Hackers on prowl for larger prey, possibly Lithuania’s EU Presidency?

  • 2013-05-29
  • By Linas Jegelevicius

TRIAL RUN: Experts say recent hacking attacks may be just a warm-up for a more serious and widespread information war.

How does one get revenge on a trendy Web site that ferreted out and made public a bit of foul play, namely, rigged voting from Lithuania, which gave the charming Russian crooner at the Eurovision 2013 song contest a few extra votes?


Hacking attack after revelation
This is what happened to Delfi.lt, the trendiest Lithuanian Web site, after it broke the vote-rigging scandal.
The site had already dealt with a hacker e-ambush a few years ago, when, having announced the news about two Russian bombers at the Latvian border, e-intruders in revenge hacked the portal and put atop the news desk a piece on… a bunny, the main hero of the popular Soviet-era cartoon ‘Na, Palauk’ (Just watch Out!), that has been busted for drug use.

This is not an April Fool’s Day prank. In fact, the whole thing is a lot more serious than that: it is a problem of malignant hackers, possibly from the East, and certainly grudge-filled.
Ahead of the scandalous story on the rigged Eurovision votes, Delfi editors had received an e-mail in Russian promising “radical actions” if the story reached daylight.

“The journalistic material harms both Russia’s and our Motherland’s Eurovision representative Dina Garipova’s reputation. We urgently advise removing the content from the Web site within an hour. Otherwise radical actions will be applied against your Web site,” the e-mail read.

Editors did not budge…
When the Delfi editors didn’t budge, the digital menace transformed into digital action. After the hour passed, the portal was shut down, and the attempts persisted even after it was recovered.
“This is an obvious DDoS [Distributes Denial of Service] hacking attack. There have been connections from different countries, like Turkey, Russia, Japan and Brazil. All those computers were linked to the so-called botnet, also known as a zombie army [it is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions, including spam or viruses, to other computers on the Internet]. Now the attack has been fended off,” Kristijonas Siaulys, Delfi’s IT department head, said in a statement.

IT nerds say that DDoS attacks target computers of ordinary users who do not bother installing anti-virus programs. When the malignant code hits, it penetrates the computers, incapacitating them.
“Simply speaking, the gadgets are turned into electronic zombies. Frankly, it is not very difficult to hack a Web site in Lithuania. Unfortunately, unlike in Western Europe, the Baltic States, perhaps with the slight exclusion of Estonia, have done little in beefing up their e-security,” Gediminas Gricius, an IT expert and deputy director of IT Uostas, an IT company, said to The Baltic Times.

More hacking attacks from law adoption
The hackers’ malevolence, experts suspect, may signal a whole lot deeper viciousness - a dress rehearsal for a serious IT attack against a yet unknown target, part of the looming information war, perhaps in relation to the upcoming Lithuanian EU presidency.
The experts say that the hacking attack against Delfi reminds us of the one against Estonia back in 2007, but on a smaller scale.

“Taking into account what brought about the hackers’ adverse reaction - a mere piece of news about purchasing Eurovision song contest votes - all this so far seems to be like a warming-up against a possible serious attack… For example, if our government made public more serious material about relations with one or another foreign state… It is likely that a bigger hacking attack would follow…,” said one IT specialist.
Another IT expert noted that hacking became an increasingly larger problem for Lithuania in 2008, after it adopted a law criminalizing the use of the Soviet symbols. “In 2008, I remember, over 300 different Web pages were hacked. Part of the hostile attacks was futile. As far as I remember, most state company sites withstood them, but a number of private company servers appeared to be vulnerable,” the IT expert noted.

From lonely wolves to intelligence agents
Gintautas Mazeikis, professor at Kaunas’ Vytautas Magnus University, who is keen on hacking activities and those behind them, says that hackers cannot be put on the same plate, as they can be both single wolves and well-equipped foreign intelligence-serving special agents.

“We all tend to say that cyber-attacks are carried out by hackers. But often they are being performed by some foreign intelligence agents… It is a public secret that some political parties and public figures hire and pay hackers for carrying out attacks against someone they disapprove… Besides, there is such a thing as the well-known anonymous community organizing hackers. However, I don’t believe that the group would be interested in Lithuania and its institutions and Web sites,” Mazeikis told Delfi.

Though most often hacking trails, he says, lead to politics, it cannot be ruled out that hackers, from time-to-time, coalesce for a “little frolicking” on the Web and try out their DDoS cannons.
“Sometimes they meet each other in the realms of computer games, where they square off, sometimes in teams. After they get to know each other, the computer-games-teams-turned-malicious-hacker-rings sometimes submerge in an ideological environment… If they fight for an open society, they will likely bust monopolies, corporations, control and more. But in these kind of cases, media is rarely a target as it serves the cause of democracy and openness,” related Mazeikis.

Lithuanian EU presidency’s serious issue
Nerijus Maliukevicius, a lecturer of the Institute of International Relations and Political Sciences at Vilnius University, says that, for example, in Russia, the Kremlin oppositionists whose ideas are unacceptable for the Kremlin rulers end up being targets of cyber-attacks.

Several high-ranking Lithuanian officials have condemned the attack against the popular Web site, saying it underlines the importance of the issue of cyber security.
Lithuanian Foreign Affairs Vice-minister Vytautas Leskevicius noted that Lithuania will heed it during the EU presidency and hinted that, in the fight against hackers, it is necessary to mull over “other formats of fight,” like the one in Estonia, operating a NATO Cyber Security Center.

“The Delfi incident forces us to draw up very detailed plans of measures and prepare specialists as well as response teams in warding off a possible hacking attack in the future… The digital schedule is one of the most important priorities of the Lithuanian EU stint,” the vice-minister emphasized.

No money to beef up IT security
Meanwhile, Arturas Paulauskas, chairman of the Lithuanian Parliament’s National Security and Defense Committee, fears that, during the EU Council presidency, cyber-attacks may not be thwarted for a single reason: a lack of funds guaranteeing e-security around-the-clock.

“There can be various attempts of hitting our digital networks. I want to remind everyone that hackers broke into the official EU presidency Web site on the very first day of Spain’s EU presidency. The functioning e-security body in Lithuania, CERT-LT, is not capable of providing permanent security for all digital systems because it does not possess enough human resources to operate for 24 hours. Several additional personnel should be established to fix the plight…” the Lithuanian MP said.

An expensive attack
Pranas Slusnys, the head of Hostex, a hosting company providing hosting services for Delfi, says that the prolonged hacking attack against Delfi has been a “record” in terms of time and money.
“Sure, we expect it will dwindle away sooner or later. However, over a week since the first hit, it is still ongoing. Despite all the up-to-date facilities we are using, it was so large that it has clogged all our communication channels… Among other things, we have to re-configurate all the technical gadgetry to have it alert and capable of fighting the attacks,” Slusnys said.

He could not, however, confirm the abundant speculation that the malicious attacks are coming from Russia. “What we see is that they are coming from various countries. Most of the virus-infected computers we detected are in Western Europe, France, Germany, the UK and some other Western countries. Last week, we saw some attempts of intrusion from local servers. But the number of the virus-congested computers in Lithuania was too small to hack the site. We were able to ward off the domestic attacks very quickly,” the Hostex director said. He regretted that although many state officials have expressed their concern over the incident, the hosting company has not been offered any assistance.

“It would make sense for the state institutions in charge of management and regulation of IT networks to obtain installations capable of preventing these kinds of attacks, or holding them up. This kind of facility costs approximately $200,000. From the standpoint of the state, it is not a big investment, but it would be very helpful in fighting off cyber-attacks like this one,” the IT specialist said.