Jul 4, 2007

Domestic Political Cyberwar in Russia

A political battle is raging in Russian cyberspace.

Opposition parties and independent media say murky forces have committed vast resources to hacking and crippling their Web sites in attacks similar to those that hit tech-savvy Estonia as the Baltic nation sparred with Russia over a Soviet war memorial.

While they offer no proof, the groups all point the finger at the Kremlin, calling the electronic siege an attempt to stifle Russia's last source of free, unfiltered information.

The victims, who range from liberal democrats to ultranationalists, allege that their hacker adversaries hope to harass the opposition with the approach of parliamentary balloting in December and presidential elections in March.

Some independent experts agree.

"A huge information war awaits Russia before the elections," said Oleg Panfilov of the Center for Journalism in Extreme Situations.

The groups claim the attackers use vast, online networks of computers infected with malicious software — whose owners probably aren't aware they are involved — to paralyze or erase targeted Web sites.

Stanislav Belkovsky, a political analyst believed to have close ties to Kremlin insiders, said a senior associate of President Vladimir Putin is leading the cyber assault. The government denies it and insists it has nothing to do with the onslaught. The Kremlin said hackers could easily forge Internet Protocol addresses registered to government offices.

Belkovsky, founder of the Moscow-based National Strategy Institute, said the Kremlin is upset that it has been unable to control the political content of online media. "The Kremlin can't just tell their editors to remove an unwanted publication," he said.

The attacks are similar to assaults — sometimes a million computers strong — unleashed in April and early May against Web sites in Estonia. Officials there say waves of attacks crashed dozens of government, corporate and media Web sites.

The cyber warfare included computer-generated spam and so-called Distributed Denial-of-Service, or DDoS, attacks. It erupted during violent protests by ethnic Russians against the decision to move a Soviet-era Red Army monument out of downtown Tallinn, the Estonian capital.

The DDoS attacks involve a flood of computers all trying to connect to a single site at the same time, overwhelming the computer server that handles the traffic. Estonian authorities claimed they traced the attacks to Kremlin IP addresses.

Outside experts say blocking this type of Web assault is difficult or impossible because the host server has no way of distinguishing between legitimate and bogus requests for access.

Government security services have long been suspected of engaging in hacking. In 1999, an unidentified hacker in Moscow penetrated U.S. Defense Department computers for more than a year, copying classified naval codes and data on missile systems. The Kremlin denied involvement. ...

Mainstream media have also come under cyber-assault, especially when they carry information likely to draw the attention of the government.

Kommersant's Web editor, Pavel Chernikov, said the major daily newspaper's site was attacked in early May. He called it retaliation for publishing a transcript of the interrogation of Boris Berezovsky — a self-exiled oligarch who lives in London — by Russian investigators.

While British prosecutors have identified a former KGB agent living in Moscow as the prime suspect in the murder of Russian spy Alexander Litvinenko, Russian authorities have focused on Berezovsky, Putin's political foe.

On the same morning, the Web site of Ekho Moskvy, a liberal Moscow radio station where criticism of Kremlin policies can often be heard, was brought down by a DDoS attack.

The United States — especially the government sector — was the target of more than a half of DDoS attacks worldwide, according to Symantec. The FBI recently arrested several DDoS hackers as part of "Operation Bot Roast" sting.

Nothing of the kind is happening in Russia.

No comments: