President Dmitri Medvedev condemns attacks as 'illegal,' and calls for investigation. Computer security experts indicate that opposition blogs hosted on LiveJournal.ru were the likely targets.
President Dmitry Medvedev condemned the attacks
Russian President Dmitri Medvedev has condemned the recent string of cyberattacks against the popular Russian blogging site LiveJournal.ru as "outrageous and illegal" in a post to his own LiveJournal account.
"What happened must be investigated by the administration of LiveJournal administration and law enforcement agencies," he wrote Thursday.
The site has been hit by many "distributed denial of service" attacks, better known as DDOS attacks, which knocks a website offline by overwhelming it with artificial traffic.
No group has claimed responsibility for the attacks, and further, it is often nearly impossible to determine who originated the attacks. In 2007, when Estonian government, media and financial websites were hit by similar cyberattacks believed to have been orchestrated from Russia, only one person was ever charged with a crime, and he was fined and served no jail time.
LiveJournal.ru, which is one of Russia's most popular websites and blog hosts, and is frequently a venue for open political discussion, said through the Russian-language blog of its host, SUP.ru, that it had sustained a "powerful and prolonged DDOS attack" on April 4 at 2 pm Moscow time.
"The attack [targeted] a few of the top ten blogger and communities," SUP wrote. "It can be argued that [the attack] was aimed directly at the service itself as a whole."
Many experts believe that Alexei Navalny's blog was the initial target
Computer security experts have speculated that the initial target was likely Alexei Navalny, who has a very popular anti-corruption blog on the LiveJournal site. Nalvany has come under recent increased international attention lately, as he was featured in the New York Times, an American newspaper, and the The New Yorker magazine within the last several weeks.
Popular blogs targeted
Kaspersky Labs, one of the world's leading computer and network security firms, which is based in Moscow, confirmed that this DDOS was organized by the Optima botnet, adding that the firm had been "monitoring one of these Optima botnets for some time now."
"Analysis of the data acquired showed that the first DDOS attack on LiveJournal occurred on 24 March," wrote Maria Garnaeva, a Kaspersky analyst, on the English-language blog SecureList on Wednesday.
In the same post, Garnaeva listed 36 websites that became targets during the April 4 attack.
"It should be obvious to specialists in the Russian-speaking blogosphere that the list affects some of the most popular bloggers on LiveJournal who write about a wide variety of things," she wrote. "It is not known if this was an attempt to 'blur' the real target of the attacks, which may have been clearly designated during the first DDOS attacks, or if the list of blogs that had fallen out of favor had become bigger."
On April 4, a British computer security firm, Netcraft, also confirmed the attack on its blog.
"LiveJournal has been knocked offline by another DDOS (distributed denial of service) attack, less than a week after a separate sustained attack caused the site to go down for several hours," wrote Paul Mutton on the company's blog. "In response to last week's attack, LiveJournal upgraded their servers to make the site run faster; however, this does not appear to have prevented the current attack from succeeding."
According to the Reuters news agency, Alexander Gostev, also of Kaspersky Labs, said on Ekho Moskvy radio on Thursday that the opposition newspaper Novaya Gazeta had also become a target of DDOS attacks.
LiveJournal is one of the most popular blog hosts in Russia
LiveJournal Russia may pursue legal action
A representative from LiveJournal Russia, Svetlana Ivannikova, also was quoted on the SecureList blog as having said that LiveJournal Russia had not yet approached Russian law enforcement officials, "but we don't exclude a lawsuit option."
In the same post, Garnaeva encouraged LiveJournal Russia to make use of existing Russian statutes to pursue the perpetrators.
"From our point of view, there is direct evidence of a crime according to Article 273 of the Criminal Code of the Russian Federation 'Creation, Use, and Dissemination of Harmful Computer Viruses,' she wrote. "After all, Russia's law enforcement agencies and courts already have experience of enforcing this law."
Author: Cyrus Farivar
Editor: Anke Rasper