An ongoing computer attack has knocked Burma off the internet, just days ahead of its first election in 20 years.
The attack started in late October but has grown in the last few days to overwhelm the nation's link to the net, said security firm Arbor Networks.
Reports from Burma say the disruption is ongoing.
The attack, which is believed to have started on 25 October, comes ahead of closely-watched national elections on 7 November.
International observers and foreign journalists are not being allowed into the country to cover the polls - which many Western leaders have said will not be free or fair.
It will raise suspicions that Burma's military authorities could be trying to restrict the flow of information over the election period.
Cyber attack
The Distributed Denial of Service (DDoS) attack, as it is known, works by flooding a target with too much data for it to handle.
The "distributed" element of it means that it involves PCs spread all over the world. These networks of enslaved computers - known as "botnets" - are typically hijacked home computers that have been compromised by a virus.
They are typically rented out by cyber criminals for various means, including web attacks. They can be called into action and controlled from across the internet.
Burma links to the wider net via cables and satellites that, at most, can support data transfers of 45 megabits of data per second.
At its height, the attack was pummelling Burma's connections to the wider net with about 10-15 gigabits of data every second.
Writing about the attack, Dr Craig Labovitz from Arbor Networks said the gigabits of traffic was "several hundred times more than enough" to swamp these links.
The result, said Dr Labovitz, had disrupted network traffic in and out of the nation.
He said the attack was sophisticated in that it rolled together several different types of DDoS attacks and traffic was coming from many different sources.
At time of writing attempts to contact IP addresses in the block owned by Burma and its telecoms firms timed out, suggesting the attack is still underway.
"Our technicians have been trying to prevent cyber attacks from other countries," a spokesperson from Yatanarpon Teleport told AFP.
"We still do not know whether access will be good on the election day."
Mr Labovitz said that he did not know the motivation for the attack but said that analysis of similar events in the past had found motives that ran the gamut "from politically motivated DDoS, government censorship, extortion and stock manipulation."
He also noted that the current wave of traffic was "significantly larger" than high profile attacks against Georgia and Estonia in 2007.
Thursday, November 4, 2010
Subscribe to:
Post Comments (Atom)
Posts
When thinking about how the DDoS attack on Burma's internet infrastructure could have been avoided, it is hard to say that it was even possible to prevent. Given the nature of the Burmese government, it seems like this attack was politically motivated and carried out by the military government in power. Such an authority would want power over the flow of information into and out of the country, and the internet only makes that flow faster and most convenient. With such an unstable political structure, who would implement secure network controls? And once there is a change of power, will these protocols remain in place? Also, from a financial perspective, can a country like Burma afford to invest in more robust connections? The first solution that comes to mind is some sort of international regulating body, but to some countries, this would of course overstep matters of sovereignty, so they would be unwilling to join this sort of pact.
ReplyDeleteTo connect this post to another topic we have discussed before, this is an example of what could happen as a result of cyberwar. Burma might be an exception since most industrialized countries would be concerned about other nations launching cyber attacks against them, and Burma's attack seems to be coming from its own military government. However, countries can still use this as a wake-up call to the reality of cyberwar.
For many countries maintaining adequate security can be an almost impossible task. This mostly stems from a lack of money or a lack of consideration. It can be complicated when a particular power is actively assaulting the infrastructure of the system in an attempt to cause harm or failure. In the case of Burma, the level of sophistication and the persistence of the DDoS attack indicates that there is a more powerful organization at work behind the scenes. The attack also highlights the level of devastation the can be inflicted upon a country by a dedicated attacker who creates a situation that the infrastructure of a system is not capable of dealing with. In addition to this, I believe that the only reason someone would preform such a prolonged attack is because they have something to gain. So logic would follow that it would be the opponents with the most to gain from restricting the flow of information which is the military authority. In this situation it would be almost impossible for anyone outside of direct control to do anything about the attacks.
ReplyDeleteThis is one of the goals of hackers; denial of information. Unfortunately, the hackers have large amounts of resources through which they can deny others access to the information they seek. Combine this with the timing of an election and a disastrous situation is almost inevitable. Its terrifying to think that anyone is capable of flooding a system like this but in the modern era its hardly surprising. It also causes concerns as to how anyone would go about preventing or overcoming such an attack. I fear that Burma is but one group in a large list that might experience attacks like this in the future.