Monday, April 28, 2008

RFE/RL hit by cyber attack

Several websites run by Radio Free Europe/Radio Liberty (RFE/RL) have been hit by an unprecedented cyberattack, making them inaccessible to the outside world. The attack, which started on 26 April, intially targeted the website of RFE/RL’s Belarus Service, but quickly spread to other sites. Within hours, eight RFE/RL websites (Belarus, Kosovo, Azerbaijan, Tatar-Bashkir, Radio Farda, South Slavic, Russian, and Tajik) were knocked out or otherwise affected.
The “denial-of-service” (DOS) attack was intended to make the targeted website unavailable to its users, according to RFE/RL’s Director of Technology Luke Springer. “The way this is normally done is by flooding the target website with fake requests to communicate, thereby using up all [the website’s] free resources and rendering the site useless to all the legitimate users,” Springer said.
RFE/RL has been hit before by denial-of-service attacks, but this attack was unprecedented in its scale, as RFE/RL websites received up to 50,000 fake hits every second.
Springer says this more sophisticated assault is known as a “distributed denial-of-service” attack, in which “the attacker has made use of other machines, distributed its intentions out to other machines, and then all of these machines attack at the same time.”
DOS attacks are difficult to protect against, and the software required to carry them out is available on the Internet.
RFE/RL Belarus Service Director Alexander Lukashuk said he began getting e-mails from frustrated web visitors about two hours after the attack began on 26 April. He noted that the problems began on an important date in Belarus - the 22nd anniversary of the Chernobyl nuclear catastrophe.
Lukashuk said that a large Internet audience was relying on RFE/RL’s Belarus Service to report live on a rally of thousands of people, organized by the Belarusian opposition. The demonstrators were protesting the plight of uncompensated Chernobyl victims and a government decision to build a new nuclear power station.
Other Belarusian websites were also hit, including the Minsk-based nongovernmental organization Charter 97. Since the attacks, many other independent websites in Belarus have carried content from RFE/RL’s Belarus Service.
RFE/RL President Jeffrey Gedmin said he is deeply concerned by the attacks. “If free and independent media existed in these countries where we’re working and broadcasting, we would have no reason to exist,” Gedmin said. “The Belarusians, the Iranians - they all have basically the same objective. They see free information - flowing information of ideas and so forth - as the oxygen of civil society. They’ll do anything they can to cut it off. If it means jamming, if it means cyberattacks, that’s what they’ll do.”
RFE/RL has taken countermeasures and restored full service to most of its Internet sites.
(Source: RFE/RL/R Netherlands Media Network Weblog)