In the weeks leading up to and following Zimbabwe's disputed 2013 election, Zimbabweans were hit by significant Internet-based attacks. Because the incident was not widely reported, it did not gain traction at all in the Internet Freedom Community. Yet the incident was one of a kind to be documented during an African election. It adversely affected Zimbabweans' rights to stay informed including by accessing first-hand information on the elections to inform civic action and response to the election irregularities. This also had repercussions on the transparency and outcome of the election since those who were monitoring them on online platforms were deprived of necessary information to base their reports on. As part of the project Sub Saharan Africa Cyber Threat Modelling, I propose that as Zimbabwe prepares for the 2018 elections, civil society actors in Zimbabwe and those who support their digital security and integrity projects should use the 2013 incident to undertake a proper threat model that takes account of DDOS attacks. This will coincide with the Zimbabwe CSOs' launch of the 2018 Election Situation Room on 27 June 2018 - an initiative that seeks to coordinate their activities & enhance citizen monitoring & participation in electoral processes. Unlike other attack vectors that only affect information confidentiality and integrity, a DDOS goes after the availability of a system or a network. The nature of its attack is like having your home flooded- without warning; attackers can upend the availability of information during an election. When it hits a network, a long time can pass before detection and mitigation. In an ever-expanding field of adversaries and other attack vectors, DDOS is still often difficult to attribute as it can often be orchestrated remotely.
Around July 30, 2013, while working for the Zimbabwe Human Right NGO Forum, I woke up to realise that most of the real-time content of the website I managed had been compromised through deliberate defacement and selective data erasure. As I tried to locate the content, the site went offline. I fiddled with the network until a U.S. Congress Researcher, who had been following our blogs, alerted me to the DDOS attack directed at our web host Greennet and web hosts of other critical websites such as Electionride.com and Nehanda Radio.
...