As Facebook, Twitter and other popular Internet services investigated the cause of this week's massive computer attacks, attention turned to a blogger whose writings blasting Russian officials may have been the target.
There were also signs the attacks continued Friday after knocking Twitter offline for about two hours and disrupting Facebook's service Thursday. Twitter Inc. co-founder Biz Stone wrote in a blog post Friday that attacks against Twitter were "ongoing" and "appear to have been geopolitical in motivation."
Facebook Inc. said it rooted out the cause of the attack after noticing that the compromised computers which began flooding its site Thursday morning were directing traffic to the page of a single blogger, who uses the account name "Cyxymu," which represents the name for the city of Sukhumi in the former Soviet republic of Georgia.
The blogger has been a prolific critic of Russian officials through accounts on Facebook, Twitter, LiveJournal and YouTube, Google Inc.'s video-sharing service. On Twitter -- where he calls himself George and describes his location as "Georgia, Tbilisi" -- he has written "Russia is aggressor." On YouTube, he has posted video clips of Russian politicians with mocking comments.
On Thursday, the writer updated his now-inaccessible LiveJournal blog with a message calling the computer attack "a special attack against me and Georgians," according to a translation. After responding to an initial email inquiry, he didn't answer further questions.
The attack coincides with the one-year anniversary of Russia's brief war with Georgia over the region South Ossetia. Since then, security experts say both sides have launched cyber attacks against each other, including denial-of-service attacks.
Denial-of-service attacks are designed to overwhelm Web sites with traffic, often by using hundreds or thousands of PCs that have been infected with virus software that causes them to take actions without their owners' knowledge.
But this week's attack didn't fit the mold of the previous incidents, said Don Jackson, director of threat intelligence for the counter-threat unit of SecureWorks Inc., which provides information security services to organizations.
"I can't even find evidence that Russians were behind it," he said, noting that none of the tools, techniques and major computer systems that known Russian hackers have used before appear to be involved.
A Facebook spokesman said the attackers tried to scramble where the hits appeared to be terminating in order to confuse Facebook's systems. "We were able to figure out pretty quickly that it was all going to one place," he said.
The Facebook spokesman said the company is talking to authorities to find the perpetrators and hold them accountable, but declined to comment on which authorities.
A LiveJournal Inc. spokesman declined to comment on the cause, saying its investigation was still under way. A spokesman for Google also declined to comment on the likely cause of the attack.
In recent days, the "Cyxymu" blogger has been the target of a spam attack that sent out emails with links to his LiveJournal blog in an apparent attempt crush the blog with traffic. Late last year, he said in a Twitter post that his blog was hit by a denial-of-service attack and that he was moving its location.
No comments:
Post a Comment