[We are awaiting comment from PRNewsire; its owner Cision, Protester.io; and the FBI. We'll update if we get anything.]
"Um...this came over PR Newswire...not sure this is legal?" Tweeted well-known conservative editor and writer John Podhoretz, with a screen grab, on Thursday morning, Jan. 12th
um...this came over PR Newswire...not sure this is legal?
The screen grab, seen below, stated that "Protester.io Launches Campaign to Take Down WhiteHouse.gov on Inauguration Day." It called on people across the country to help by "occupying whitehouse.gov online."
This call to hack a federal Web site certainly raises several questions, the first being whether it represents a conspiracy to violate federal cyber crime laws. It sounds like a classic Distributed Denial of Service (DDOS) attack, in which hackers overwhelm a Web site so it can't be used by others (in this case, the American people). This technique is often used by criminals trying to extort the owner of the Web site, or countries like Russia and North Korea trying to shut down Web sites they don't like. Such attacks have sometimes been declared crimes under the federal Computer Fraud and Abuse Act (CFAA); violators can face years in prison and stiff fines. A Wisconsin man was reportedly fined $183,000 for using a DDOS attack to take down a company Web site for one minute.
But perhaps most surprising was the company publicizing the campaign, PRNewswire, one of the largest PR services in the world. Bought for nearly a billion dollars in 2015 by private equity-backed Cision, PRNewswire is a go-to choice for those seeking publicity for things like product launches, policy studies and required financial and legal disclosures. Now they were generating publicity for a group planning what might a federal crime.
According to the company: "PR Newswire, a Cision company, is the premier global provider of multimedia platforms and distribution." The service operates 35 offices in 18 countries. "Our network reaches nearly 3,000 newsrooms, like The New York Times, ABC News, BuzzFeed and more. We send content to more than 550 news content systems like Moody’s, SmartBriefs, LexisNexis and McGraw-Hill."
Why would PRNewswire, a company serving thousands of Web sites, want to help a protest group shut down perhaps the best known government site in the country?
We immediately went to the PRNewswire feed and found the following. PRNewswire had "corrected" the initial release to remove the parts about "taking down" WhiteHouse.gov.
But PRNewswire was still directing traffic to the Protester.io site -- where there were instructions on how people could "automate" the hack of WhiteHouse.gov. [We blacked out the specific instructions.]
Based on this, we started Tweeting questions to PRNewswire, Cision and Cision's CEO, Kevin Akeroyd, ex-GM of Oracle Marketing Cloud.
@cision Is your @PRNewsire doing paid PR for a plan to hack White House website? Criminal conspiracy? @FBI @secretservice @BillGertz #MAGA https://t.co/1ISLypxf6W— Sauter By Night (@MarkASauter) January 12, 2017
They never responded. But something interesting was happening: The whole press release appeared to disappear from the PRNewswire system.
Has someone at Cision or PRNewswire realized they were providing publicity for what could be a federal crime? We've emailed them and the organizers of the "take down" campaign against WhiteHouse.gov, but have not yet heard back. We're also contacted the FBI to see they know about this campaign and whether it, and the technique it's promoting, are legal.
As for us, Need to Share News, we're left with several questions:
- Why would PRNewswire, a company ostensibly devoted to the free exchange of ideas, apparently take money to help promote a campaign to "take down" a legal Web site?
- Why do the people at Protester.io think they have the right to hack a public Web site other Americans want to use? Why not just put up their own Web site?
- Do the FBI and other federal cyber crime agencies read PRNewswire? Or Twitter?
- Will the authorities consider this campaign a lawful protest or a violation of cyber crime laws by "mob DDOSing?" Imagine if Moscow used this tactic to take down the White House site?