BELARUS NEWS AND ANALYSIS

DATE:

04/05/2008

DDoS attacks knocked Radio Free Europe off the Web

By Gregg Keizer

On Chernobyl anniversary, U.S.-funded news organization hit by hackers

May 4, 2008 (Computerworld) Several Radio Free Europe Web sites were knocked off the Internet a week ago in a distributed denial-of-service (DDoS) attack that the news organization's spokesman compared to attempts decades ago by the Soviet Union to jam the U.S.-funded group's radio signals.

The attack, which started on April 26, hit Radio Free Europe's Belarus Web site hardest, and was timed to coincide with protests that day in the country to mark the anniversary of the 1986 Chernobyl nuclear disaster, the organization claimed. Seven other Radio Free Europe (RFE) sites, including those Kosovo and Azerbaijan, as well as the Russian-language site, were also affected.

"We had restored service on all but the Belarus site late Monday morning," Martins Zvaners, an RFE spokesman based in Washington, D.C., said Friday. "The Belarus site was up again on that afternoon."

Radio Free Europe and an associated service, Radio Liberty, are news organizations funded by the U.S. Congress that date back to 1949, when RFE began broadcasting news to radio listeners in Eastern Europe and the U.S.S.R at the beginning of the Cold War. The organization still uses radio to distribute its news, but also relies on the Internet.

The incident, said Zvaners, was the largest attack RFE had ever experienced. "It was massive and it was distributed," he said. At its peak, the DDoS attack was sending more then 50,000 requests to the RFE sites, which overwhelmed its servers' capacity and essentially knocked the sites offline. Other Belarusian sites were also hit, including the Minsk-based non-governmental organization (NGO) Charter 97.

Within an hour of RFE issuing a news release on Monday detailing the attack, "the bogus requests petered out," said Zvaners.

RFE has taken steps to protect against similar attacks in the future, but Zvaners would not get specific. "Our network [administrators] are looking at ways to better protect our sites from future attacks," he said.

April 26 was the 22nd anniversary of the meltdown at a nuclear reactor near Chernobyl, Ukraine. A plume of highly radioactive fallout drifted to the northwest, over what is now Belarus and towards Finland and Sweden. Large areas of Belarus, Russia and Ukraine were contaminated, but the majority of the fallout landed in Belarus.

The timing of the DDoS was not coincidental, said Zvaners: earlier, FRE had announced that it would cover anti-government protests live on its Web sites. Although he said it was impossible to know the identity of the attackers at this point in RFE's investigation, he pointed a finger at the administration of Alexander Lukashenko, the president of Belarus since 1996.

"This started on the day of a demonstration that they wanted no one to cover," said Zvaners. "They've never been real happy with us. In an ongoing sense, they are always 'jamming' our signals. We can't say for certain who did it, but you look at the circumstances and you can start to draw some possible inferences."

"It's like we are back in the 50s and 60s, when [the U.S.S.R] used other ways to block our signal," Zvaners said. "It's a disappointing trend, but perhaps not unexpected."

A security researcher who has investigated what he calls "people's information war," said that the sequence of the attacks could provide a clue as to their source.

"From [a] disinformation perspective on who is behind this, it's execution gone wrong, mostly because when the attacks initially started they seem to have targeted only the Belarus service of RFE's live coverage of the local opposition to building yet another Chernobyl," said Dancho Danchev, a Bulgarian researcher, in an e-mail reply to several questions. "[Only] later on did it started attacking seven other RFE sites.

"What if it was the other way around? Attack all of RFE's sites, and make it look like the primary target in this attack isn't targeted on purposely, but 'in between'," he added.

Politically-motivated attacks like the one against RFE are not new. A year ago, a series of DDoS attacks struck numerous sites in Estonia, the Baltic country that was once part of the U.S.S.R. Sites belonging to Estonia's prime minister and banks were among those brought down by the attacks. Although early suspicions pinned blame on the Russian government, some security researchers later disputed that, saying the attacks were not coordinated enough to have come from one group.

Last month, CNN.com was attacked by a large-scale DDoS attack, possibly by Chinese "hacktivists" angered by the news organization's earlier coverage of protests in Tibet.

Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9082258

Latest News

Archive

Month, Year April, 2009March, 2009February, 2009January, 2009December, 2008November, 2008October, 2008September, 2008August, 2008July, 2008June, 2008May, 2008April, 2008March, 2008February, 2008 January, 2008 December, 2007 November, 2007 October, 2007 September, 2007 August, 2007 July, 2007 June, 2007 May, 2007 April, 2007 March, 2007 February, 2007 January, 2007 December, 2006 November, 2006 October, 2006 September, 2006 August, 2006 July, 2006 June, 2006 May, 2006 April, 2006 March, 2006 February, 2006 January, 2006 December, 2005 November, 2005 October, 2005 September, 2005 August, 2005 July, 2005 June 2005 May 2005 April 2005 March 2005 February 2005

Subscribe Daily Newsletter:

Enter your Email


Powered by FeedBlitz

Belarus News and Analysis Donate: