Thu Mar 12, 2009 10:44am EDT
By Christian Lowe
MOSCOW (Reuters) - An activist with a pro-Kremlin youth group said Thursday he and his friends were behind an electronic attack on Estonia two years ago that paralyzed the NATO state's Internet network.
Ex-Soviet Estonia blamed the Russian government for the attack at the time, though Moscow denied involvement. The incident prompted the NATO military alliance to review its readiness to defend against "cyber-warfare."
Konstantin Goloskokov, an activist with Russia's Nashi youth group and aide to a pro-Kremlin member of parliament, said he had organized a network of sympathizers who bombarded Estonian Internet sites with electronic requests, causing them to crash.
He said the action was a protest against the dismantling in 2007 of a Soviet-era monument to the Red Army from a square in the center of Estonia's capital Tallinn. The removal prompted two nights of rioting by mainly Russian-speaking protesters.
"I was not involved in any cyber-attack. What I did and what my friends did was no kind of attack, it was an act of civil disobedience, absolutely legal," 22-year-old Goloskokov told Reuters in a telephone interview.
"Its aim was to express our protest against the policy of soft apartheid which has been conducted by the leadership of Estonia for many years and the climax of which was the dismantling of the ... soldiers' (monument) in Tallinn."
"We made multiple requests to these sites," he said. "The fact that they could not withstand this is, strictly speaking, the fault of those people who from a technical point of view did not equip them properly."
He said his action -- known as a distributed denial-of-service attack -- was his own initiative and he received no help either from Nashi or from Russian officials.
The creation of the youth group was masterminded by Kremlin officials and its activists have had audiences with former President Vladimir Putin, who is now prime minister. Nashi's former leader is now the head of a government agency.
Nashi stages regular protests outside the embassies of Western states with which the Kremlin has disagreements, and its activists picket meetings of opposition parties.
Kristina Potupchik, a spokeswoman for the organization, said it had nothing to do with jamming Estonian Internet sites. "If anything did happen, it was the personal initiative of Konstantin Goloskokov," she said.
Russian officials allege that Estonia routinely discriminates against its Russian-speaking minority and accuse European institutions of turning a blind eye.
The decision to move the Red Army monument in Tallinn was seen in Moscow as a deliberate snub to the sacrifices the Soviet Union made to liberate eastern Europe from German occupation during World War Two.
But Estonians, like many eastern Europeans, say Nazi rule was replaced by decades of brutal Soviet repression which only ended with the fall of the Berlin Wall.
Estonia's government denies discriminating against Russian-speakers. It said the presence of the Red Army monument in the center of the capital was causing public order problems, and moved it instead to a military cemetery.
(Editing by Andrew Roche)
Nashi Activist Says He Led Estonia Cyberattacks
13 March 2009
The Moscow Times
A member of the pro-Kremlin youth group Nashi said Thursday that he was behind the cyberattacks that paralyzed Estonian government web sites in retaliation for Estonia's decision to move a Soviet war monument in 2007.
The activist, Konstantin Golo-sko-kov, told The Moscow Times that he led a group of several dozen "IT specialists" in attacking the web sites in late April 2007.
"This was an answer to the policy of soft apartheid that the Estonian government has conducted for years," Goloskokov said, referring to claims that Estonia discriminates against its Russian-speaking population.
Goloskokov said his group had acted on its own, not with Nashi. He also said the attack was not illegal because it did not involve hacking.
Several government web sites went down for hours as a result of so-called DDoS attacks -- multiple requests from thousands of computers across the globe triggered by a computer virus, Estonian authorities have said.
Goloskokov said he used "a -special program," not a computer virus.
Estonia has accused the Russian government of being behind the cyberattacks, a charge it has denied. The attacks followed riots by Russian speakers in Tallinn as authorities relocated the World War II monument from a central square.
Lessons From the Russia-Georgia Cyberwar
Georgian official and U.S. security experts look back at the Internet attack that preceded the military conflict.
March 12, 2009
By Kenneth Corbin
WASHINGTON -- With the benefit of hindsight, the Russian military campaign against Georgia last summer seems to offer conclusive proof that cyberwar has come into its own.
Speaking here at the FOSE convention, an annual trade show for government IT workers, Georgia's Secretary of National Security, flanked by a pair of U.S. security experts, recounted the experience of last July when the small nation in the Caucasus saw its digital infrastructure brought to its knees.
"It's distressful to think of the way in which the technology which is so helpful and beneficial for all of us to get all the nations together and then ... is used for the purposes [where] people suffer," said Eka Tkeshelashvili, who at the time of the Russian invasion was Georgia's foreign minister.
Aug. 7 marked the official date of the onset of the conflict, when Russia launched air and ground strikes in the disputed territory of South Ossetia, but the offensive began in earnest the previous month with a massive Internet attack on Georgia's government Web sites and commercial operations.
"Today, cyberspace has clearly emerged as a dimension to attack an enemy and break his will to resist," said Paul Joyal, managing director of public safety and homeland security for National Strategies Inc.
"We're seeing now this tectonic shift in military affairs, where [cyber] warfare will Change the laws of combat and the principles of military science," he said. "And what found is that it all came together in the Russian-Georgian war of August."
In July, a group of cyberwarriors, whose formal connection with the Russian government remains unclear, managed to enlist scores of mercenaries and volunteers to cripple Georgia's Internet infrastructure through an array of botnets, distributed denial-of-service attacks, logic bombs and other online offensives.
The attackers posted lists of targets online, including the official Web sites of the Georgian president, several government ministers and even the U.S. embassy. Legions of "hacktivists" answered the call and overwhelmed the sites, knocking dozens offline for days.
Georgia leaned on its allies, and managed to get the sites hosted in neighboring Turkey, but not before its communications system had been effectively shut down.
"Making strong alliances with the friends who can provide partners is absolutely key, especially for the small countries like Georgia," Tkeshelashvili said. For her, the events of July "demonstrate how vulnerable and unprepared we can be," and underscored the importance of maintaining a variety of communications channels.
One of the principal aims of cyberwarfare, which is seen increasingly as a prelude to overt military conflict, is to isolate and silence the enemy. Defacing government Web sites has proven an effective way to spread disinformation and propaganda. Last July, for instance, hackers infiltrated official Georgian government sites to make the president look like Hitler.
But it's more than just an information war. The attackers struck hard at Georgia's banking system, overwhelming financial sites with so many fraudulent transaction attempts that it became impossible to tell the good from the bad.
Sensing that the system was under siege, international banks shut down service. As a result of the spillover effect, several days passed without a single transaction being processed inside Georgia, Tkeshelashvili said.
Georgia can thank the broad phenomenon of globalization and the distinctly supranational nature of the Internet for much of the commercial impact, said Stephen Spoonamore, a partner with Global Strategic Partners who advises large financial institutions on cybersecurity issues.
"What crippled Georgia was the commercial linkages that got shut off," Spoonamore said. "Banking, credit card functionalities -- once they're gone most of the cell phones associated with them are gone, too."
In the case of Georgia, cell phone service went down the day after the banking system crashed.
Spoonamore likened the response of the global commercial enterprises to the Georgian crisis to a herd of gazelles fleeing after a lion pounces on one of their ranks. Eager to mitigate the threat of the cyberattack, major banks shut down online connection with Georgia, a small country of relatively minor financial significance. Georgia was isolated, intentionally "cut off from the digital herd," Spoonamore said.
Spoonamore traces the origins of the cyberattack on Georgia to the Russian Business Network (RBN), a shadowy group of sophisticated cybercriminals that formed around St. Petersburg and rose to prominence with massive spamming and phishing attacks around 2004.
While the cyberattacks do not carry the official fingerprints of the Russian government, Spoonamore pointed out that the original leaders of RBN were politically connected, and many had worked alongside Vladimir Putin.
After an expose by the Washington Post, RBN as a corporation went dark, but has since reinvented itself as a decentralized franchise model.
