks against others or against parts of a network you are using, than you will be very glad that you will have grabbed this opportunity and have a strategy, contracts, prices, budgets, procedures, communication drafts, organizational responsabilities, proof of concepts of anti ddos products or functionalities in place
secondly do the following practical things
* ask the website developers to develop a minimal version of the website with only text, no graphics and with the minimal informational functions (or how much it would cost) You could use this website as a text-only version, so your money is not wasted.
* ask the communication departement to develop standard messages to excuse for the disturbances, to communicate urgency measures in your own network (limitation of internetconnection to only the real business urgencies), set-up of an internal coordination of the communication and the fast distribution of internal information (for ex internal blog) and an absolute interdiction to communicate whatsoever on the web about the evolving situation (except for the communication department)
* ask the hoster to ready a back-up contract for your hosted websites so that they can have a 'fail-over' backup outside of Belgian infrastructure (it is still better to have your websites - especially if you have important data in Belgium but you can host the text only no important data version
* ask the ISP to ready a back-up contract by which you can upgrade the bandwith of your incoming line of internet and ask for a anti-DDOS protection that can be activated during such crisis
* ask the judicial department to prepare the official demands and complaints to file with the FCCU if you will have real business damages through such (side-effects) off a DDOS attack and have to cover your legal responsabilities for your investors, clients and insurance.
* ask your technical teams to prepare a plan for the technical execution of the monitoring, filtering and gradual implementation of the activation of all the things above (do they have an anti-ddos function on the routers, the firewall or is there a special anti ddos infrastructure put in place). Be sure that the technical teams themselves know how to locate and filter ddos attacks in the monitoring and defending tools and infrastructure because if Anonymous will use a DDOS technique than the very few DDOS specialists that this country has will be very busy and I am not sure that you will be their highest priority
* buy a few books and read some stuff about DDOS technique - also about the new DDOS techniques because they only need a few pings to bring down a vulnerable apache or dns server
* re-inforce the hardware and be sure that everything is patched especially Apache
* follow the web (see our twitterlists for example) and especially
oh and the ISP's - they have a month to get their act together because I am not sure that they are very well prepared if this is going to be a DDOS campaign inside out outside in - they have been relaying too much on the omerta in the (even technical) press and the complacency from the parliament to invest only the minimal necessary in their security
maybe this is a wake-up call