About ten days ago the company began receiving anonymous requests to delete slideshows that were deemed “illegal” by the requesters. The SlideShare staff checked out these slideshows and discovered them to be quite innocent. While some described ways to fight corruption in China, none of them violated the company’s terms of service, and so SlideShow did nothing to fulfill the requests.
SlideShare soon began receiving a different type of request from the same people, who could now be identified by their email addresses. This time they were pretending to be users who had lost their passwords. Once again doing nothing, the company got a very demanding, and almost threatening, call to its Indian office on Wednesday, one that insisted that the company grant access to an account.
After these three failed attempts, SlideShare experienced a massive distributed denial of service attack starting at 10pm on Thursday, one day before the CNN website was attacked by Chinese instigators in apparent backlash to its coverage of the Tibetan protests. We’ve been told that the attack reached a peak of 2.5GB/sec and consisted entirely of packets sent from China.
Not long after the first attack subsided, SlideShare was hit a second time on Friday and the site went down again until Saturday morning. Since then there have been no more attacks, but the company continues to receive fake password recovery and illegitimate takedown requests at a rate of about 5-10 per day (it has accumulated about 50-60 total).
There’s a lot of speculation around just what has happened here since no one knows for sure who is behind the requests and attacks. However, it seems likely that they were from the same hacker groups – possibly linked to the Chinese government – that attacked the CNN site (and later called their attack off after getting too much publicity). Some of the slideshows with takedown requests have been viewed many times recently, so their popularity seems to have landed them on the Chinese government’s radar.
SlideShare insists that it will do everything it can to protect its users’ freedom of speech. As such, it has no plans to remove any of the content in question.
Update: Just as I finished writing this post, I received word from the company that a third attack had begun.