Forums

Site map
Search
0The virtual community for English-speaking expats and Russians
  Main page   Make it home   Expat card   Our partners   About the site   FAQ
Please log in:
login:
password:
To register  Forgotten your password?   
  Survival Guide   Calendars
  Phone Directory   Dining Out
  Employment   Going Out
  Real Estate   Children
   Saturday
   November 23
News Links
Business Calendar
Phone Directory
 Latest Articles
 Archived Articles
Analysis & Opinion
08.08.11 The Death Of A Journal
By Svetlana Kononova

LiveJournal, the largest and most popular blogging network in Russia, was knocked offline for several days at the end of July due to DDoS attacks, the platform’s owner SUP reported. This is the third attack on LiveJournal since the beginning of the year – an apparent sign that somebody is trying to limit its popularity and impact on public opinion. Experts and users have conflicting theories on the recent attacks and on where the pressure against the blogging platform is coming from.

When LiveJournal was crippled by hacking attacks last month, theories quickly developed as to who was behind the sabotage. For some experts, such as Ilya Sachkov, the general director of Group-IB, a Moscow-based company that specializes in investigating computer crime, the scale of the attacks was significant and indicated that it was the work of well-off and professional saboteurs. “The average cost of DDoS attacks varies and may reach $1,500 a day. But in some cases, the cost can reach record levels of $5,000 per day,” Sachkov said, adding that costs depend on the quality of DDoS services and the difficulty of launching an attack.

DDoS attacks block access to Web sites and halt their activities by overloading them with requests sent from a network of computers or a “botnet,” controlled by a virus distributed by cyber-criminals. When the target network is overloaded, the site shuts down. “Attacks on such a popular platform as LiveJournal lead to a wide public response and increased attention from law-enforcers. Therefore, it requires highly professional perpetrators who can commit cyber-crimes for a long time without being punished,” Sachkov said.

In terms of the motivation behind the attacks, three main theories have emerged: political interference; internal problems at SUP; and a battle for control of the blogging market. Of these, many users and experts are pointing to political interference as the most likely. LiveJournal plays the role of independent mass media in modern Russia, where television is fully controlled by the authorities. More than 32 million Internet users have accounts on LiveJournal, of which around two million blogs are updated regularly.

LiveJournal users, unlike TV audiences, are well-known for their skepticism toward the authorities. Used predominantly by the educated middle or aspiring middle-class, LiveJournal is often seen as the “cradle” of civil society. Protest movements such as the blue bucket flash-mobs against “migalki” – the blue flashing lights that allow high-ranking officials to flout basic traffic rules; the defenders of the Khimki Forest protesting against construction of a new Moscow to St. Petersburg highway; and pregnant women opposing diminishing maternity benefits have all used the platform to share information and galvanize support.

Previous attacks add weight to the theory that attempts to bring the site down are politically motivated. On April 5, Maria Garnaeva, an expert at antivirus company Kaspersky Lab, published data from the company’s monitoring of LiveJournal. “The first attack on LiveJournal was implemented on March 24. The owners of a botnet initiated an attack on Alexei Navalny’s [a leading anti-corruption activist] blog. On March 26, the bots received instructions to initiate attacks on the Web site of another well-known champion in the fight against corruption – Rospil.info,” she wrote.

Garnaeva also published a list of blogs which were attacked on April 4, all of which have a large Internet audience. Beyond Navalny, this list includes Internet-guru Anton Nossik, writer Tatiana Tolstaya, designer Artemy Lebedev, photographer Ilya Varlamov, journalist Bozhena Rynska and a few dozen other popular bloggers. Most of those on the list are famous for their criticism or mocking of the authorities and not one is either a member of United Russia or a governmental official.

But some experts believe that internal problems at SUP are playing a decisive role. Writer Alexei Exler said he believes in a theory of “crooked hands and unprofessional management.” Meanwhile, Eugene Kaspersky, the head of Kaspersky Lab and a leading Internet security expert, said that “the patient is closer to DeadJournal than LiveJournal. It seems the problems are clinical. And in order to ‘straighten itself out,’ LiveJournal will not only need to upgrade its technical staff, but also to clean out the rot. It’s hard to believe that this will happen and problems with access to LiveJournal will probably happen again from time to time,” he wrote in his blog, relocating his posts from LiveJournal to his own personal Web site.

The third hypothesis over the attacks is that they were an attempt to expose problems within LiveJournal in order to weaken bloggers’ loyalty to the platform and lure them to its competitors in the market. While many popular bloggers created accounts on alternative platforms in the wake of LiveJournal’s problems, other large social networks like Facebook and VKontakte are not as convenient for blogging. Twitter gives users limited space, while Google+ requires users to post under their real names. Most top Russian bloggers still consider LiveJournal to be their “home.”

But combating the attacks, which can be managed from anywhere in the world, remains a challenge, beginning with identifying the perpetrators. Security experts have different ways to investigate DDoS attacks and identify cyber-criminals, explained Sachkov. “One method is ‘pattern.’ Every botnet is a set of computers with certain characteristics such as an IP-address and an operating system. These characteristics are constantly changing, but there is a mathematical model which allows us to calculate these changes and compare them. ‘Patterns’ are like unique fingerprints that include different geographical and technical data,” Sachkov said. “The other method is the ‘Honey Pot.’ This is a form of bait, which is installed on a controlled computer or virtual machine. When a virus infects the computer it is possible to monitor its activity: the instructions it receives, from where and who else it attacks.”

But even if caught, prosecutors may find it hard to bring the perpetrators to justice. Irina Levova, a leading analyst at the Russian Association of Electronic Communication (RAEC), said that if identified, the perpetrators of DDoS attacks on LiveJournal may be punished under Articles 272 and 273 of the Criminal Code, which cover “Illegal access to computer information” and “Creating, using and distributing malicious programs.” She believes current legislation is too lenient toward cyber criminals, allowing them to commit crimes repeatedly and inflict expensive damage. “From the point of view of members of the Committee against Cyber-Crime at the RAEC, the current Criminal Code is too kind to cyber-criminals. Work on amendments is a very difficult task and should be done via the joint efforts of Internet companies, law enforcement representatives and computer security experts,” Levova concluded.
The source
Copyright © The Moscow Expat Site, 1999-2024Editor  Sales  Webmaster +7 (903) 722-38-02