Welcome to the era of cyber-warfare!
Hi, my fellow pissed off LJers! Most of you must've already heard about the probable reasons for the LJ crash of last Wednesday and the second, much bigger one from today. And it wasn't only LJ. Twitter was down too, and FB had some severe problems. As far as LJ is concerned, seems it became hostage of the internal political fights within Russia. Here's the evidence.
Below follows my rough translation of a few articles from the Russian media, which shed some light on the reasons for this situation.
http://www.vesti.ru/doc.html?id=442046&cid=7
Svetlana Ivannikova (the director of LJ Russia) stated that "this is the first time that an attack of such magnitude has happened in the history of LJ". The first time LJ withstood the attack and returned to normal service without any losses. The hackers chose the "locust" tactic, attacking through millions of fictitious accounts. The whole thing lasted for 7 hours. The LJ staff say that this was only a minor initial skirmish, which was testing the ground in preparation for the more massive "bombardment" which followed on April 4th. After the first attack the blog hosting was resumed.
http://www.finmarket.ru/z/nws/hn.asp?id=2027520
While the resource team of LJ are working to restore the service, the blogger community is coming up with the most improbable speculations about the crash.
As reported in a release from the LJ owner company Sup, which supervises the service of LJ, "the previous attack did not lead to any hardware failures, neither to damages on the wholeness of the service, nor did it lead to the loss of already published content". Back then the LJ administration managed to systematize the attack, identify the malicious traffic and restore the work of the service.
According to Ivannikova, the attack was carried out from Asia: various servers used by hackers, located in China, Yemen, South Korea, India, Pakistan, Japan and some former Soviet countries.
The director didn't rule out the possibility of similar situations recurring in the future; but the gained experience could help cope with the upcoming attacks better.
Even some Russian MPs are trying to get to the bottom of this story. For example, the leadership of the Communist Party sees in the hacker attack on LJ an attempt to prevent some key bloggers from issuing critical comments on topical themes of the day. "These events are not only making the users of the resource very nervous, they're creating tension within the political and information area. In recent years the Internet became primarily a communication tool, and such sites like LJ, VKontakte, Youtube and some others gained significant weight and became a major outlet for many who want to speak on the journalistic and artistic scene on various topics of the day", the first deputy chairman of the Central Committee of the Communist Party, Ivan Melnikov told Interfax. He said that the CP would do their best to protect the interests of the internet users: "We may bring this issue into the spotlight on our next meeting with the President".
http://www.unian.net/rus/news/news-429343.html
Russian IT expert Anton Nosik suggests that the biggest hacker attack in the entire 12-year history of LJ is related to the PR campaign against musician Yuri Shevchuk and writer Vladimir Sorokin, and to the previous cyber-attacks on the publishing house "Kommersant", some blogs of opposition figures and journalists such as Alexey Navalny [a renowned anti-corruption crusader] and other network resources, including Estonian and Georgian servers.
"In my opinion, the attacks on LJ, Twitter, the stand-alone blogs and other independent resources will continue to happen more and more often", Nosik predicts.
The Russian segment of LJ includes 20 million users. [And may I add that LJ is seen as the main outlet for free thought and free speech on the Russian political scene, hosting the bulk of the Russian dissidents, top journalists, and even lots of politicians and celebrities who maintain their own active LJ accounts. All in all, LJ (or ЖЖ as it's called in Russia) is being taken very, VERY seriously in that part of the world. In that it differs very much from the way LJ is being perceived and used throughout most of its Western auditory, which mainly uses it for non-political purposes (art, cinema, and other interest groups, fanart and fanfic, personal stuff)].
http://themoscownews.com/russia/20110401/188545685.html
Varshavchik believes that the ultimate goal of the latest disturbances may be to rob LiveJournal of its influence ahead of the 2012 elections in Russia. "This will mean the loss of a very important, independent platform," he wrote.
Russian LiveJournal, in the meantime, is currently back to being its lively self. The list of current top posts features everything from a post by a blogger denouncing the Kremlin for being too liberal, a comic strip about beavers and Alexei Navalny’s latest post - praising Dmitry Medvedev.
Further down the news...
http://www.dp.ru/a/2011/04/01/Kak_dolgo_budet_padat_ZH
RuNet users have started speculating about the actual reasons for the attack: is the blog of Alexey Navalny the main target, or perhaps the opposition newspaper "Novaya Gazeta", or Boris Nemtsov and his regular anti-Putin reports? One LJ user who is a start-up manager and journalist, Anton Nosik, says that behind these actions of "black PR" lurks the infamous Kremlin-supported organization "Nashi" (Ours), which had ordered the hacker attacks against the Estonian government servers [during the Russian-Estonian cyber war], as well as against the websites of "Kommersant" and "Gazeta.Ru". He doesn't rule out that new attacks may occur in the future.
