Network News

X My Profile
View More Activity

Lithuania Weathers Cyber Attack, Braces for Round 2

Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups.

A New York Times story reports that Lithuanian officials did not directly accuse Russian hackers of initiating the attacks, but said they had come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, Va., attributed the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II.

According to Lithuanian media reports, the attacks shut down the Web sites of the national ethics body, the securities and exchange commission, the Lithuanian Social Democratic Party, among others. iDefense said hacker groups used Internet forums and blasted spam e-mails to spotlight a manifesto called "Hackers United Against External Threats to Russia," which called for an expansion of the targets to include Ukraine, the rest of the Baltic states, and "flagrant" Western nations for supporting the expansion of NATO.

iDefense analyst Kimberly Zenz said for a while, it was unclear whether the attacks would die off or escalate into an assault akin to the cyber blitz unleashed last year against Estonia. In April 2007, the ultra-wired country suffered major disruptions in much of its information infrastructure, thanks largely to Russian hackers who were upset over the removal of a Soviet World War II memorial from the center of Tallinn, the capital of Estonia.

One hacker Web site, hack-wars.ru, appeared to take a central role in organizing the attacks, Zenz said.

"They said they wanted to offer training and coordination so that whenever they want to attack someone online they have a force of soldiers ready to go," she said. "They want to unite Russian hackers into an organized political hack force."

But by Monday afternoon, most of the tagged Lithuanian Web sites were back to displaying their normal content, and no escalation of the attack had materialized.

The offensive coincided with a visit to the United States by Lithuanian Prime Minister Gediminas Kirkilas, who met with Secretary of State Condoleezza Rice yesterday. When asked about the significance of the attacks at an event at the Center for Strategic and International Studies in Washington, D.C., yesterday, Kikilas called the situation "very serious," and said he planned to raise the matter in his discussions this week with U.S. officials.

"I believe all NATO countries have to consider this issue of cyberspace security as part of our security," Kirkilas said.

Kirkilas added that his country is cooperating with officials in Estonia, which will serve as the home for a new cyber defense center that seven NATO allies established in May as a means to boost the alliance's defenses against cyber attacks.

There is an elaborate back story to why the Lithuanian anti-Soviet memorabilia law angered Russian hackers. An iDefense white paper explains: "While many ethnic Lithuanians view Soviet emblems as a painful reminder of Soviet occupation, many Russians viewed the ban as a deliberate insult to veterans who fought the Nazis, and to the large number of ethnic Russians who live in the Baltics, many of whom remain stateless more than 15 years after independence."

Russian government officials denied involvement in last year's attacks against Estonia, Definitively tying the assaults back to Moscow would have been a tall order, as most of the digital foot soldiers used in last year's cyber offensive were "bots," hacked home PCs that are remote-controlled by attackers.

Unlike the Chinese -- who have stated their strategy to dominate the electronic battlefield quite clearly and loudly -- the Russian government has been comparatively silent on its cyber offensive goals in the 21st Century.

Perhaps the closest thing to a cyber doctrine I've seen put forth by Russian officials comes from fringe leaders in the Russian government. On the Web site of one Russian ultranationalist hacker group known as the Slavic Union, a source of mine recently located a snapshot of a letter of praise written by Nikolai Kuryanovich, a member of the Russian Duma. The missive is dated March 2006, and addresses the Slavic Union after the group had just completed a series of successful attacks against Israeli Web sites.

The translated version of Kuryanovich's letter follows:

"The 21st century is the century of information. And during this period in the life of mankind the Internet becomes even more unavoidable, necessary and important. At the same time it becomes more dangerous. The Internet has its own laws, its own rules and to a degree within it run another life outside of reality.

"In the very near future many conflicts will not take place on the open field of battle, but rather in spaces on the Internet, fought with the aid of information soldiers, that is hackers. This means that a small force of hackers is stronger than the multi-thousand force of the current armed forces."

"...As Deputy of the State Duma and member of the Security Committee, I want to present you with the thanks and appreciation of the Information department of the NSD "Slavic Union" for your vigilance and your recent suppression of Russophobe and others on the Internet, Russophobes that fan the flames of inter-religious discord and provide related materials. I hope that from now on your work will not become any less productive or ideologically adjusted."

By Brian Krebs  |  July 3, 2008; 12:10 PM ET
 
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Apple iPhone Four Months Behind OS X in Patches
Next: Microsoft: Hackers Exploiting Unpatched Office Flaw

Comments

"...ethnic Russians who live in the Baltics, many of whom remain stateless more than 15 years after independence."

Stateless is wrong, agreed. But it sure is preferable to death by execution, starvation or exile to east of the Urals such as was practiced by the Former Soviet Union.

Let's all remember that these "Ethnic Russians" were lured to the country with high paying jobs, perks, etc. in the hopes that eventually there would be no more "Ethnic Lithuanians".

If they have a complaint let them take it to the Communist Party of Russia.

Good luck with that.

Posted by: Matthew Carrick | July 3, 2008 2:09 PM | Report abuse

I'll just add to what Matthew Carrick said and will correct him a little:
there are no stateless people in Lithuania- every resident regardless the nationality was given Lithuanian citizenship back in 1991. There are stateless people in Latvia and Estonia, but all they have to do is pass simple exam of Latvian/Estonian language, and they would get the passport. The problem is that those people refuse to speak the language of the state they live in, and prefer to remain stateless.

Posted by: neblogai | July 3, 2008 5:29 PM | Report abuse

While many ethnic Lithuanians view Soviet emblems with mixed nostalgia, others view the ban as insulting.

It is ironic that worse hacking attacks conducted against America by the RNC and Osama bin Laden receive no response from NATO.

Posted by: Singing Senator | July 3, 2008 5:45 PM | Report abuse

Lithuanians viewing ban as insulting? :) Sorry, not right. Country experienced both Soviet and Nazi regimes, and absolute majority nowadays sees no difference between them- and this recent law forbids using symbols of any of them in mass meetings.
Speaking about the sites hacked- it seems that security of one hosting company was broken, which allowed to edit all these websites. It is still unclear how professional the attack was. Some guess that security system of the hosting company was not that good.

Posted by: neblogai | July 3, 2008 6:36 PM | Report abuse

in the long run I guess it is good that this attack came. It proves that the Estonian attack was not a singular "incident" and emphasizes the need for unity within NATO. Plus, shows the growth of Russian extramists' support. Let them shoot themselves in the foot, they'll just lose the state of Russia more and more credibility on the international level.

Posted by: Estonian | July 4, 2008 3:55 AM | Report abuse

@neblogal

To pass a "simple" exam of the Estonian language for a Russian who is over age 40 was probably extremely difficult. The Finno-urgric language group has the notoriety of being one of the most difficult to learn. Many Russians were sent to Estonia to work without much say in the matter. The correct approach would be Lithuania's; citizenship for all 1992 residents. The Estonian language would still have been mandatory in schools and would regain its primacy.

Posted by: Brad | July 5, 2008 3:31 PM | Report abuse

Agreed.

Posted by: Gaiphre | July 5, 2008 3:50 PM | Report abuse

The difference b/w Estonian/Latvian and Lithuanian cases is the % of ethnic Russian population in each of the countries. In Lithuania it is below 5%, in Estonia and Latvia b/w 30%-40%. If you have just gained independence and you are trying to establish yourself as a new country, giving the same voting rights automatically to 40% of the population who just a year ago ruled everything on party level, but now are on the verge of losing their privileged position in the society just does not work that well, does it? Everyone in Estonia and Latvia have the same human rights, have EU citizenship, and local voting rights. Every newborn regardless their parents background is Estonian by birth and everyone has the chance to become a naturalized citizen by passing the exams. If you have lived in the country for 40 years and still don't have the basic grasp of the local language, it says something about your political affiliations, right? The only thing that they don't have is the right to vote on national levels.

Russia regularly uses the '5th colon' (used to call the ex-Russian military personnel and party members - somewhere around 5% of the total population) as an effective political tool in local elections in order to sway the politics in the country in their favor (look at Ukraine for example). Can Estonia or Latvia afford to grant all of them an automatic citizenship in the light of Russia's actions? I would say not. But feel free to argue. At least nobody has been barred from becoming a citizen should he or she feel like it.

Posted by: Interested Bystander | July 5, 2008 4:26 PM | Report abuse

Also - just as an FYI, before WWII the % of Russians in Estonia for example stood below 10%. Russification was a very methodological process to deal with local nationalities. read more about all that in Wikipedia for example: http://en.wikipedia.org/wiki/Russification.

Posted by: Interested Bystander | July 5, 2008 4:31 PM | Report abuse

I am a native born lithuanian, and my view on this is that i simply dont care. if people want to use whatever symbols, let them, just dont pay attention to them if you don't like it. On the flip side, the russians should also just be concerned on what is going on in russia and not our country. if a different country wants to ban use of a symbols from Communist era, let them, it is their right as a free and independant country.

Posted by: lietuvis | July 5, 2008 5:35 PM | Report abuse

And sadly, they are the BEST EU arline there is! Pretty fascinating.

JT
http://www.ULtimate-Anonymity.com

Posted by: JIm Beam | July 5, 2008 11:54 PM | Report abuse

i like those statistics witch says that 40% of Latvian people is Russians... well its not quite correct... I would say that the most of Latvia population is Russians... sometimes while living in capital of Latvia and working in center of the city i may not hear Latvian language for week... just everyone speaks in Russian... if you live in Latvia you have to learn 3 languages English (to communicate with foreigners), Russian (to communicate in common everyday situations)and Latvian (optional as official language and most of tv shows are in Latvian if you don't watch Russian channels)...

P.S.:and those symbols is pretty obsessing by the way

Posted by: Latvian | July 7, 2008 3:43 AM | Report abuse

Heb 12

Posted by: john | July 7, 2008 6:49 PM | Report abuse

ywWP7Y jgiohsdfoi gdfiojgfiod gfiodgjiodfg jfidogjoifd

Posted by: florist | July 8, 2008 4:38 PM | Report abuse

Well said, Matthew Carrick, neblogai, and others!


Posted by: observer 31 | July 9, 2008 10:09 AM | Report abuse

ultimately,I think the concept of nationalism is the problem.

Posted by: hans | July 9, 2008 2:13 PM | Report abuse

Hello, Mr. Krebs. I've originally placed this on Mr. Vamosi's site at CNET. I'm wondering about your view on this.

Take care and thanks for your work on your blog.
---

Hello: I'm starting to believe that the cyber attacks in Estonia and Lithuania are ultimately more about the provocative stance the US has taken with its foreign policy than about the removal of a war memorial or the outlawing of Soviet symbols.

For instance, we're pushing for NATO in the former Soviet sphere thru actions like building a missile shield system in Poland and the Czech Republic to counter potential missiles from Iran. The missile shield system is seen as a first strike weapon against Iran and Russia has been very vocal about their opposition to it, as they see it as a threat to themselves as well.

Then extend this to how we are trying to prevent Iran from getting nukes, mainly to influence the role of oil there.

We've been very aggressive against Iran, even though it appears to be complying with just about everything we could ask and other nations like those in Europe have been saying that Iran has been compliant.

But we haven't been as aggressive with North Korea. People have been commenting for a while that the main reason we've left this facet of the Axis of Evil largely alone is because it has nukes and the missiles to carry them. They further comment that this has been prompting others to at least consider the idea of having a nuclear deterrent and there is recent news that Iran has been testing new long range missiles. The reports also note that Iran is a long way from having a working nuclear weapons program and their missile system is in a similar state.

Iran appears to be working for non-proliferation because the best way to make oneself the target of nuclear weaponry is to have them, apparently. So that might explain the cooperation with the IAEA (International Atomic Energy Agency). But it looks like they are hedging their bets, partly because of what's happening in Iraq and partly because of what they see in N. Korea.

Ultimately, the oil is a huge thing, its potential future scarcity and the power plays that can result.

The biggest thing that bugs me, though, is the echoes this seems to have with the Cuban missile crisis. I tend to consider the old Cuban missile crisis a win for the Russians, even though it's usually considered a win by the US by most Americans. The Russians did take down their missiles, but after we agreed to remove our missiles from Turkey, which is right next door to them.

And our placement of those missiles in Turkey first is what apparently what provoked the Russians into placing those missiles soon after in Cuba and started that whole mess in the first place.

I'm saying we need to review our foreign policy overall, make it far less provocative and even ditch the idea of placing a shield there if all it does is:

1. Provoke yet another war
2. Has potentially created a major, new semi-Cold, semi-Hot one on the Internet
3. And, from what I understand, the majority of the people of the nations hosting these missiles have said out loud they don't want them.

I'm aware that this is outside the scope of the column in some ways, but maybe not. I tend to believe that security, including computer security, is largely an illusion and that it can only be achieved thru good ties and relations between people. I believe that you can have the most secure, hard core system in the world, but it won't matter because somehow, someone will find a way in. The only way to get around that is for people to see that it's in their own best interest to have a safe internet to play or work or study in.

They wouldn't be as inclined to cause damage and might even contribute to it being "safe."

It's similar to my views on relations with other nations. Yes, it appears Iran is hedging its bets, but then we also created huge turmoil by surreptitiously overthrowing their newly elected, democratic government in the 50s, and we've had plenty of reactions with them since.

Is it possible to review this possibility, especially in light of recent provocative statements by both US and Russian military leaders? But also to review the idea that socials ties, good relations and actions between people could enhance cyber security as well. Simply because if one creates havoc, it can come back one way or another, but the flip side that if you do something constructive, that can also come back, and build on itself as well.

A "do-onto-others" way.

Posted by: Cyber Cold War?? | July 24, 2008 5:12 PM | Report abuse

I think Brian Krebs should be more careful here. While there are signs of a good journalist investigation some fact have been misrepresented. In particular the statement that Nikolai Kuryanovich is a current member of Russian State Duma. It's not true Mr. Kuryanovich has been excluded from both insignificant political party called LDPR (known for its extremists statements) and also from Russian State Duma in 2006! Kuryanovich is a shiny example of Nazi-like movements for the pure Slavic nation and he has no influence of any significant political power.

I think it's quite clear that the best attacks are those haven't been spotted (like most of US attacks I guess). Let's face it countries like china, russia, india and so on probably have some capabilities and infrastructure to cause some "mass disruption" but it will be noticed straight away and legal actions, sanctions and stuff like that will be taken for sure there's nothing to fear. Proper legislation and policies are on its way (thanks to estonia) and the real issue here is to spread the message and make people aware of the threats that their gadgets posses instead of bringing down illegal music downloading (cannot believe UK ISPs have agreed with this piece of ... legislation).

Posted by: atkin | July 24, 2008 11:53 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company