Cyber terrorists attack state and corporate Web sites

  • 2008-07-02
  • By Adam Mullett

GHOST IN THE MACHINE: A new method of warfare.

VILNIUS - Hackers from an unknown location have infiltrated over 300 Lithuanian Web sites in the past week, leaving Soviet symbols and spiteful messages in Russian. The hacked sites belong to both government and private groups, including the car dealer Tokvila, the retailer Rimi and Lithuania's securities and ethics commissions.

As Prime Minister Gediminas Kirkilas spoke on Saturday about security measures against cyber-raids, his own party Web site was altered. "Our institutions are prepared for this type of thing at all times; there is a sort of a security system at work. So far I have not received any messages about it [raids into institutions' servers]," he said.

Hackers left the following swearword-censored message in Russian alongside the Soviet Union flag on the official Social Democrat Web site. "You scoundrels are all crazy, do you consider yourselves to be the most noble of nations? Noble people do everything they can for their country, rather than destroy it like you. . . . Your fate is clear 's spite and failure. But you will go and breed even more degenerates and problematic scoundrels," it said.

Presently it is unknown where the attacks are coming from, but investigations are underway. Experts expect to find the identity of the hackers within a few days. "We are working, investigating; however, stating or even guessing who the culprits are and what country they are from is too premature at this point," said Sigitas Jurkevivcius, chief expert of the Communi-cations Regulatory Authority's Information Security Department. "They used anonymous IP [Internet Protocol] addresses, so we can't find them at the moment," he added.

Some officials think that there are going to be more attacks in the near future. Talk of the attacks on Baltic and Ukrainian Web sites appeared on Russian Internet forums recently. "The investigation is under way, we are cooperating with the police. We think that the attacks were made from abroad. The attacks seem to be rather organized, and the Web site administrators of public institutions should remain on alert," Rytis Rainys, Head of Networks and Information Security Department with the Communica-tions Regulatory Authority, told the news portal lrt.lt.

Although he wasn't able to tell The Baltic Times which countries they are investigating, Jurkevicius agrees with Rainys that the hackers probably come from outside Lithuania. Hostex, a hosting company have cited old technology as a potential entry point for the hackers. "All of the Web sites affected were on an old technology server due to be replaced," Mindaugas Voldemaras  spokesperson for Hostex said.
The attacks follow the Seimas decision to ban all Soviet and Nazi symbols, paintings and insignia in Lithuania. Russian politicians have slammed the decision.

The Ministry of Defense says the hacking may constitute an attack on the national security of Lithuania. Until they can determine the identities and motives of the perpetrators, they will continue to look. "We can say that the attacks are underway. An investigation has been launched; the Communications Regulatory Authority is busy and will seemingly determine where the culprits are from," Juozas Olekas ministry spokesman said. The authority is also investigating how many people were involved in the attacks and the location from which they were launched.

The motives of the attack are not immediately obvious to Lithuanian officials. Olekas has called for calm regarding actual government Web sites, saying they have better security than those already hacked. "Services of the defense ministry have taken on certain measures to protect their systems. Other departments are probably also analogously prepared. More simple systems, [such] as party Web sites, are more vulnerable. Maybe those people are exploiting this in pursuit of demonstrating that they are aware of it and baffling us," Olekas said.

The attacks in Lithuania took place on Sunday, June 29, at 6 p.m. The largest of all attacks happened on the Hostex.lt web-hosting server, according to Jurkevicius.
Similar attacks in Estonia highlighted the issue and showed how vulnerable the Baltic States can be to outsiders. "We are trying to protect our cyberspace ourselves and we have learned much from such attacks in other states, with the last ones having been against Estonia. We are co-founders of a NATO cyber-defense center in Tallinn. We try to share our experience and measures of making such attacks less effective," Olekas said.

Seven NATO member states 's Germany, Slovakia, Latvia, Lithuania, Italy, Estonia and Spain 's decided in May to create a center for cyber-defense in Tallinn, prompted by the attacks on Estonia's government computers. As the founding agreement was signed, a NATO spokesperson said that cyber-attacks against Estonia proved how such attacks can paralyze public life and threaten national security.
Voldemaras moved to soothe concerns of clients, pointing out that no databases were damaged and although hundreds of Web sites were affected, few were vandalized. "Only the front pages of these websites were affected 's no databases or emails were defaced," he said.

The problem was identified by Hostex staff and fixed at 1 p.m. on Monday, June 30. Voldemaras said that by Monday night, all Web sites would be completely functional again.