In contrast to the massive hacker attacks that took place during the parliamentary election on December 4th and over the following weeks, no notable incidents were reported yesterday when Russian voters reelected Vladimir Putin as their president – a sign perhaps of the increased legal risks and political cost for the parties involved.
Using computer hackers in political battles had become almost common place over the last few years in Russia – the country where the largest number of DDoS attacks originated in the second half of 2011, according to a recent report from Russian Internet security provider Kaspersky.
Examples include blocking key Internet resources of entire countries, such as Estonia in 2007 and Georgia in 2008, in addition to multiple cases of blocking websites of independent or opposition media and politicians, from Gazeta.ru and Kavkaz Center in 2003 to Gary Kasparov and the The Echo of Moscow radio station in 2007. Even the venerable news agency RIA Novosti was not spared in 2008.
Political hacking reached unprecedented heights during the recent political turmoil. On December 4, the day of parliamentary elections, along with the days preceding and following it were marked by massive DDoS attacks against several websites – notably KartaNarusheniy.ru, a website displaying a map of election fraud across the country, and Golos.org, an NGO dedicated to monitoring the election process, as well as against blogging platform LiveJournal and even the venerable Russian business daily Kommersant – which had already been under attack in 2007.
According to information security experts at Yandex, the DDoS attacks on December 4 involved more than 200,000 computers, which had been turned into ‘slaves’ by the hackers to have them send traffic of more than 10 gigabytes per second.
Ilya Sachkov, the director of cybercrime investigation company IB Group, told RIA Novosti that an attack against the website of The Echo of Moscow, a radio station frequently critical of the Kremlin, was conducted by a large botnet distributed all around the world while the same attack against Golos.org was organized from inside Russia and other former Soviet countries.
Censorship vs. technology
But the attack also demonstrated the power of technology over attempts of control or censorship. After its website became unavailable, Golos published its data about more than 5,000 voting violations through Google.docs. The Echo of Moscow also used Google.doc, as well as Google+ to report its findings in spite of falling victim to the DDos attack. The radio station also posted its blog on the website of opposition-minded newspaper Novaya Gazeta. Slon.ru published its materials on Storify.com.
In January and February, the cyberattacks resumed, targeting a diversity of resources from NovayaGazeta.ru to the blog of Alexey Navalny, a prominent opposition figure. The Feb26.ru website, created to coordinate an opposition rally, was also shut down for a day by hackers. In Ufa, the capital of Bashkortostan, an autonomous republic of the Russian Federation, several opposition websites have been subject to continued DDoS attacks during the days leading up to the presidential election.
The battle was not limited to DDoS attacks on political websites. They also involved social networks, which have played a crucial role in the mobilization of mass rallies of all sides during recent months – and which have been exposed to public pressure from the Russian authorities.
On December 6, an attack targeted a Twitter account of anti-government opposition protesters. Pro-Kremlin activists used bots to post to this account messages with the hashtag #триумфальная (Triumfalnaya, in a reference to the Triumph Square, where demonstrators gathered), reported Trend Micro. With a rate of up to 10 messages per second, these bots succeeded in blocking the actual message feed.
The Anonymous strike back
Cyber attacks, however, also tend to become a common practice from the anti-government side. The Anonymous, the international hacktivist network, joined the battle with threatening warnings sent to Russian polical leaders as well as to “corrupt bureaucrats” attempting to control the Internet and to bloggers they regard as Kremlin propagandists.
“We will not let the bandits force the Russian Internet to kneel,” a member of The Anonymous said in a recent interview with leading Russian online information site Gazeta.ru.
The Russian Anonymous also use Twitter accounts, pages on LiveJournal, and groups on VKontakte with thousands of members and followers.
In February, they claimed responsibility for DDoS attacks from @OP_Russia against three websites of United Russia, the ruling party – Mos-partya.ru, Er-region.ru, and Er-kaluga.ru.
The Russian Anonymous also hacked the email accounts of Vasily Yakemenko, the leader of the pro-Putin youth organization ‘Nashi,’ as well as of his former press secretary Kristina Potupchik. According to the leaked emails, the Federal Youth Agency paid thousands of US dollars for favorable blogging activity and DDoS attacks against newspapers, including Russian business daily Kommersant.
While Kommersant indicated it would press charges against Potupchik over the DDoS attacks, the affair fueled speculation that Yakemenko and ‘Nashi’ could be quickly losing the Kremlin’s favor. Doubts have been cast over the future of this organization even from within the presidential administration, The Moscow News reported last month.
Alleged double standards in cybercrime prosecution
Although Russian authorities are increasingly fighting cybercrime, with the latest example being last week’s successful operation by the Moscow police against a cybercrime ring that specialized in DDoS attacks and breaking into email and social networking accounts, they have so far not shown much concern about attacks targeting independent or opposition-minded web resources.
Numerous examples of this passive attitude by the Russian authorities have been reported by legal experts Damir Gainutdinov and Pavel Chikov of Agora, a Russian human rights NGO. “Expecting protection from the authorities is nonsense,” they conclude, accusing some “government structures” of “complicity” in these cybercrimes.
Nevertheless, the Russian media and organizations that have been under attack in recent months have consistently requested official investigations and filed complaints – and Agora expects earlier complaints to be brought to the European Court of Human Rights as soon as this year.
