Massive Russian hacker attack threatens freewheeling Ru.net
Security experts are confused about who is behind the far-reaching cyber attacks, as both Kremlin foes and officials are among those targeted.
Russia's biggest social network and its top opposition newspaper have been knocked out by massive hacker attacks over the past week, leading some nervous bloggers to suggest that security services may be testing techniques for shutting down the country's freewheeling Internet in the event of a crisis.
The list of victims crying foul after the wave of direct denial of service (DDoS) attacks started hitting Russia's LiveJournal site, which has 4.7 million users, include President Dmitry Medvedev. Mr. Medvedev demanded a police inquiry Thursday after his blog on the site was shut down in the online strike.
The increasingly familiar menace of DDoS attacks involve using thousands of linked computers, which have often been "captured" by viruses or malware, to bombard a website with billions of requests for data, paralyzing the servers and preventing regular users from accessing the site.
Experts say the sheer scale of the cyberblitz presently underway points to a large organization, or perhaps secret service, as the culprit. However, they also seem baffled by the apparently indiscriminate targeting that shut down the blogs of Kremlin foes, friends, and top leaders alike.
"It's difficult to see where this might be coming from, because everybody across the political spectrum uses LiveJournal and depends on it," says Rustem Agadamov, a popular Russian blogger. "But it's obviously not simple net hooliganism, because this kind of sustained attack is very expensive and difficult to mount. Nobody's going to waste big resources to no purpose."
Once his blog was restored, a furious Mr. Medvedev took to it to condemn the "outrageous and illegal" actions of the hackers. "What happened must be investigated by the administration of LiveJournal administration and law enforcement agencies," he wrote.
The attacks began two weeks ago with a little noticed DDoS assault on the popular blog of Alexei Navalny, a social campaigner who has been dubbed "Russia's Julian Assange" for using his LiveJournal page to post sensational exposes of corruption in high places, including the alleged theft of $4 billion in the state-owned Transneft oil pipeline company.
But they quickly snowballed, leaving the entire Russian-language service paralyzed for many hours on Monday and Wednesday.
By Friday the focus had switched to the website of the opposition weekly Novaya Gazeta, which remains shut down amid what its editors allege is an "intense attack of unprecedented scope."
"We are trying to restore our site, but it's difficult to say when the attack will end," says Nadezhda Prusenkova, a spokesperson for the paper. "Specialists tell us these attacks are coming from the same computers that took down LiveJournal earlier in the week."
Ms. Prusenkova says the newspaper may switch to offshore servers, though its specialists doubt that would provide full protection. The biggest worry, she says, is the growing threat to Russia's wide-open Internet – dubbed Ru.net by users – which is the last bastion of free speech in Russia's state-dominated media landscape.
"Ru.net is the last free territory in Russia," she says. "It's self-organized and lives by its own rules. Its only defect is on clear display right now: it's vulnerable to sabotage by cybervandals."
Some analysts suspect the attacks may be a full dress rehearsal for a possible shutdown of Ru.net in the event of political emergency such as an Egyptian-style wave of popular unrest – a contingency that's caused a good deal of official fretting in recent weeks
"This has all the earmarks of a full scale test, to see whether it's possible to shut down social networks and opposition sites in case authorities feel they need to," says Andrei Soldatov, editor of Agentura.ru, an online journal that reports on the security services. "The crucial thing is to establish whether it's possible to carry it off anonymously, without implicating any official structures."
For all the suspicions being voiced by angry Russian bloggers about state involvement in the attacks, there seems little hard evidence of who might be behind the cyberstrikes, he says.
"We don't have independent specialist groups in Russia who might get to the bottom of this," on behalf of civil society, adds Mr. Soldatov. "Most high-tech firms are state-connected, and most Russian techies tend to be motivated by patriotic ideology. So, we're practically defenseless in the face of this kind of assault on Ru.net."