ADVERTISEMENT
Manila Bulletin devider Technews devider Who attacked CNN Philippines?

Who attacked CNN Philippines?

Published Feb 7, 2022 09:03 am

A series of DDoS cyber attacks disrupted the CNN Philippines and other news sites. First question is who did it? A Pinoy hacker collective - Pinoy Vendetta claimed responsibility. Their member “Abdul” confirmed the attacks using a swarm of botnets. These “bots” targeted other news sites which included the Rappler and PhilStar as well.

The hacker group sent a Youtube video. In it, we see what looks like a botnet launched against CNN Philippines website. The group ran 1000 threads using 34,291 “BOTS”. A bot is a compromised server/resource.

The video shows the attack on CNN Philippines website as it went ‘down’. The hackers used the same type of DDoS attack against Rapper and PhilStar as well. In the past, Pinoy Vendetta also hacked an election monitoring site and Sen Gordon’s page.

image001 (2)

https://www.youtube.com/watch?v=omGa7m0O3qk&ab_channel=MacarioSakay

In the above screengrab, “Abdul” further explains:

“PV_raw is our own method of raw botnet where we control infected computer/devices and connect to our servers and use it to attack simultaneously to CNN Phil Website. The BOTS you see in our panel thats the number of infected devices or what we called botnets.”

“Abdul” claimed they targeted these sites due “to their biased reporting”. For context, Pinoy Vendetta is suspected of being Pro-Philippine President Rodrigo Duterte. The other reason given for the attack is to “proved(sic) that their security is weakshit (sic)”.

Indeed, CNN Philippines’ setup seem woefully inadequate. Markku Kero, -CEO Job and Esther Technologies, Finland — noted that CNNPhilippines’ DNS is pointing directly to AWS (Amazon Web Services) load balancers. There were no CDN (content distribution network) or any other mitigation layer. Just a bunch of multiple IP addresses. This is “quite inexcusable for a company that size”.

As of this writing, CNN Philippines blocked all incoming request (403 error). But this is temporary as NO one else can access their site with such a setting. With this, the hackers achieved their goal — denial of service. And once the site comes up, the DDoS will also hit them again.

“AWS load balancer is just for simple flood attack but a massive attack (on) all of the IPs given by the load balancer will be flooded too”- “Abdul”

Further, “Abdul” claims that it cost them next to nothing to launch these debilitating attacks. Unlike other DDoS that pay using dark web platforms, Pinoy Vendetta “owns” their botnets. They don’t have to pay for the use of the botnet. In addition, the bandwidth used in DDoS attacks are paid by the unsuspecting owners of the compromised servers.

In contrast, news organizations spend thousands of dollars to mitigate the DDoS attacks. As more traffic hits their sites, they would have to pay MORE to their hosting company. Typically, these involve adding huge bandwidth, server memory, and CPU capacity.

The web traffic should also be scrubbed before it reaches the original servers. It filters the bad from the good to keep their websites open to legitimate users. But the drawback is that these measures come with a huge price tag.

The DDoS attacks are often coordinated efforts by many compromised computer systems. The DDoS attacks are designed to disrupt legitimate users. While DDoS attacks are generally aimed at the general public, the majority are directed at government websites. The Philippines has been a target for DDoS attacks since the 1990s.

These DDoS attacks highlight how low budgets can take down million dollar operations. The asymmetric costs sends shudders across webmasters and system administrators. It is harder to defend against an avalanche of ‘web requests’. More so when it’s difficult to filter the attacks from the legitimate traffic. These costs don’t even include the lost opportunity from ad revenues. Neither does it account for disruption of services to their readers.

My personal worry is how this might impact the coming Philippine elections. Would Comelec servers be immune from an onslaught of DDoS attacks should Pinoy Vendetta feel aggrieved by the process? How might system administrators counter this in a cost-effective manner? Fellow SysAds, please share your suggestions for the benefit of our community.

ADVERTISEMENT
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1561_widget.title }}

{{ item.title }}
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1562_widget.title }}

{{ item.title }}
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1563_widget.title }}

{{ item.title }}

{{ articles_filter_1564_widget.title }}

{{ item.title }}
.mb-article-details { position: relative; } .mb-article-details .article-body-preview, .mb-article-details .article-body-summary{ font-size: 17px; line-height: 30px; font-family: "Libre Caslon Text", serif; color: #000; } .mb-article-details .article-body-preview iframe , .mb-article-details .article-body-summary iframe{ width: 100%; margin: auto; } .read-more-background { background: linear-gradient(180deg, color(display-p3 1.000 1.000 1.000 / 0) 13.75%, color(display-p3 1.000 1.000 1.000 / 0.8) 30.79%, color(display-p3 1.000 1.000 1.000) 72.5%); position: absolute; height: 200px; width: 100%; bottom: 0; display: flex; justify-content: center; align-items: center; padding: 0; } .read-more-background a{ color: #000; } .read-more-btn { padding: 17px 45px; font-family: Inter; font-weight: 700; font-size: 18px; line-height: 16px; text-align: center; vertical-align: middle; border: 1px solid black; background-color: white; } .hidden { display: none; }
function initializeAllSwipers() { // Get all hidden inputs with cms_article_id document.querySelectorAll('[id^="cms_article_id_"]').forEach(function (input) { const cmsArticleId = input.value; const articleSelector = '#article-' + cmsArticleId + ' .body_images'; const swiperElement = document.querySelector(articleSelector); if (swiperElement && !swiperElement.classList.contains('swiper-initialized')) { new Swiper(articleSelector, { loop: true, pagination: false, navigation: { nextEl: '#article-' + cmsArticleId + ' .swiper-button-next', prevEl: '#article-' + cmsArticleId + ' .swiper-button-prev', }, }); } }); } setTimeout(initializeAllSwipers, 3000); const intersectionObserver = new IntersectionObserver( (entries) => { entries.forEach((entry) => { if (entry.isIntersecting) { const newUrl = entry.target.getAttribute("data-url"); if (newUrl) { history.pushState(null, null, newUrl); let article = entry.target; // Extract metadata const author = article.querySelector('.author-section').textContent.replace('By', '').trim(); const section = article.querySelector('.section-info ').textContent.replace(' ', ' '); const title = article.querySelector('.article-title h1').textContent; // Parse URL for Chartbeat path format const parsedUrl = new URL(newUrl, window.location.origin); const cleanUrl = parsedUrl.host + parsedUrl.pathname; // Update Chartbeat configuration if (typeof window._sf_async_config !== 'undefined') { window._sf_async_config.path = cleanUrl; window._sf_async_config.sections = section; window._sf_async_config.authors = author; } // Track virtual page view with Chartbeat if (typeof pSUPERFLY !== 'undefined' && typeof pSUPERFLY.virtualPage === 'function') { try { pSUPERFLY.virtualPage({ path: cleanUrl, title: title, sections: section, authors: author }); } catch (error) { console.error('ping error', error); } } // Optional: Update document title if (title && title !== document.title) { document.title = title; } } } }); }, { threshold: 0.1 } ); function showArticleBody(button) { const article = button.closest("article"); const summary = article.querySelector(".article-body-summary"); const body = article.querySelector(".article-body-preview"); const readMoreSection = article.querySelector(".read-more-background"); // Hide summary and read-more section summary.style.display = "none"; readMoreSection.style.display = "none"; // Show the full article body body.classList.remove("hidden"); } document.addEventListener("DOMContentLoaded", () => { let loadCount = 0; // Track how many times articles are loaded const offset = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]; // Offset values const currentUrl = window.location.pathname.substring(1); let isLoading = false; // Prevent multiple calls if (!currentUrl) { console.log("Current URL is invalid."); return; } const sentinel = document.getElementById("load-more-sentinel"); if (!sentinel) { console.log("Sentinel element not found."); return; } function isSentinelVisible() { const rect = sentinel.getBoundingClientRect(); return ( rect.top < window.innerHeight && rect.bottom >= 0 ); } function onScroll() { if (isLoading) return; if (isSentinelVisible()) { if (loadCount >= offset.length) { console.log("Maximum load attempts reached."); window.removeEventListener("scroll", onScroll); return; } isLoading = true; const currentOffset = offset[loadCount]; window.loadMoreItems().then(() => { let article = document.querySelector('#widget_1690 > div:nth-last-of-type(2) article'); intersectionObserver.observe(article) loadCount++; }).catch(error => { console.error("Error loading more items:", error); }).finally(() => { isLoading = false; }); } } window.addEventListener("scroll", onScroll); });
Join Our Newsletters

Sign up by email to receive news.

© 2025 Manila Bulletin The Nation's Leading Newspaper. All Rights Reserved.