The Danish daily Berlingske Tidende writes that they have been approached by a cracker who says he has intruded in the private e-mail box of Michael Rasmussen, the cyclist who was kicked out from Tour de France. The cracker tried to sell the paper alleged correspondence between Rasmussen and Rakobank which would have shown whereabouts of the cyclist during disputed dates in June.
Berlingske turned down the offer. Sports editor Peter Brüchmann says that the paper can neither buy nor use any information aquired illegally.
According to Aftonbladet, a number of Swedish sports clubs and sports related web sites have been cracked during the weekend. Sites related to ice-hockey and football have been inserted the official looking warning by the criminal police saying that the site you are about to enter is suspected for spreading child pornography. The affected sites have nothing to do with child pornography.
Sites of Swedish ice-hockey clubs Hammarby and MoDo were attacked on Saturday. The warning was also posted on the site of Hammarby’s football division and the football portal Fotbolldirekt.com. The latter seems to be down as I type.
“This does not look very good for us either”, criminal police spokes person Linda Vidmark says to Aftonbladet. “We need to think out how to get about it”, Vidmark goes on to say.
A Danish judge through out evidence obtained by the police by hacking in to a password protected web forum, Berlingske Tidende writes. The police and prosecutor have not much above the banned evidence to back their charges against nine alleged football hooligans. They are charged for having planned a fight in Enghave S-train station in Copenhagen.
A group of FC København supporters calling themselves Copenhagen Casuals have a password protected forum. The police admitted having obtained a password through a security hole in the system. They then followed the forum discussions and used the contents of the site as evidence.
The judge said that peeking in to the site was equal to other intrusions of privacy, such as telephone ease-dropping. Hence, the police needed a court order which they did not seek. The judge also pointed out that a court would not have allowed the hack because the crime was not serious enough to justify intrusion of privacy according to Danish law.
We’ve seen 128 unique DDoS attacks on Estonian websites in the past two weeks through ATLAS. Of these, 115 were ICMP floods, 4 were TCP SYN floods, and 9 were generic traffic floods. Attacks were not distributed uniformly, with some sites seeing more attacks than others
Jose’s access to inside records of ATLAS allows him to deliver detailed technical info on the measure of the force behind these attacks against the Estonian government, media, banks and other businesses.
On May 9th, the F-Secure blog posted a number of interesting screen shots, among them this one of a Russian hacker site, offering Denial-of-Service tools crafted for attacking Estonia:
Somebody really seems to be out there to get a country. Luckily, though, the EU commission president Jose Manuel Barroso made it clear right in the face of dictator Putin of Russia that an attack against one member country of EU is an attack against all of EU.
As F-Secure concludes their post:
We probably haven’t seen the end of these attacks yet.
Alas, Führer Putin and his SS are likely to continue their illegal actions.
The Estonian daily Eesti Päevaleht writes that Estonia’s Minister of Defense Jaak Aaviksoo raised the issue of cyber attacks against Estonia at a meeting of EU’s defense ministers in Brussels on Monday. During the last couple of weeks, web sites of the Estonian government have been attacked heavily and many of them are not acessible from abroad. IP’s belonging to Russian government have been detected to participate in the attacks. This could mean either that some government organisations actively support the attack or that their security is bad enough to allow Russian government’s computers and servers to be hijacked.
Mean while in Finland, the web site of the Finnish Broadcasting Company YLE has been down due to denial of service attacks most of Monday. The site was up again shortly after midnight. According to YLE news, another possible reason could be a failure of their ISP Sonera’s router. The exact reason is expected to be known during Tuesday.
While it can not be excluded that the latest attack against YLE could be some sort of a bizarre revenge of ice-hockey hooligans after the Russian team was beaten by Finland in the World Championship semi final, I find it more likely that it is a part of an attack against EU. The Russian crackers, either actively supported or at least tolerated by some government organisations, have apparently expanded their activities further from Estonia. Estonian foreign minister Urmas Paet said in Brussels on Monday that the attacks should be included in the agenda of the top meeting between EU and Russia on Friday.
Edit (Tuesday morning at 11.17): According to Helsingin Sanomat, the attack against YLE started again at 8 a.m. local time. Any device failure in equipment belonging to YLE or its partners is excluded. YLE has not as yet officially commented the source of the attack.
I say they just need to look at east.
Due to the ongoing resistant cyber attacks against Estonia orchestrated by the Russian government, I am unable to access the Estonian daily Postimees through the web. No new headlines of the paper have appeared in my RSS reader in three days. Ironically, I was able to read in Postimees today via a proxy site that the Estonian police have taken into custody a person suspected to have actively participated in the attacks and also encouraged others to join the activity, thereby mediating detailed instructions to attack Estonian servers and web sites.
The suspect is called Dmitri, a 19 year old Estonian citizen living in Tallinn. According to a press statement of the prosecutor’s office, Dmitri has been useful in orchestrating the attacks, since as a local resident he is well oriented in the Estonian web. The prosecutors say that Dmitri encouraged others to crack web sites of the Estonian government and political parties.
What bothers me most with this Dmitri character is that he allegedly did this against the country he is a citizen of. Does his citizenship not have any importance above possessing an Estonian passport which provides him access to all EU countries and many other countries? Disagreeing with one’s own government is a civil right of great importance but I am old fashioned enough to think that a citizen is supposed to have some loyalty against their own government. At least enough loyalty not to participate in a cyber war against it.
Dmitri is naturally by definition innocent as long as he has not been found guilty by a court of law. If the evidence against him is strong enough for a guilty verdict, he will serve his sentence in an Estonian jail rather than a Russian one. That is of course nice for him, maybe even worth having an Estonian passport.
Is that the main reason for choice of citizenship these sad days?
Jyllands-Posten writes that the paper’s web site was down most of Tuesday as a result of a massive denial of service attack. This was not the first time Jyllands-Posten was exposed to attacks. It was very heavily attacked for several times in February in the aftermath of the Mohammed cartoon issue.
I must confess that I did not experience anything special on Tuesday. I have always felt that Jyllands-Posten’s RSS feeds are a bit slow to update so I did not notice that something would have been out of the ordinary.