11 maggio 2008

Hacking o jamming, è sempre guerra fredda per RFE

Durante la guerra fredda le trasmissioni di Radio Free Europe venivano disturbate dai jammer sovietici. Nella moderna "cyber" guerra fredda, sono i siti Web di RFE a essere entrati nel mirino degli hacker. Il 28 aprile un comunicato stampa di RFE racconta di un attacco DOS che ha compromesso l'accessibilità di quasi tutte le home page di otto dei siti che fanno riferimento a RFE/RL. E' curioso che il giornale scozzese Sunday Herald legga tra le righe di una notizia comunque importante, una relazione tra l'attacco via Internet e una presunta messa fuori uso delle trasmissioni di RFE. In ogni caso, l'episodio mi sembra molto indicativo. Molti anni sono passati dallo scontro tra civiltà che si combatteva sulle onde corte, molti muri sono crollati nel frattempo. Ma occidente e oriente non hanno superato tutte le divisioni anche se oggi sono soprattutto i siti Web a ricordarcelo.
RFE/RL Websites Hit By Mass Cyberattack

Several websites run by RFE/RL's broadcast services have been hit by an unprecedented cyberattack, making them inaccessible to the outside world.
The attack, which started on April 26, intially targeted the website of RFE/RL's Belarus Service, but quickly spread to other sites. Within hours, eight RFE/RL websites (Belarus, Kosovo, Azerbaijan, Tatar-Bashkir, Radio Farda, South Slavic, Russian, and Tajik) were knocked out or otherwise affected.
The "denial-of-service" (DOS) attack was intended to make the targeted website unavailable to its users, according to RFE/RL's Director of Technology Luke Springer. "The way this is normally done is by flooding the target website with fake requests to communicate, thereby using up all [the website's] free sources and rendering the site useless to all the legitimate users," Springer said.
RFE/RL has taken countermeasures and restored full service to most of its Internet sites. The primary target, the Belarus Service, is still affected.
RFE/RL has been hit before by denial-of-service attacks, but this attack was unprecedented in its scale, as RFE/RL websites received up to 50,000 fake hits every second.
Springer says this more sophisticated assault is known as a "distributed denial-of-service" attack, in which "the attacker has made use of other machines, distributed its intentions out to other machines, and then all of these machines attack at the same time."
DOS attacks are difficult to protect against, and the software required to carry them out is available on the Internet.

Other Sites Attacked

RFE/RL Belarus Service Director Alyaksandr Lukashuk said he began getting e-mails from frustrated web visitors about two hours after the attack began on April 26. He noted that the problems began on an important date in Belarus -- the 22nd anniversary of the Chornobyl nuclear catastrophe.
Lukashuk said that a large Internet audience was relying on RFE/RL's Belarus Service to report live on a rally of thousands of people, organized by the Belarusian opposition. The demonstrators were protesting the plight of uncompensated Chornobyl victims and a government decision to build a new nuclear power station.
Other Belarusian websites were also hit, including the Minsk-based nongovernmental organization Charter 97. Since the attacks, many other independent websites in Belarus have carried content from RFE/RL's Belarus Service.
RFE/RL President Jeffrey Gedmin said he is deeply concerned by the attacks. "If free and independent media existed in these countries where we're working and broadcasting, we would have no reason to exist," Gedmin said. "The Belarusians, the Iranians -- they all have basically the same objective. They see free information -- flowing information of ideas and so forth -- as the oxygen of civil society. They'll do anything they can to cut it off. If it means jamming, if it means cyberattacks, that's what they'll do."
Cyberattacks have become more common in recent years, sometimes targeting government institutions or large corporations.
In May 2007, Estonian websites were hit by a wave of cyberattacks. Estonia accused Russia of launching the attacks after Tallinn relocated a monument honoring Soviet troops, sparking anger in Russia and among Estonia's ethnic-Russian population. Moscow denied any involvement.

***

Russia’s state hackers target Radio Free Europe in Prague
‘Tsunami’ of attacks interrupts station’s broadcasts

RUSSIA'S STATE-LICENSED hacker forces have opened a new front in the east-west cyber war with an unprecedented mass cyber-attack on Radio Free Europe/Radio Liberty, the American-financed radio station broadcasting from Prague to Eastern Europe and the Middle East.
The attack began last weekend with a "tsunami" of bogus connection requests, which blocked some of the radio station's internet websites and caused many others to crash. In turn, this frontal cyber-attack also affected the radio's broadcast services to some 20 countries in the region. When RFE took electronic counter-measures the cyber-attacks intensified.
Significantly, Prague sources point out, RFE/RL's broadcasts to Belorussia, Russia, Iran, Bosnia and Kosovo were the target services quickly rendered inaccessible. A further tranche of disabled services include Azerbaijan and Tadjikistan, which have friendly links with the West but, in the eyes of Prime Minister Vladimir Putin's policy-makers, belong to Russia's sphere of influence.
Cyber-assaults and hacker raids are virtual arms, but, in effect, they are real offensive weapons. Cyber-attacks can harm or even paralyse a country and are therefore the equivalents of physical military attacks. Nato's defensive treaty, drawn up in 1949, does not deal with this new-fangled weapon as there was no internet and very few computers at the time.
During the cold war there had been many Soviet attempts to jam the signals of RFE/RL, funded by Washington "to promote democratic values and institutions by disseminating factual information and ideas" in the communist empire. The present cyber attack on it is merely a continuation of this old cold war by more up-to-date means. How this virtual reality cyber-weapon was being used by the Russian hackers in last week's attack on the radio station is of considerable interest. At the height of the attack RFE/RL's websites received up to 50,000 fake requests for information, "hits" in cyber-language, every second. Cyberspace experts call this "denial-of-service attack" or DOS. According to Luke Springer, RFE/RL's head of technology, the attack initially targeted the radio station's Belorussian service, perhaps because of the radio's marking of the anniversary of the 1987 Chernobyl nuclear disaster in Belorussia. However, the attack quickly spread to other news sites.
"Within hours eight websites - Russian, Belorussian, Iranian, Kosovar, Serbo-Croat, Tartar-Bashkir and Tadjik - were knocked out or made unavailable," he said. "The way this is usually done is by flooding the target website with fake requests to communicate, thereby using up the website's resources and rendering it useless to all legitimate users."
Simple really. Only in this case the hackers targeted, with the use of a massive network of interconnected computers, a great number of RFE/RL computers and then, in a co-ordinated move, simultaneously attacked all the websites. The broadcaster's operating computers crashed. The Russian cyber-warriors' actions reveal the extraordinary vulnerability of institutions and even states to hacker penetration by a hostile power. Last week's massed hacker attack appears to define the stratagem of the cyber cold war. Its reach is surprising.
Well outside the rationale of the latest Russo-American cyber-swordfight, Russian hackers recently launched an attack on the website of Cheltenham town hall in the genteel Gloucestershire spa town. This inexplicable attack seemed to indicate that Russia's secret hackers are intent on a worldwide demonstration of their cyber-prowess.
Last year, the Kremlin's cyber warriors debilitated Estonia's entire banking and state computer system following Moscow's angry protests over the former Soviet republic's decision to remove the Soviet war memorial from the centre of Tallinn.
According to Reporters Sans Frontiéres, an independent organisation fighting for media freedom, the hackers who had attacked Estonia used the very same "distributed denial-of-service" type of hacker penetration as the one that debilitated RFE/RL last week.
The Russian hacker attack on Estonia rang alarm bellsin the capitals of former Soviet satellite states. Earlier this spring alien hackers briefly "occupied" the website of the High Court of Cassation in Bucharest.
Other Romanian public service websites, including that of the Romanian Railways, have also come under hacker attack.
Meanwhile, China's hackers are more than able to match Russia's capability to penetrate foreign computer networks, manipulate digital information and disrupt communications. Chinese cyber-spies have hacked into the computers of a number of leading British companies, including Rolls-Royce, and into the government computer networks of the US, France, Germany, South Korea and Taiwan.
Virtual reality raids appear to be the weapon of choice in the East-West cyber cold war.


Nessun commento: