Email This Post - Print This Post Print This Post

The technical team, which is responsible for security of this website, reports that 830 MB of logs of malicious software have been identified as having been launched recently against this website. For internet technicians, this is a highly unusual, possibly a record-setting volume. Most specialists report that 5 to 10 MB of such logs is unusual. The trail left by the attempted attackers is being traced to source.

The typical attack attempt is what is known as a denial-of-service (DoS) attack, or distributed denial-of-service (DDoS) attack. This is usually intended to make a website like this one unavailable to its intended users, suppressing the readability of what is reported and published. Although the motives for, and targets of a DoS attack may vary, it generally consists of a concerted effort by a person or group of persons, who are paid to prevent the site or service from operating efficiently, temporarily or indefinitely. The perpetrators of such attacks are usually well paid. The traces of these attackers and the log information usually includes IP addresses, time of attack, and other data, indicating “bots” – an IT term that refers to automated or semi-automated programming tools that carry out the repetitive tasks of attempting to read the site that are fake – intended to swamp and paralyze the server and prevent genuine readers from getti8ng the access they request. Chinese IP addresses are a typical disguise used by Russians employed to attack in this way.

The conventional method of attack involves saturating the target or victim with external communications requests, so as to make it difficult or impossible for the website to respond, and open, to legitimate traffic. A few days ago, one such attack on this website appeared to legitimate users as a slowness of the site to open when individual requests to read articles were signalled by readers and users. In general terms, DoS attacks are implemented by either forcing the targeted computers to reset, or consuming their resources, so that they can no longer provide their intended service, or obstructing the communication media between the intended users and the victim.

Because investigation of this website’s logs have shown that one of the largest-volume users of this website has been United Company Rusal, its executives, and two of its law firms – Bryan Cave against international claimants against Rusal and its shareholders; Schillings for threats to sue against investigative reporting on the company – there is a serious risk that those who attack this website may deny Rusal the opportunity which so many of its agents seek to read, and to be informed.

In addition, according to the website specialists, the 830 MB of malicious software may infect the machines of the Rusal agents and their lawyers. Heaven forfend!

In the past, the High Court in London has investigated the computer techniques used by Rusal and its agents. The following ruling was issued by the deputy judge of the High Court, David Hirst QC, in October 2006. It is a salutory caution for all those with a forensic interest in Russian litigation tactics; and also for those who believe that internet publications can be attacked with impunity by DdoS methods.

Hirst QC ruling against Rusal of October 18, 2006

It is sure that a publicly listed company of Rusal’s quality will have learned the lessons of that case, and thus cannot be considered to be anything but the innocent victim of the malicious software that has been fired at this website.

Leave a Reply