Saturday, August 08, 2009

Did the Russian FSB try to kill Facebook and Twitter?

(photo by Bird Eye).
The western world made three decisive strikes against militant Islam today but found itself surprisingly helpless against a new and dangerous opponent in cyberspace. The day began with Hilary Clinton vowing support for Somalia’s tenuous Transitional Government in its war against Al Shabaab who were implicated in the failed army barracks attacks in Melbourne earlier in the week and who are now threatening to take control of Mogadishu. Then came the news from the BBC that a missile from an unmanned US drone has probably killed Baitullah Mehsud, a Pakistani Taliban leader and that country's most wanted man. And Al Jazeera announced this evening that Indonesia has arrested Noordin Top, the Jemaah Islamiyah mastermind suspected to be behind the 2002 Bali bombings and the recent Jakarta hotel bombings.

But while the war on what was formerly known as terror remains the uppermost threat for Clinton and her State Department, they also need to seriously consider a new and dangerous cyber-enemy that emerged in the last 24 hours. For a couple of hours yesterday, and again intermittently today, a combined and concerted attack crippled the social network sites Facebook, Twitter and Live Journal.

While that may seem like a trivial offence to those who don't use social networks, the attacks are anything but trivial. Facebook’s quarter of a billion world population is the envy of most religions while Live Journal bloggers make 200,000 updates a day. And it was the Obama Administration that asked Twitter to suspend routine maintenance so the Iranian opposition could mobilise its forces in an attempt to topple the president.

So while no-one died and there were no pictures for the media, the overnight DDOS (Distributed Denial of Service) attack was as much an important attack on the public sphere as 9/11 was. In a DDOS attack, hackers compromise unsecured computers with viruses or other malware. These infected hosts are then instructed by the attacker's computer visit a targeted site, simultaneously and repeatedly. A bomb of connection requests detonates at the receiving end taking out legitimate traffic in the process.

Often DDOS is spam related, but Facebook’s chief security officer Max Kelly said this latest one was politically motivated. Kelly said the outage was caused by a deliberate attack on sites used by a pro-Georgian activist. He said it was a simultaneous attack across a number of properties targeting the activist to keep his voice from being heard coinciding with the first anniversary of the nation’s brief and bloody war with Russia. One cyber-aspect of that war was Russia’s attacks on Georgian websites using DDOS and defacement techniques.

Kelly declined to lay today’s blame on Russia or Russian nationalists, but said: “You have to ask who would benefit the most from doing this and think about what those people are doing and the disregard for the rest of the users and the Internet.” The intended victim of the attack was the Georgian with the account name "Cyxymu," (the name of a town in Georgia). He/she had accounts on all three different sites (Facebook, Twitter and LiveJournal) that were attacked. The blogger had attracted attention because LiveJournal users received spam that appeared to come from Cyxymu’s account.

Bill Woodcock, research director of the Packet Clearing House, a non-profit technical organization that tracks Internet traffic told the New York Times yesterday the attack was an extension of the Russia-Georgia conflict. He said he found evidence that the attacks had originated from the Abkhazia, the disputed border territory that caused the war. Woodcock wouldn’t commit to who was at fault. “One side put up propaganda, [and] the other side figured this out and is attacking them,” he said.

Given Russia’s access to superior technology, the most likely culprit would have to be the FSB (formerly the KGB) who have form carrying out this tactic on internal political enemies. However if it was Russia’s fault, libertarian Midas Oracle thinks the attack may have backfired despite the temporary annoyance. All the Russians achieved, said Midas, was to hand Cyxymu a megaphone. The Internet remains a double-edged sword.

No comments: