Hackers from Russia may have attacked Google, Twitter and Facebook in an attempt to silence a pro-Georgian blogger, it has emerged.
A year after troops from the two countries became locked in a five-day war, the co-ordinated cyber assaults shut down Twitter for a couple of hours and disrupted access for Facebook users.
LiveJournal, a blogging site, was also hit while Google managed to fend off “denial-of-service” attacks. The hacking technique uses thousands of compromised computers to contact a single site at the same time, preventing legitimate traffic from getting through.
A Georgian blogger by the name of Cyxymu has accounts on all the websites and was the target, according to a senior security executive at Facebook.
“It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard,” Max Kelly told CNET News.
“We’re actively investigating the source of the attacks and we hope to be able to find out the individuals involved in the back end and to take action against them if we can.”
The micro-blogging site Twitter, used by several million people, was overwhelmed by the attack. Facebook, which has more than 250 million users worldwide, and Google — because of a YouTube account associated with Cyxymu — were targeted but were not badly affected.
Google said: “Google systems prevented substantive impact to our services. We are aware that a handful of non-Google sites were impacted by a DOS attack, and are in contact with some affected companies to help investigate this attack.”
It emerged that hackers also used a botnet to send a flurry of spam e-mail messages that contained links to pages on Twitter, Facebook and other sites written by Cyxymu.
According to Bill Woodcock, research director of the San Francisco-based Packet Clearing House, a charity that tracks internet traffic, when people clicked on the links in the spam e-mails, they were taken to the activist’s legitimate web pages, but the process of loading the pages at such volumes overwhelmed some servers and disrupted service.
It was not clear how the spam e-mails were related to the denial of service attacks but a spokesman for Facebook said they could not have brought sites down on their own.
Georgia and Russia today mark a year since the outbreak of their war amid enduring tensions in the volatile Caucasus region. Russia recognised as independent the breakaway regions of South Ossetia and Abkhazia after the conflict. Russia insists it moved into Georgia to defend South Ossetia from a Georgian attack aimed at retaking the rebel territory while Georgia claims it faced a “large-scale Russian invasion”.
Twitter’s co-founder Biz Stone said: “Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. We are defending against this attack.”
Graham Cluley, from the internet security specialist Sophos, said on his blog: “A denial-of-service attack occurs when computers bombard a website with requests for information.
“Typically hackers can control thousands of innocent users’ computers centrally and command them to visit a site that they wish to flood with traffic, making it impossible for other internet users to get through.
“It’s a bit like 15 fat men trying to get through a revolving door at the same time — nothing can move. In the meantime, micro-bloggers around the world are likely to be left twiddling their thumbs.”
He said that Twitter needed to build a stronger infrastructure to be able to fight such attacks, which are relatively commonplace on the web.
The site has seen a huge rise in popularity in recent months. The number of worldwide unique visitors to the Twitter website reached 44.5 million in June, up 15-fold year-on-year, according to comScore data.
Facebook members saw delays logging in and posting to their online profiles. A spokeswoman in the US for the site said: “We’re continuing to monitor the situation to ensure that users have the fast and reliable experience they’ve come to expect from Facebook.”
Denial-of-service attacks are typically carried out by armies of infected computers formed by spreading a computer virus. They are typically used to send out spam or steal passwords, though some can be commanded to overwhelm web sites. Cyber attacks were used by both sides in the Russian-Georgian conflict.