On Friday night, a massive cyber-attack took down some of the world’s largest websites. Hackers are thought to have harnessed the power of the Mirai botnet – which takes over internet-connected devices protected with weak passwords and uses them to bombard sites with data in DDoS attacks, to knock out the likes of Twitter, Reddit, PayPal and Spotify.
Somewhat conceitedly, WikiLeaks posted a tweet that appeared to imply the organisation’s supporters were behind the effort, in an apparent attempt to get revenge for Julian Assange having his internet connection cut off at the Ecuadorian embassy in London. Elsewhere, some analysts were quick to point the finger at Russia, noting that the exercise might have been a dry-run for a similar attempt to bring down the internet on the day of the US elections next month. .
A Russian/Chinese hacking group claimed responsibility for the attack on Saturday. New World Hackers took to Twitter to boast that it used “zombie” computers to throw 1.2 terabits per second of data at servers managed by Dyn Inc, which supports some of the biggest websites on the planet. According to Dyn officials, the attack was well planned and professionally executed, and likely involved the use of millions of IP addresses.
While US authorities could not verify the claims made by the hacking group, Russian involvement in the attack would fit a recent pattern that has seen American interests repeatedly targeted by cybercriminals suspected of having links to the Kremlin. Only last week, Vice President Joe Biden threatened Moscow with a cyber-attack in response to Russian hackers targeting American politicians. Slightly missing the point of clandestine espionage, Biden told NBC’s Meet the Press that the US would send Russia a message “at the time of our choosing”.
It has been suggested that Russia was behind WikiLeaks’ Democratic National Committee (DNC) email database leak, which contained 19,252 emails and 8,034 attachments from top DNC members, and the Podesta email releases, which should have been far more damaging to Hilary Clinton than they have thus far proven to be, mostly on account of the fact that the US media appears more concerned about historic accusations of inappropriate behaviour levelled at Republican candidate Donald Trump.
At the beginning of October, US officials openly accused Russia of being behind the DNC hack. In a statement, the Office of the Director of National Intelligence and the Department of Homeland Security (DHS) said that only “Russia’s senior-most officials could have authorised these activities”. Russian President Vladimir Putin’s spokesman swiftly dismissed the accusation as “rubbish”.
Some commentators have been quick to point out that certain Democratic politicians have previously praised organisations such as WikiLeaks as whistle blowers when they have released information deemed damaging to the Republican Party, but have been far less complimentary over recent months as the groups have released a string of embarrassing revelations about the workings of the DNC, and the cosy relationships Hillary Clinton has forged with big business and the press.
Clinton’s campaign has even gone so far as to compare the suspected Russian hacking efforts to the Watergate break-in that brought down President Richard Nixon. Clinton spokesman Glen Caplin said in a Medium article that Russian involvement in the email thefts was no longer in question, and suggested that Trump knew this, and was actively defending Putin.
The likes of WikiLeaks and fellow hacking organisations Guccifer 2.0 and DC Leaks – which are both suspected of having links to Russian cybercriminals – have now become the darlings of the American right, winning praise from sources that might once of labelled them enemies of the state, including Fox News presenter Sean Hannity and former Ku Klux Klan grand wizard David Duke.
Although there is no conclusive proof that Russia was instrumental in providing these groups with the data they have published over recent months, experts have suggested that the DNC, Podesta and Colin Powell datasets were all accessed in the same way. Hackers gained access to the email accounts in questions by sending malicious short URLs hidden in fake Gmail messages. According to a report from Motherboard, these were all created by a Bitly account linked to Fancy Bear, a Russian hacking group also known as APT 28 and Tsar Team, among a range of other aliases.
An organisation with a similar name, Fancy Bears, was behind the recent hacking of the World Anti-Doping Agency (WADA) database, which revealed a number of top Olympic athletes had been given special permission to take banned substances to treat health conditions. The hack was widely seen as revenge for Russian athletes being banned from the Rio Games after evidence emerged the country had been running a state-sponsored doping programme.
With the US election fast approaching, and with Moscow’s apparent enthusiasm for a Trump Presidency being made clear, it’s highly likely that cyber tensions between the US and Russia will continue to ramp up over the coming weeks and months. Last Friday’s attack on some of the internet’s biggest names could be a sign that Russian-linked hackers are about to escalate their activities from stealing sensitive information from poorly-protected email accounts to something more sinister – taking out vital web-based infrastructure in massive DDoS attacks.