"The longer the attack lasts, the less effective it is. The main impact force is associated with the beginning of the attack, which usually takes the server admins by surprise. And when responsive measures have been taken, the amount of damage starts to diminish, and the server returns to normal. Personally, I've got everything working just fine", Nosik told Neva24.
Two days after the most powerful DDoS attack for the whole LJ history, the service is still crippled. Most pages won't open. Users report receiving "503 error" which means the server isn't accepting new requests. "This could be happening both for internal reasons (as the LJ admins are trying to restore order), as well as for external ones (a hacker attack on the servers), Kiril, a Neva24 programmer explained.
It's difficult to protect oneself from a DDoS attack, while it's very easy to order one. On the hacker services market, as one of the programmers admitted, "you need to pay $800 an hour to bring down any website. If the site remains hanging for like 7 hours (as is the case with LJ), the hackers could even make a discount". The purpose of the hacker attacks may be to stop the activities of the resource, or extortion of money in return of a promise to not repeat the attack. Possibly, it's beneficial to somebody if a number of LJ bloggers start leaving for other resources.
Protection against cyber criminals is rather complicated. "You fill the old holes, then new weaknesses occur. All in all, the protection system of the servers frequently lags behind the advancement of viruses, and there can always be new gaps to be found, so falling victim to a hacker attack is always possible, despite the constant improvement of the protective mechanisms", Sergey, a system admin says.
And some curious news which I might consider making use of:
http://www.yuga.ru/news/223108/
The Mail.Ru Group company and the owners of LJ, Sup, reached an agreement for incorporating the two services. Those MailRu users who also have a LJ account will be able to use their login and password through their Mail.ru mail service to write comments on LJ, add friends, read friends' blogs, send private messages, download userpics and make shopping orders on the LJ Shop.
The LJ users who are logged in through Mail.ru will be able to convert their account to a standard LJ account. In that case, the system would automatically authorize the LJ user who's entering through their Mail.ru login. The reversed procedure, using the LJ account for authorized entry to Mail.ru, will be impossible, though.
And then, here some comments from users:
http://www.gazeta.ru/business/2011/03/30/3570573.shtml?lj2
The Putinoids have started moving, and you can see the result.
Yes, this is again a Navalny PR stunt. He's been kindof forgotten lately, and now he's gaining some points just before the elections for the state Duma.
Etc.
And lastly, a relevant poll: How important is the blogosphere?
http://www.themoscownews.com/vote/20110401/188546276-results.html
Btw, cyber warfare is now being named as the next big threat to national security:
http://www.cfr.org/technology-and-foreign-policy/confronting-cyber-threat/p15577
Below follows my rough translation of a few articles from the Russian media, which shed some light on the reasons for this situation.
http://www.vesti.ru/doc.html?id=442046&cid=7
Svetlana Ivannikova (the director of LJ Russia) stated that "this is the first time that an attack of such magnitude has happened in the history of LJ". The first time LJ withstood the attack and returned to normal service without any losses. The hackers chose the "locust" tactic, attacking through millions of fictitious accounts. The whole thing lasted for 7 hours. The LJ staff say that this was only a minor initial skirmish, which was testing the ground in preparation for the more massive "bombardment" which followed on April 4th. After the first attack the blog hosting was resumed.
http://www.finmarket.ru/z/nws/hn.asp?id=2027520
While the resource team of LJ are working to restore the service, the blogger community is coming up with the most improbable speculations about the crash.
As reported in a release from the LJ owner company Sup, which supervises the service of LJ, "the previous attack did not lead to any hardware failures, neither to damages on the wholeness of the service, nor did it lead to the loss of already published content". Back then the LJ administration managed to systematize the attack, identify the malicious traffic and restore the work of the service.
According to Ivannikova, the attack was carried out from Asia: various servers used by hackers, located in China, Yemen, South Korea, India, Pakistan, Japan and some former Soviet countries.
The director didn't rule out the possibility of similar situations recurring in the future; but the gained experience could help cope with the upcoming attacks better.
Even some Russian MPs are trying to get to the bottom of this story. For example, the leadership of the Communist Party sees in the hacker attack on LJ an attempt to prevent some key bloggers from issuing critical comments on topical themes of the day. "These events are not only making the users of the resource very nervous, they're creating tension within the political and information area. In recent years the Internet became primarily a communication tool, and such sites like LJ, VKontakte, Youtube and some others gained significant weight and became a major outlet for many who want to speak on the journalistic and artistic scene on various topics of the day", the first deputy chairman of the Central Committee of the Communist Party, Ivan Melnikov told Interfax. He said that the CP would do their best to protect the interests of the internet users: "We may bring this issue into the spotlight on our next meeting with the President".
http://www.unian.net/rus/news/news-429343.html
Russian IT expert Anton Nosik suggests that the biggest hacker attack in the entire 12-year history of LJ is related to the PR campaign against musician Yuri Shevchuk and writer Vladimir Sorokin, and to the previous cyber-attacks on the publishing house "Kommersant", some blogs of opposition figures and journalists such as Alexey Navalny [a renowned anti-corruption crusader] and other network resources, including Estonian and Georgian servers.
