Cold War II Battlefront: It Starts in Cyberspace

The Washington Post reports:

A political battle is raging in Russian cyberspace. Opposition parties and independent media say murky forces have committed vast resources to hacking and crippling their Web sites in attacks similar to those that hit tech-savvy Estonia as the Baltic nation sparred with Russia over a Soviet war memorial. While they offer no proof, the groups all point the finger at the Kremlin, calling the electronic siege an attempt to stifle Russia’s last source of free, unfiltered information. The victims, who range from liberal democrats to ultranationalists, allege their hacker adversaries hope to harass the opposition with the approach of parliamentary elections in December and presidential elections in next March.

Some independent experts agree. “A huge information war awaits Russia before the elections,” said Oleg Panfilov of the Center for Journalism in Extreme Situations. The groups claim the attackers use vast, online networks of computers infected with malicious software — whose owners probably aren’t aware they are involved — to paralyze or erase targeted Web sites. Stanislav Belkovsky, a political analyst believed to have close ties to Kremlin insiders, said a senior associate of President Vladimir Putin is leading the cyber assault. The government denies it and insists it has nothing to do with the onslaught. The Kremlin said hackers could easily forge Internet Protocol addresses registered to government offices. Belkovsky, founder of the Moscow-based National Strategy Institute, said the Kremlin is upset that it has been unable to control the political content of online media. “The Kremlin can’t just tell their editors to remove an unwanted publication,” he said.

The attacks are similar to assaults _ sometimes a million computers-strong _ unleashed in April and early May against Web sites in Estonia. Officials there say waves of attacks crashed dozens of government, corporate and media Web sites in one of Europe’s most wired societies. The cyber warfare included computer-generated spam and so-called Distributed Denial-of-Service, or DDoS, attacks. It erupted during violent protests by ethnic Russians against the decision to move a Soviet-era Red Army monument out of downtown Tallinn, the Estonian capital. The DDoS attacks involve a flood of computers all trying to connect to a single site at the same time, overwhelming the computer server that handles the traffic. Estonian authorities claimed they traced the attacks to Kremlin IP addresses.

Outside experts say blocking this type of Web assault is difficult or impossible because the host server has no way of distinguishing between legitimate and bogus requests for access. “It doesn’t matter if the Web site itself has a lot of protection,” said Hari Balakrishnan, a computer science professor at the Massachusetts Institute of Technology. “People are not breaking into it. People are just making requests of it.”

Government security services have long been suspected of engaging in hacking. In 1999, an unidentified hacker in Moscow penetrated U.S. Defense Department computers for more than a year, copying classified naval codes and data on missile guidance systems. The Kremlin denied involvement. The Chinese government is suspected of using the Web to break into computers at the Defense Department and other U.S. agencies between 2003 and 2005, in what was dubbed Operation Titan Rain. Since 2001, Chinese “hacktivists” have organized attacks on and defaced U.S. Web sites to oppose what they call the imperialism of the United States and Japan. China has set up an extensive surveillance system to prevent its citizens from accessing online materials considered obscene or politically subversive. Russia does not filter or block Web sites, and the Internet plays a critical role as the only form of mass media over which the government has no control.

The Kremlin, either directly or indirectly, owns the three major national television networks, major radio networks, wire services and print publications. Meanwhile the remaining independent media, face growing pressure to engage in self-censorship. In March, Putin created an agency that will license broadcast, print and online media. The following month, the government banned what it considered extremist statements — such as those by pro-separatist Chechen Web sites or supporters of legalizing marijuana — and broadened the definition of extremism. The legislation covers slander or libel of a government official, but it’s up to a court decide whether it counts as extremism. The new law resulted in a string of fines, warnings and trials for Russia’s online journalists, bloggers and participants in politicized Web forums. Critics fear the Kremlin could use these and other measures to resurrect Soviet-style media monitoring and censorship.

So far, however, the Web has operated largely outside government control and has grown into the opposition’s main tool for recruiting and organizing. Garry Kasparov, the former chess champion turned opposition leader, was only half-joking when he told The Associated Press in May: “YouTube for the Russian opposition is the only way to communicate.” But reliance on the Web also makes the opposition vulnerable to hackers. The outlawed National Bolshevik party says its Web sites were repeatedly hacked between February and April, as the nationalist group used the Internet to marshal “Dissenters’ Marches” in Moscow, St. Petersburg and elsewhere. The attacks were sophisticated as well as massive, said Alexei Sochnev, who is in charge of the National Bolsheviks’ online network. “They killed the entire U.S. server that hosted us,” he said. When the attacks ended, traffic fell by about two-thirds, from 6,000 to just 2,000 visits a day. Group leaders say the crash cut attendance at opposition rallies.

Mainstream media have also come under cyber-assault, especially when they carry information likely to draw the attention of the government. Kommersant’s Web editor, Pavel Chernikov, said the major daily newspaper’s site was attacked in early May. He called it retaliation for publishing a transcript of the interrogation of Boris Berezovsky — a self-exiled oligarch who lives in London — by Russian investigators. While British prosecutors have identified a former KGB agent living in Moscow as the prime suspect in the murder of Russian spy Alexander Litvinenko, Russian authorities have focused on Berezovsky, Putin’s political foe. On the same morning, the Web site of Ekho Moskvy, a liberal Moscow radio station where criticism of Kremlin policies can often be heard, was brought down by a DDoS attack.

Similar tactics have frequently been used by Western hackers — in 2000, the Web sites of CNN, Yahoo! and eBay were paralyzed by online blackmailers. Massive attacks in 2002 and February 2007 attempted to disable the Internet itself. The United States — especially the government sector — was the target of more than a half of DDoS attacks worldwide, according to Symantec. The FBI recently arrested several DDoS hackers as part of “Operation Bot Roast” sting. Nothing of the kind is happening in Russia. Panfilov of the Center for Journalism in Extreme Situations said Russian opposition Web sites will find themselves under increasing pressure as election season heats up. “There will be purges of online publications, shutdowns or takeovers of last independent media outlets and strong pressure on Web users,” he said.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s