Tor Network Under DDoS Pressure for 7 Months


For the past seven months, the Tor anonymity network has been hit with numerous distributed denial-of-service (DDoS) attacks, its maintainers announced this week.

Some of the attacks have been severe enough to prevent users from loading pages or accessing onion services, the Tor Project says.

Publicly released in 2003, Tor directs traffic through a global network of more than 7,000 relays, to help users maintain anonymity and protect their privacy while navigating the web. Despite its legitimate purpose, Tor has also been used for illegal activities.

Attacks against Tor are not new, with many of them seeking to deanonymize users. In DDoS attacks, the target is flooded with rogue network traffic originating from multiple different sources in an effort to disrupt the target service by depleting resources.

According to the Tor Project, despite its efforts to mitigate the impact of the experienced DDoS attacks, continuous shifts in methods are making the task difficult.

“The methods and targets of these attacks have changed over time and we are adapting as these attacks continue. It’s not possible to determine with certainty who is conducting these attacks or their intentions,” Tor says.

To improve defenses, the Tor Project is adding two new members to its network team, to focus on the development of the onion services.

At the same time, the organization is making an appeal to the community to help it fund onion service development through donations. Offering services for free, the Tor Project is funded from donations, with support coming from the Electronic Frontier Foundation (EFF), various US governmental agencies, individuals, and other third-parties.

Related: US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites

Related: US Agencies Issue Guidance on Responding to DDoS Attacks

Related: Pro-Russian Group DDoS-ing Governments, Critical Infrastructure in Ukraine, NATO Countries

The post Tor Network Under DDoS Pressure for 7 Months appeared first on SecurityWeek.