Rabbis for Human Rights Website Attacked - Then Suspended

ClubVPS, the company hosting the site, suspended the left-wing Israeli NGO's account on the grounds that it 'violated the terms of use.'

A settler attacks Rabbis for Human Rights right Rabbi Arik Ascherman with a knife near the settlement of Itamar in West Bank. October 23, 2015.
Rabbis for Human Rights

The company hosting the website of Rabbis for Human Rights suspended the organization's account about two weeks ago after a series of hacker attacks disabled the site.

Shortly afterwards, the new hosting company received a warning message in Hebrew, demanding that it cease providing services to the organization.

Among its many activities, Rabbis for Human Rights promotes human rights for Palestinians. It made the headlines last October, when a 17-year-old settler armed with a knife attacked the organization head, Rabbi Arik Ascherman, who was part of a group assisting Palestinian farmers to harvest olives.

Known as a distributed denial of service attack, the hack of the organization's website is one of the most common on the Internet. There are many variations of DOS attacks, but their basic objective is to swamp a web server with so much data that it eventually stops working.

The data originates from multiple compromised computers, all of which target a single server. In most cases, the service can be recovered relatively quickly, though a heavy DDOS attack can sabotage a server for a considerable amount of time.

The use of a DDOS attack on a human rights organization is not new. A Harvard University study from 2010 described DDoS attacks on independent media and human rights organizations as "an increasingly common Internet phenomenon, capable of silencing Internet speech."

Maor Barzani of TechnoCraft, which is responsible for the Rabbis for Human Rights website, told Haaretz that the hosting company, ClubVPS, had informed him that the account had been suspended, though it had not given him any data regarding the attack.

A Haaretz request for data also went unanswered.

A representative of the company told Barzani by phone that the decision to remove the site from the network and not return it to operation was made by the company's CEO. He also said that "the content of the site could be problematic."

The company said in an email that its system had identified unusual or "damaging" activity on the account, which consequently had been suspended due to "the violation of accepted usage policies, terms of use or privacy policy."

"The disruption caused considerable damage to our infrastructure or public image, due to which the decision to suspend the account is final and not open to discussion," the company wrote.

Another hosting company agreed to host the website after the account was suspended by ClubVPS. But it didn't take long for the new host to receive a threatening email:

"Shalom. This is the first and last announcement," the email said. "Please remove this site from the server in order to limit future damage."

An investigation revealed that the message was sent from New Jersey, Barzani said, though it's not difficult to spoof a sending address.

The new hosting company, which asked not to be identified, said that it had not experienced any heavy attacks as yet.