Information Warfare: Touched By The Bear

Archives

February 3, 2010:  In the last few months, major Russian newspapers, that have been critical of the government, have been attacked by hackers. Currently, Novaya Gazeta, highly respected for its investigative reporting, has had its web site shut down by hackers for a week (via a powerful DDOS attack). Novaya Gazeta publishes three issues a week, and its reporting is picked up globally via its web site. Novaya Gazeta's reporting has certainly upset some people, as four of their reporters have been murdered in the past nine years. Last November, hackers broke into the web site of mass audience (circulation of a million) daily Moskovsky Komsomolets, and destroyed most of the text and picture files in the papers' digital archive. Counting these attacks, and a recent series of attacks on neighbors of Russia, this sort of thing has happened four times in the last three years.

First it was Russian computer hackers (and cyber crime gangs) shutting down Internet service in a neighboring country that had offended the Russian government. That happened back in 2007 to Estonia. Two years ago, it was Georgia (whose leader had regularly insulted Russian leader Vladimir Putin, often in a very personal way.) Last year it's Kyrgyzstan, which was resisting Russian attempts to control world access to Kyrgyzstan's oil and natural gas fields.

Estonia concluded that the weeks of Cyber War attacks it endured three years ago were not an act of war. Or, rather, the attacks were not carried out by the Russian government, but at the behest of the government by Russian hackers angry at Estonia. Some Internet security researchers believe that the attacks were the result of efforts by a small number of hackers, who had access to thousands of captive (or "zombie") PCs. Some of the zombies were located in Russian government offices. But that's not unusual, as government PCs worldwide tend to be less well protected than those in large corporations. It is believed that other governments are behind similar attacks that temporarily shut down politically embarrassing web sites. This is becoming very common, and often the attacks are ones where only a particular government would benefit.

Russia used the same technique two years ago against Georgia, although this time the DDOS attacks were preceded by a well planned Information War campaign against Georgia (and in favor of Russia.) The Georgia Internet operations were accompanied by Russian troops invading as well. This was more of a raid, than an actual march of conquest. Both the Russian CyberWarriors, and combat troops, did a lot of damage in Georgia, and then withdrew. The operations against Kyrgyzstan were meant to intimidate, and persuade the Kyrgyz to do an oil deal that is favorable to Russia. So far, this CyberBullying tactic seems to be working.

Russia denies that the government is behind these attacks in any way. But Russia is a notorious sanctuary for Internet based criminal operations, and the Russian secret police have (for czar, commissar and the current elected officials) been using gangsters to do dirty work for centuries. Often, the people responsible are the "usual suspects."