Russia blamed for cyber terror blitz

Author: By Jerome Taylor

Twitter went offline for several hours on Thursday whilst Facebook and
Livejournal suffered major slowdowns following a large distributed
denial-of-service (DDOS) attack which flooded their networks. The attacks
are believed to have been aimed at a 34-year-old Georgian economics lecturer
who has written blogs critical of Russia’s military presence in the area.

Hackers use DDOS attacks to flood a website’s servers with communication
requests from a network of thousands of compromised computers, forcing the
website to temporarily shut down. The paralysing effect of the attack, which
severely compromised two websites that are regularly used by political
dissidents, has raised fresh questions over the vulnerability of internet
and the growing potential of cyber warfare as an effective weapon.

As Facebook and Twitter launched investigations yesterday into where the
attack on their site originated, a blogger who writes under the name of “Cyxymu”
announced that he had been the first target of the attack.

Speaking to reporters yesterday the blogger, who only gave his first name,
Georgy, pointed the finger of blame at the Russian government. “Maybe
it was carried out by ordinary hackers but I’m certain the order came from
the Russian government,” he said. “An attack on such a scale that
affected three worldwide services with numerous servers could only be
organised by someone with huge resources.”

Max Kelly, Facebook’s chief security officer, refused to be drawn over where
the attack came from but he did confirm that the original target was Cyxymu
? whose name is a latinised version of the Russian spelling of Sukhumi, the
capital of the Georgian breakaway republic, Abkhazia.

“It was a simultaneous attack across a number of properties targeting him
to keep his voice from being heard,” said Mr Kelly. “You have to
ask who would benefit from doing this and think about what those people are
doing and the disregard for the rest of the users and the internet.”

In recent years DDOS attacks have become increasingly used by both criminal
networks and, security experts suspect, foreign governments to either extort
money from crippled networks or silence political dissidence. Earlier this
summer the Government confirmed that the largest cyber threats against
Britain come from hackers in Russia and China and announced the creation of
a “cyber security operations centre” to counter the threat. Barack
Obama has also made cyber-based enemies a national security priority and has
set up his own “cyber security office” which was hit by a DDOS
attack earlier this year.

Rik Fergusson, a cyber security expert at Trend Micro, said a DDOS attack
relies on a network of thousands of compromised computers which can only be
accessed with large amounts of preparation or rented from organised criminal
syndicates.

“You either have to have lots of money to rent the network or you need to
have put in a lot of groundwork to hack into and compromise the machines
that do the attack on your behalf,” he said. “Once you have that
together, launching the actual attack can be done from a simple netbook.
Either way we are seeing a lot more of these attacks and will continue to do
so.”

When fighting broke out between Georgia and Russia last summer over the
breakaway republic of South Ossetia, the Russian advance was complimented by
a giant DDOS attack on many of the Georgian government’s websites which made
it difficult for ministries to co-ordinate the war.

The Dalai Lama asked Canadian investigators to inspect the Tibetan
government-in-exile’s computers after suspecting that the Chinese government
had infiltrated their systems. In March the investigators announced that
they had uncovered a vast espionage network run out of China which had
infiltrated 1,295 computers in 103 countries. The so-called “Gh0stnet”
spying operation had resulted in the theft of documents from scores of
computers belonging to embassies, foreign ministries and government offices
around the world.

The attack: How it was done

By Jack Riley

*Though the phrase “distributed denial-of-service attack” may
conjure up images of striking Tube drivers, its true meaning was revealed
yesterday when hackers brought swathes of the internet to a standstill; and
if you have ever visited a sketchy website or clicked on a dodgy link in an
email, then you may have been involved in it.

As the BBC Click programme demonstrated in an experiment of dubious legality a
few months ago, when the few essential ingredients needed to carry out a “DDOS”
attack are in place, the disruption can be catastrophic.

Members of the internet’s criminal underworld bought from a forum a “botnet”
? a network of thousands of computers infected with software downloaded
without the users’ knowledge. The computers are “zombified” on
command by the software and instructed, en masse, to bombard websites with
requests so numerous that the sites often end up offline.

A botnet of 1.9m machines was found in April and included infected computers
belonging to 77 governments as well as to home users. It was hired out by a
gang of cyber mercenaries, at a rate of $100 for 1,000 computers, to those
keen to stage large-scale attacks capable of bringing down some of the
world’s best-protected sites.

Attacks on government sites and state infrastructure have become a worrying
new front in warfare, most prominently in the Russia-Georgia conflict, but
an attack focusing massive resources on silencing an individual, is, so far,
mercifully rare.

View full article here


VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)

Tags: , , , , , , , , , , , , , , , , , , ,

Ezine Article Board

Author:

This author has published 5773 articles so far.

Comments are closed