As already reported, since 21 October 2007, the website Human Rights in
Russia at www.hro.org, the largest Russian-language Internet resource on
human rights in the Russian Federation) has been subjected to a
relentless and concentrated computer attack (a new form of DDoS
attack***) with access to the site blocked.

It would seem that HRO.org has become the first public resource in
Russia to be confronted with an attack of such ferocity and persistence.
The human rights resource has effectively become in the frontline of
the newest stage of “cybernetic warfare”.

It should be noted that this attack does not only involve a consistent
flow of tens of thousands of requests. The perpetrators have also
managed to penetrate the website’s extremely serious security system and
insert virus infecting modules into the file system.

These modules have been created in a very devious and professional
manner – when deleted, they “come to live” in other directories. And
they bring the server down from inside. Combined with the mass attack
from outside, programmers believe that this fairly expensive attack was
clearly professionally planned.

At present no one is protected from a mass-scale DDoS attack. It can
take place with any server in any country, and at present there is no
general remedy. Internet resources are advised to spread themselves out
(the more the better) over different physical servers and on different
domain addresses, making it harder and more expensive for the
perpetrators to organize such an attack.

There are, in my view, two main problems. The first is the fact that
there are a huge number of unprotected computers without firewall****
and resident anti-virus programmes. The perpetrators infect such
computers through remote control with special viruses and use them as
distributed networks for attacks on “commissioned” Internet resources.

The second problem is that police departments ignore computer security
of hacker gangs who almost openly use the Internet to take commercial
orders for criminal “cyber measures”. Some observers have expressed
doubts as to whether such “agencies” may not be using hackers for their
own purposes.

They refer, for example, to publications about how the “enforcement
agencies” hired hackers to destroy the sites of separatists from the
Caucuses during the first and second Chechen Wars.

It is worthy of note that several months ago, one hacker, well-known in
programming circles, was recognized by chekists [i.e. the FSB] for
“patriotic work”, but instead of that gave an interview to the press
(http://www.agentura.ru/press/about/jointprojects/novgaz/nakhackers/).

It is also known that in Russia DDoS attacks have been carried out on
anti-fascist sites and sites of those fighting racial discrimination by
neo-Nazi games. Besides computer attacks, some of them extended to
publication in the Internet of home email addresses of democratic
politicians, human rights defenders and journalists and to calls for
violence against them. The Russian law enforcement authorities have
refused to bring prosecutions over these cases.

There is a wide scope for possible versions, only nobody has yet, it
would seem, been able to expose those who commission such high-tech
crimes as DDoS attacks.

We should point out that it is specifically in this year – spring and
summer 2007 – that DDoS attacks have been attempted against the servers
of the newspaper “Kommersant”, the radio station “Echo Moskvy”, and
later the servers of “Memorial”, Kasparov, the United Civic Front”, the
National Bolshevik Party {Limonov’s party}, and “liberals’” blogs on the
Live Journal. We thus have an entirely specific civic and political
spectrum which can be loosely defined as “opposition”.

The author then ventured the suggestion that such criminal actions with
respect to opponents, especially the opposition, might become a
widespread “tool” for dealing with those who don’t buckle under.
http://andy-hro-org.livejournal.com/?skip=30
http://www.hro.org/ngo/articles/2007/06/06.php

I rather fear that this gloomy prediction is coming true...

 

---

*** DDoS attack – standing for Distributed Denial of Service assault is
a notorious means of closing access to a site by effectively inundating
it with a huge number of requests. The site’s system becomes overloaded,
and therefore doesn’t open when Internet users try to access it.

**** Firewall is a special program for protecting network connections.
It makes it possible to block income or outgoing Internet traffic
according to a large number of parameters. These are also known as
network screens or brandmayers.