Skip to main contentSkip to navigationSkip to navigation
Cyber security
'A lot of people have a lot to gain from peddling scare stories about cyber “warfare”. As with any type of politics it’s important to know precisely who is making the claims and what their interests are.' Photograph: Daniel Law/PA
'A lot of people have a lot to gain from peddling scare stories about cyber “warfare”. As with any type of politics it’s important to know precisely who is making the claims and what their interests are.' Photograph: Daniel Law/PA

How a cyberwar was spun by shoddy journalism

This article is more than 11 years old
Heather Brooke
Journalistic scepticism was lacking when stories about a DDoS attack 'breaking' the internet surfaced. This is a real future risk

A veteran Reuters reporter related a piece of advice given by his editor: "It's not just what you print that makes you an authoritative and trusted source for news, but what you don't print."

He wasn't talking about censorship, he was talking about what separates journalism from stenography and propaganda: sceptical scrutiny. The professionalism of the craft isn't simply learning to write or broadcast what other people tell you. Crucially it is the ability to delve, interrogate and challenge, and checking out stories you've discovered through your own curiosity, or robustly testing what other people tell you is true.

Scepticism was in short supply this week when breathless claims about the collapse of the internet were published in such reputable publications as the New York Times, the BBC and even technical journal Ars Technica, all falling prey to the hyped-up drama of a DDoS attack against Spamhaus, a group that tracks spammers, and their alleged attacker Cyberbunker, a Dutch hosting company Spamhaus had blacklisted.

Ars Technica described the attack as at "a scale that's threatening to clog up the internet's core infrastructure and make access to the rest of the internet slow or impossible". "If a Tier 1 provider fails, that risks breaking the entire internet," it continued.

There is risk everywhere. Being alive carries the risk of death. It's no good just saying what might happen (that's the role of a screenwriter or novelist), what matters is the likelihood of it happening. The "risk" of the entire internet breaking from such an attack is very small. That should have killed off the worst of the scaremongering headlines and alerted the sceptical reporter that something was afoot.

A lot of people have a lot to gain from peddling scare stories about cyber "warfare". As with any type of politics it's important to know precisely who is making the claims and what their interests are.

In whose interest is it to hype up the collapse of the internet from a DDoS attack? Why, the people who provide cyber security services of course. And looking at the reporting, almost all the sources are directly involved and have a vested interest. The claims about the scale of the attack are from CloudFlare, the anti-DDoS firm hired by Spamhaus to ward off the attack. Eschewing subtlety they blogged about the event: "The DDos that Almost Broke the Internet".

As soon as you have a source with a direct involvement, scepticism should be your guide. Sadly, reporters don't always have the time or space for scepticism, and increasingly they are judged only on their ability to fill space at speed. In this environment there is no incentive to challenge a good yarn.

While the infrastructure of the internet might not be easy for reporters to understand, simply juxtaposing quotes from opposing sides isn't all there is to journalism. Yes, this was a big attack in terms of traffic directed against one website (approx 300Gbps), but the internet seemed to cope just fine.

Even if you knew nothing about technology, you could have done what Sam Biddle did at Gizmodo and simply asked some challenging, sceptical questions such as:


• Why wasn't my internet slow?
• Why didn't anyone notice this over the course of the past week, when it began?
• Why isn't anyone without a financial stake in the attack saying the attack was this much of a disaster?
• Why haven't there been any reports of Netflix outages, as the New York Times and BBC reported?
• Why do firms that do nothing but monitor the health of the web, like Internet Traffic Report, show zero evidence of this Dutch conflict spilling over into our online backyards?

This story wasn't just a failure to understand technology. It was a failure of basic journalism practice. To be willing to not write the story if it didn't stack up.

This is the danger of the "dark age of journalism", as it has been called. The training of the old Reuters reporter is replaced by one of political and corporate collusion. The separation between newsrooms and public relations agencies growing ever thinner as reporters rush to fill space at all costs, regardless of truth.

Even after she'd written the piece in the New York Times, tech reporter Nicole Perlroth tweeted how she was still getting targeted by corporate PRs to cover the "story": "Hi Nicole, News is just breaking on the biggest cyber-attack in history. Are you planning on covering?"

The collapse of journalism combined with complex, fast-changing technology offers a wealth of opportunity for propagandists. In the soil of ignorance, fear can easily be sown. So it is with cyberwarfare.

Most viewed

Most viewed