The Washington Post

Cyber attacks on the ‘Lawfare’ national security law website

Many Volokh Conspiracy readers, I imagine, have probably heard of the national security law and policy website Lawfare, or perhaps have read it occasionally.  It has emerged as the most important, go-to site for national security law and policy, widely followed by journalists, academics, and government officials, particularly in the Defense Department and intelligence community.  It has helped inspire some of the other leading websites offering commentary on national security law – Just Security, for example.  (Co-Conspirator Orin Kerr occasionally posts at Lawfare; for my own part, when not blogging here at Volokh Conspiracy, I am otherwise known as His Serenity, Book Reviews Editor of Lawfare.)

What Lawfare hasn’t done, however, is find deep pockets or lavish funding or, really, much funding at all.  The  Brookings Institution, where the Lawfare editor-in-chief, Benjamin Wittes, is a senior fellow, has been very helpful as have some foundations, but otherwise it is dependent on individual donations and small amounts of  institutional funding to pay the web hosting and related costs.  Its technical design, security, and graphic features are very much off the shelf, and although more money would help introduce new and more sophisticated features, at bottom it’s a wonk’s website, driven largely by written content that not very many internet surfers would find interesting.

As readership increases, however, and as a site like Lawfare tries to cover topics – the military commissions trials, for example – that require sustained commitment by expert professionals, etc., costs rapidly increase.  And the off-the-shelf design can leave the site potentially highly exposed in an important matter – cybersecurity.

So it’s with some frustration and concern that I note Lawfare is the target of increasingly severe cyber attacks aimed at taking down the site.  Though certainly aware through reading in the newspapers and on the web about the problems that cyber attackers can bring to a site whose content they don’t like, this is the first time I’ve seen it up-close, on a site where I regularly write.  At least if you’re a small, very modestly funded blog site like Lawfare, it turns out that free speech – and not even especially controversial or outrageous speech, by ordinary measures – is a fragile thing on the web.  It doesn’t take all that much, it turns out, to shut it down.

You can read Lawfare Editor-in-Chief Ben Wittes’ account of these cyber attacks at the site – assuming it hasn’t been brought down again.  It turns out that unless one is a very well funded, deep-pocketed enterprise – which Lawfare is not – able to afford expensive cyber-defensive architecture and design of the site, free expression is surprisingly (at least to me, as a non-expert) vulnerable on the web.  Ben Wittes declines to speculate on who might be behind the attacks, and I would have no idea – but it does appear that someone is pretty unhappy with some aspect of Lawfare’s postings.

I’m a non-expert on the technical aspects of this and cyber attacks have always, for me, been something that happened to someone else and their site.  When I watch it happening to a site with which I’m directly affiliated, but one which, unlike the Washington Post, is not armed with cyber engineers and security specialists and the resources necessary to address threats and neutralize attacks – well, I find it disturbing.  Lawfare is going to be struggling to find ways just to stay up, and its plans to widen its coverage and activities will necessarily be slowed.  It takes very little time for readers of a public website to abandon it if they don’t see it or immediate new content, as we all know as web-readers; this is not good for public debate.  Free speech is more than just three dozen exquisitely curated Tumblr sites devoted to … raccoon bondage sex dungeons – important, of course, as those are:

The very great XKCD.

(Update:  Well played, JustinVC in the comments, well played … also, the opening link to Lawfare, fixed.)

Kenneth Anderson teaches law at Washington College of Law, American University; he is also a non-resident senior fellow of the Brookings Institution, member of the Hoover Institution Task Force on National Security and Law, and senior fellow of the Rift Valley Institute.

The Freddie Gray case

Please provide a valid email address.

You’re all set!

Campaign 2016 Email Updates

Please provide a valid email address.

You’re all set!

Get Zika news by email

Please provide a valid email address.

You’re all set!
Show Comments

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read



Success! Check your inbox for details.

See all newsletters

Close video player
Now Playing

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.