Computer networks have been on guard for decades against individuals trying to “hack” them. But networks now face a larger danger from mass attacks, warns IT security analyst Richard Stiennon.
“The new trend is to mobilize forces over the Internet to engage in the equivalent of mass online protests,” writes Stiennon in his latest book, Surviving Cyberwar.
Political groups, organized-crime syndicates, and some governments launch distributed denial of service (DDoS) attacks, which direct hundreds, thousands, or millions of computers to simultaneously strike a single Web site. The browser overloads and shuts down.
In 2007, when Estonia enacted laws that some Russian-Estonians opposed, denial of service attacks from some 80,000 IP addresses based in Russia sabotaged the Web sites of Estonian government agencies, banks, and telecommunications companies.
Stiennon blames many attacks on Nashi, a 120,000-member Russian nationalist youth association. Some Nashi operatives distribute the attack instructions and encourage members to use them against designated targets.
“They share a political mind and have the computer skills to join a call for an attack,” Stiennon writes.
In an exclusive interview with THE FUTURIST, Nashi member Alexi Kanskakof claims that Russian DDoS attacks have caused major economic disruption in Ukraine and may have contributed to Moscow-favored candidate Victor Yanukovych winning Ukraine’s presidential election in 2009. Also, during Russia’s 2008 war against Georgia, Russian hackers co-opted Georgian television stations to run pro-Russian broadcasts.
“From these examples, one can see just how effective Russian cyberattacks can be at blackmailing the citizens of other nations or causing economic chaos,” says Kanskakof.
He points out that DDoS attacks carry few risks for the perpetrators. A Nashi member could attack the Web site of a business in Ukraine, for example, without ever leaving Russia. “Even if the Ukrainian police forces found out it was you who did the cyberattack, there is really nothing they can do about it.”
Of course, Russians are not the only ones who may be using this weapon. It is believed that such attacks were also deployed to thwart WikiLeaks in its attempt to distribute “anonymously submitted” diplomatic cables embarrassing to the U.S. government and its global partners. And DDos attacks were also allegedly launched by WikiLeaks supporters against its “enemies.”
Businesses and government agencies worldwide are at risk, according to Daniel Gonzalez, director of information systems for the Software & Information Industry Association. He says that, while some denial of service attacks are orchestrated by masses of volunteers, others are created by “botnets,” automated software tools that infect computers and make them emit malware without their owners knowing it.
“With botnets, what they’re doing is building a network of all these infected computers that they can use for their own purposes,” says Gonzalez. He adds that many organized-crime groups create botnets and sell them to buyers on every continent.
Social-networking sites provide huge opportunities for botnets. These sites have few spam filters, according to Gonzalez, so hackers increasingly use them to distribute malware.
“Someone I know opened up a Facebook message. It looked like it was coming from one of their Facebook friends. It said, ‘Hey, I found this photo of you.’ It turned out it wasn’t a photo. It was installing a virus,” says Gonzalez.
Normal precautions that many people fail to take could be the simplest protections, such as keeping software up to date, notes Stiennon. He also urges Web sites to have independent platforms and not share servers. That way, if one site suffers a DDoS attack, other sites won’t fail, too.—Rick Docksai
Sources: Richard Stiennon, author of Surviving Cyberwar (Government Institutes, 2010), IT-Harvest, www.it-harvest.com.
Alexi Kanskakof, member of Nashi, private communications.
Daniel Gonzalez, Software and Information Industry Association, www.siia.net.