Our Recent Cybersecurity Problems---and an Appeal for Reader Help

I am writing both to update readers on the attacks on Lawfare that took place this week and to make a frank fundraising appeal for reader help in addressing them. As readers know, we have been hit since December with episodic but low-grade denial of service attacks. These are a pain in the neck but not the world's biggest problem. This week, however, things escalated considerably. On Thursday, we were hit with what appears to be a botnet attack. And yesterday, our system crashed twice as a result of what appears to be a malicious intrusion. This latter incident caused us to reexamine an earlier crash, which I now believe also to have been induced maliciously. Moreover, though we are not sure of this, Lawfare appears to have sustained some damage from the attacks. We are endeavoring to figure out what posts have been compromised and to restore them. No, I do not know who is doing this---and I don't want to speculate about it. We will be reporting the incidents to law enforcement and will, of course, cooperate with any investigation that ensues. [UPDATE: Our technical management team no longer believes that the crashes on Friday---and another one that took place Sunday evening after this post was published---were the result of a malicious intrusion, though it does not rule out the possibility and the circumstances, coming in the context of the botnet and DDOS attacks, remain suspicious.] What I do know is that creating an architecture for Lawfare that will resist this kind of malicious activity is going to be time-consuming, and it's going to be expensive. And while people imagine that Lawfare---because of its audience and writer base---is some well-funded operation with major backing, it actually isn't. We are a tiny non-profit with virtually no independent resources, one that relies on the Brookings Institution for its staff and which has never paid any of its writers a dime. It was designed as a small blog, created by three friends who never imagined the institution it would become---or that that institution would require a defense against anonymous attackers. I suppose it is a mark of the site's success that we have arrived at that point, but to be honest, we are not positioned for it technically or financially. So if you're using Lawfare regularly, please help us. We need major backing from entities that value what we do and that want to help put us in a position to continue growing and not be paralyzed by attacks like these. We also need reader support. The Lawfare Institute is a not-for-profit educational organization devoted to the publication of this site. Our application for 501(c)(3) tax exempt status is pending. You can support Lawfare with a contribution of any size. Our mailing address for checks is: P.O. Box 33226, Washington DC 20033-3226. You can also contribute using credit cards or Paypal by clicking on the "Donate" button on our sidebar. Lawfare is also an Amazon.com affiliate site, so you can help support Lawfare by doing all your Amazon searches through the window on our sidebar. Many thanks to all of those law students who keep buying their books through Lawfare. This post will stay at the top of the page for a few days---and please, share it on Facebook and Twitter and email it to everyone you have ever met. And if you visit the site over the next few weeks and find it not there, bear with us. We're working on it.