Home > South-East Asia >> Burma |
Attacks on junta-related sites slowing Burma's internet
Irrawaddy - December 24, 2010
Khet Htan – Hackers are continuing their efforts to disable websites belonging to businessmen close to Burma's military regime, including the state-sponsored Yatanarpon web portal, but have so far provoked no response from the country's junta, according to sources.
Yatanarpon Teleport, a partly government-owned company that has been creating Burma's first national web portal, was reportedly attacked by Distributed Denial of Service (DDoS) attacks in late October, making the site almost inaccessible a few days before the country's election on Nov. 7.
Earlier this month, exiled Burmese hackers calling themselves the Blink Hacker Group (BHG) claimed on their blog that they were involved in the attacks. However, experts said it was unlikely that BHG was acting alone.
"It is impossible that BHG was the only group that attacked Yatanarpon Teleport, because the country's Internet connections were pummeled with 14 Gbps of data every second. BHG might have been one of the attackers, but it wasn't the only one," said a Burmese IT technician familiar with Internet security issues.
He added that he has learned that computer technicians inside Burma have joined forces with exiled hacker groups and may be planning to target the Yatanarpon web portal again next month.
According to the BHG blog, the group also recently hacked the website of Red Link, a communications company owned by the son of Thura Shwe Mann, the junta's No. 3. The site is currently shut down.
BHG's vow to continue carrying out DDoS attacks together with underground hackers has met with a negative reaction from ordinary Internet users in Burma, who say that efforts to disable regime-affiliated websites will only slow down the country's Internet access or perhaps even bring it to a complete halt.
The problem is that the methods being used by the attackers are indiscriminate, and in fact seem to have a far greater impact on bystanders than on their intended target.
"DDoS attacks and hacking are not the same thing. Hacking a certain website won't cause the Internet to shut down, but DDoS attacks can affect the whole system," said the technician. "Right now, the Internet connection in Naypyidaw and other government-related places is fine. The only ones who are really suffering are public Internet users in Rangoon and elsewhere."
That may be why, according to a technician close to the regime's Ministry of Communications, Post and Telegraphs (MPT), the authorities have failed to take any action against the DDoS attacks.
"They deliberately let it happen so that Internet connections either slow down or become inaccessible," said the technician.
Arbor Networks, a US-based global provider of DDoS attack protection, confirmed that the onslaught on Burma in early November was "several hundred times" more than enough to overwhelm the country's terrestrial and satellite links, and was bigger than similar attacks on Georgia and Estonia in 2007.
Often, the target of such attacks is dissidents, particularly those from countries with a reputation for suppressing the free flow of information.
In a recent report on DDoS attacks against independent media and human rights sites, the Berkman Center for Internet & Society at Harvard University examined Burma, along with China, Russia, Iran, Kazakhstan, Uzbekistan, Egypt, Tunisia and Vietnam, as an example of a country where DDoS attacks are used to suppress media freedom.
Burma has also attracted the attention of WikiLeaks, which has recently made headlines for releasing hundreds of thousands of US diplomatic cables.
In an interview with Rolling Stone magazine, American hacker and WikiLeaks member Jacob Applebaum demonstrated the extent to which Burma's Internet access is cut off from the outside world – and the ease with which hackers could access the regime's computer networks.
After first showing that only 118 of Burma's 12,284 IP addresses have not been blocked by the regime, Applebaum tests one of the unfiltered computer systems – presumably belonging to a government agency or trusted associate of the top generals – and finds that it is highly vulnerable to attack.
Asked if he intended to hack into the system, he said, "I could. But that would be illegal, wouldn't it?"
See also: