Friday, January 30, 2009

The Kyrgyzstan DDoS Attacks of January, 2009: Assessment and Analysis

Via IntelFusion -

On January 18, 2009, a large scale DDoS attack began against Kyrgyzstan Internet service providers (ISPs). Key national Web server site and the Kyrgyzstan official domain registration service have only been available intermittently from Jan 18th 09.

Russian-based servers primarily known for cybercrime activity have been identified through IP analysis with the attacks on Kyrgyzstan.


The Kyrgyz cyber attacks during the week of January 18th fall right in line with an escalating series of repressive political actions by the Bakiev government against this latest attempt to form an opposition political party – the United Peoples Movement (UPM). Bakiev should know, since it was the Tulip Revolution in 2005 (and the last time that DDoS attacks were utilized in Kyrgyzstan) which brought him to power.

Opposition leader Omurbek Tekebaev has pointed out the similarities between 2005 and 2009: “Both then and now, you could see people mistrusted those in power, who lacked moral authority. Both then and now, public opinion was completely controlled by the authorities, and there was persecution of journalists and dissidents, criminal persecution of political opponents,” he said.

This appears to be a cyber operation for hire by the Bakiev government to control information access against its political opposition. The likely culprits are Russian hackers with moderate skill levels who regularly engage in cyber crime.

There is no evidence that the Russian government is directly involved, however Moscow has complete control over the servers owned by JSC and Golden Telecom. To date, no action has been taken by the RF to deny access to these servers by Russian hackers.


Also check out - Why I believe that the Kyrgyzstan Government hired Russian hackers to launch a DDOS attack against itself.

No comments:

Post a Comment