"In my opinion, the attacks on LJ, Twitter, the stand-alone blogs and other independent resources will continue to happen more and more often", Nosik predicts.
The Russian segment of LJ includes 20 million users. [And may I add that LJ is seen as the main outlet for free thought and free speech on the Russian political scene, hosting the bulk of the Russian dissidents, top journalists, and even lots of politicians and celebrities who maintain their own active LJ accounts. All in all, LJ (or ЖЖ as it's called in Russia) is being taken very, VERY seriously in that part of the world. In that it differs very much from the way LJ is being perceived and used throughout most of its Western auditory, which mainly uses it for non-political purposes (art, cinema, and other interest groups, fanart and fanfic, personal stuff)].
http://themoscownews.com/russia/20110401/188545685.html
Varshavchik believes that the ultimate goal of the latest disturbances may be to rob LiveJournal of its influence ahead of the 2012 elections in Russia. "This will mean the loss of a very important, independent platform," he wrote.
Russian LiveJournal, in the meantime, is currently back to being its lively self. The list of current top posts features everything from a post by a blogger denouncing the Kremlin for being too liberal, a comic strip about beavers and Alexei Navalny’s latest post - praising Dmitry Medvedev.
Further down the news...
http://www.dp.ru/a/2011/04/01/Kak_dolgo_budet_padat_ZH
RuNet users have started speculating about the actual reasons for the attack: is the blog of Alexey Navalny the main target, or perhaps the opposition newspaper "Novaya Gazeta", or Boris Nemtsov and his regular anti-Putin reports? One LJ user who is a start-up manager and journalist, Anton Nosik, says that behind these actions of "black PR" lurks the infamous Kremlin-supported organization "Nashi" (Ours), which had ordered the hacker attacks against the Estonian government servers [during the Russian-Estonian cyber war], as well as against the websites of "Kommersant" and "Gazeta.Ru". He doesn't rule out that new attacks may occur in the future.
"The longer the attack lasts, the less effective it is. The main impact force is associated with the beginning of the attack, which usually takes the server admins by surprise. And when responsive measures have been taken, the amount of damage starts to diminish, and the server returns to normal. Personally, I've got everything working just fine", Nosik told Neva24.
Two days after the most powerful DDoS attack for the whole LJ history, the service is still crippled. Most pages won't open. Users report receiving "503 error" which means the server isn't accepting new requests. "This could be happening both for internal reasons (as the LJ admins are trying to restore order), as well as for external ones (a hacker attack on the servers), Kiril, a Neva24 programmer explained.
It's difficult to protect oneself from a DDoS attack, while it's very easy to order one. On the hacker services market, as one of the programmers admitted, "you need to pay $800 an hour to bring down any website. If the site remains hanging for like 7 hours (as is the case with LJ), the hackers could even make a discount". The purpose of the hacker attacks may be to stop the activities of the resource, or extortion of money in return of a promise to not repeat the attack. Possibly, it's beneficial to somebody if a number of LJ bloggers start leaving for other resources.
Protection against cyber criminals is rather complicated. "You fill the old holes, then new weaknesses occur. All in all, the protection system of the servers frequently lags behind the advancement of viruses, and there can always be new gaps to be found, so falling victim to a hacker attack is always possible, despite the constant improvement of the protective mechanisms", Sergey, a system admin says.
And some curious news which I might consider making use of:
http://www.yuga.ru/news/223108/
The Mail.Ru Group company and the owners of LJ, Sup, reached an agreement for incorporating the two services. Those MailRu users who also have a LJ account will be able to use their login and password through their Mail.ru mail service to write comments on LJ, add friends, read friends' blogs, send private messages, download userpics and make shopping orders on the LJ Shop.
The LJ users who are logged in through Mail.ru will be able to convert their account to a standard LJ account. In that case, the system would automatically authorize the LJ user who's entering through their Mail.ru login. The reversed procedure, using the LJ account for authorized entry to Mail.ru, will be impossible, though.
And then, here some comments from users:
http://www.gazeta.ru/business/2011/03/30/3570573.shtml?lj2
The Putinoids have started moving, and you can see the result.
Yes, this is again a Navalny PR stunt. He's been kindof forgotten lately, and now he's gaining some points just before the elections for the state Duma.
Etc.
And lastly, a relevant poll: How important is the blogosphere?
http://www.themoscownews.com/vote/20110401/188546276-results.html
Btw, cyber warfare is now being named as the next big threat to national security:
http://www.cfr.org/technology-and-foreign-policy/confronting-cyber-threat/p15577