"RBN now has morphed itself into a structure very similar to al Qaeda," Joyal said. "Now we're seeing this diffusion of responsibility, activities, etc., in a very decentralized way where everyone can pile on and get involved in a so-called cause."
The presenters said that that facility likely enabled the reconstituted RBN to quickly and effectively marshal a widely distributed group of "cybermilitants" against Georgia. Spoonamore said that the server responsible for one of the crippling attacks was geolocated to Turkey, evidencing the international character of cyberattacks. In response to the growing international threat from the Internet, NATO is developing a cybersecurity response center in Estonia.
It will have to be a unique operation that defies any traditional military response. After all, a military strike against the server farm in Turkey where the machine responsible for the attack on Georgia would have also taken out the computing infrastructure that controls the majority of the air-traffic control systems in the Middle East, Spoonamore said.
Russia’s FSB 2008 report issued; 104 terrorist attacks foiled last year
A total of 104 terrorist attacks were prevented in Russia last year, the Federal Security Service (FSB) of the Russian Federation said in a report issued yesterday, news agencies are reporting from Moscow.
The planned attacks included those slated for last summer in the southern resort cities of Anapa and Sochi, which will host the2014 Winter Olympic Games, news agency RIA Novosti cited the FSB report.
Russian special-task forces also killed 243 militants, including 23 gang leaders, in south Russia where separatist and terrorist activities were frequent last year, said the report on the work of the National Anti-Terrorism Committee in 2008.
The report said that 576 more militants were detained, 640 arms caches and militant bases, containing 1,407 weapons, 2,401 kg of explosives and 454 pieces of self-made explosive devices, were found, accoridng to RIA Novosti.
In the FSB press release it is marked that courts of Bashkortostan and Tatarstan, the Chelyabinsk and Kurgan areas have sentenced 31 members of the international terrorist organization Hizb ut-Tahrir.
"In the republic of Mary El, Krasnoyarsk, Perm and Tyumen areas five representatives of the international terrorist organization, Islamic Movement of Uzbekistan, were detained and extradited to the Republic of Uzbekistan,” the press release says.
The anti-terrorism commissions and operative staffs in subjects of the Russian Federation have become the basic structural parts of the nation-wide system of counteraction to terrorism. They have carried out more than 300 anti-terrorism exercises.
Activity of 25 organizations is forbidden in the territory of the Russian Federation, 18 from which are recognized terrorist, and seven - extremist, is marked in the press release.
March 12, 2009
By Roland Oliphant
One Small Step for Europe Is One Giant Leap for Russia
The European Court of Human Rights yesterday delivered a landmark ruling in a case brought by a Russian against the FSB’s handling of an investigation. The court’s finding – that the investigative methods used jeopardized Anatoly Bykov’s right to a fair trial – will have implications for law enforcement agencies beyond Russia. But it is just one of many Russian cases that the Strasbourg court is inundated with.
The case has taken years to be resolved, and relates principally to events that took place in 2000, when the former Head of the Krasnoyarsk Aluminum plant, Anatoly Bykov, was arrested for the attempted murder of his rival Vilori Struganov.
On October 3, 2000, in the village of Oviny (a suburb of Krasnoyarsk), a businessman came to Bykov and told him that he had committed the murder, apparently as a show of loyalty, and presented him with a watch and documents belonging to the deceased as evidence.
It was a set up. Struganov was not dead - the murder had been faked (somewhat inexpertly - TV news reports from the alleged crime scene showed the body being removed head first and placed in an ambulance. Sharp-eyed viewers noted that by superstition bodies must be removed from a house feet first, and by law they must be placed in a coroner’s van – not an ambulance), and the “businessman” – an acquaintance of Bykov by the name of Alexander Vasilenko – was wearing a wire for the FSB.
It later transpired that Vasilenko had already submitted a written statement to the FSB claiming he had received an order from Bykov to kill Struganov. The FSB then provided Vasilenko with recording equipment, and sent him to Bykov in order to extract a confession of complicity. He did not exactly manage this – in the conversation that followed, Vasilenko told Bykov that he had carried out the “hit” of his own initiative, and Bykov (it seems) did not say anything to suggest he was expecting the news. But it was enough to earn Bykov a six-and-a-half-year suspended sentence for attempted murder (in 2002 the Russian Supreme Court, recognizing the difficulty of connecting Bykov explicitly to the crime, changed the conviction from “murder” to “preparation,” but did not change the sentence).
But it was the conviction’s dependence on the use of a wire that was its undoing in Strasbourg. The court found that by using Vasilenko to secretly record what was meant to be a private conversation, the FSB had violated Bykov’s right to remain silent and not incriminate himself. In other words, the court found that the FSB had conducted an “interrogation,” but Bykov could have exercised his right to silence if he had known about it. Further, because Vasilenko was sent into Bykov’s home, the FSB violated his right to private and family life (under Russian law the investigators should have obtained a court warrant).
Secretly recording information is a useful tool for law enforcement agencies, and the issues here go to the heart of human rights law. How far can, or should, human rights hinder the world of law enforcement bodies? That is why it was heard by the 17 judges of the European Court’s Grand Chamber, and took so long to resolve. The eventual finding - unanimous agreement that Russia had violated paragraph 3 of Article 5 (Right to liberty and security) and Article 8 (right to respect for private and family life) will affect the work of law enforcement bodies throughout Europe. “This means that no European country can have laws that violate these rights,” said Genrik Padva, the lawyer who represented Bykov in Strasbourg.
But more importantly, it may drive home respect for the convention in Russia. “We are hoping that there will be no such violation in the future,” said Padva. “Previously, it gave the investigating services have too much latitude, and this means that citizens’ rights are often violated. Bykov isn’t going to get anything from this. The real beneficiaries will be people who are being investigated in a similar way.”
This is the latest in a series of high profile findings against Russia at the European Court. In November, the court found Russian forces guilty of the murder and mutilation of two Chechen civilians. Last month the court found that a Russian Judge, Olga Kudeshina, had been unfairly dismissed after complaining about pressure from above to deliver certain verdicts. At the beginning of March, the court issued a resolution demanding that Russia take legislative measures to avoid delays in implementing court decisions. And the deluge of cases shows no sign of letting up: on Wednesday, organizers of the Moscow gay pride parade sent a case to the European court seeking €1.7 million in compensation for the banning of 165 marches in the past year.
But these are only the most prominent. Russia has the greatest number of cases at the European court. The range is hugely diverse. They include victims of war crimes in Chechnya seeking justice for extra-judicial killings and torture (many of these cases are brought through the Russian Justice Initiative, founded by Human Rights Watch workers); ethnic, religious and sexual minorities complaining of discrimination; opposition groups seeking to affirm their right to assembly; and those complaining about the authorities’ failure to follow their own regulations (and especially of long delays, or complete failure, in implementing legal decisions).
The fact that Russia is the biggest single source of cases at the European Court has drawn criticism from some in Russia. Russian Justice Minister Aleksandr Konovalov responded to the Kudeshina finding and another on the same day ordering Russia to pay compensation to the relatives of four people who went missing in Chechnya between 2002 and 2005, by questioning the court’s impartiality. "Unfortunately, decisions made in the recent months and even years, give grounds to doubt the full objectiveness and lack of bias in the European court," he told RIA Novosti.
But others, both inside and outside Russia, point out that all legal avenues must be exhausted in the applicant’s home country before a case can be taken to the European Court. “The best way to resolve the problem is for Russia to reform its own legal system, so these cases don’t have to go to Strasbourg,” said Theodorian Pangloss, a legal monitor for the Council of Europe at a press conference on Wednesday.
The Bykov case produced a land-marking ruling that will affect European law profoundly, and had to be scrutinized by Europe’s most senior judges before a ruling was reached. Such a case would probably go to the higher courts in any country. But the other cases involving Russia, many of which have become routine, could -- and probably should – be resolved at home.