The Georgian blogger whose Twitter, Facebook, and YouTube accounts were targeted in denial-of-service attacks on Thursday, says he thinks Russia’s federal security service is behind it.
“This hackers was from Russian KGB,” the blogger, who uses “Cyxymu” on his accounts, wrote in a tweet early on Friday, adding later: “My twitter is online! Thank you all for support after ciber attack from Russia!”
Because of the difficulty in tracing distributed denial-of-service (DDoS) attacks back to the source, unless someone takes credit for the attack or brags about it to online associates, it’s nearly impossible to determine exactly who was responsible.
Cyxymu is identified as a 34-year-old economics lecturer named Georgy from Tblisi, Georgia, by The Guardian. His blog postings are critical of Russia’s dealings with the Caucasus region and his screen name is a Latinized version of the spelling of Sukhumi, the capital of Abkhazia, a breakaway Georgian republic.
“Maybe it was carried out by ordinary hackers but I’m certain the order came from the Russian government,” he is quoted as saying. His LiveJournal account was attacked last year, as well, according to the report.
The DDoS attacks came on the eve of the one-year anniversary of a significant military clash between Russia and Georgia, which have had an ongoing conflict. In the 2008 South Ossetia war that began on August 7, 2008, Georgia attempted to retake control of South Ossetia and Russia launched air strikes against Georgia.
“When the war started in South Ossetia last year I couldn’t avoid being drawn into politics,” the blogger said.
The Georgian government is investigating potential links between its citizen and the attacks, and there are suspicions that the attack came from Russia, Shota Utiashvili, head of the Department of Information and Analysis at the Ministry of the Interior, told CNN.
Twitter was down for hours on Thursday during the attack, and LiveJournal suffered an outage. Facebook, and Google–whose Blogger, Google Sites, and YouTube were also affected–were able to fend it off.
Whoever was behind the attack may also be responsible for a spam e-mail campaign launched before the DDoS attack and targeting the blogger’s accounts. In that attack e-mails were sent out that looked like they came from the blogger and included hyperlinks to his accounts on the targeted sites. A Facebook spokesman and others said that a spam attack would not have been effective enough to cause a DoS outage.
The Cyxymu accounts were back up on Friday on Twitter and Facebook (where he’s a fan of John McCain), but his LiveJournal account appeared to still be inaccessible though a cached version was available on Google. His YouTube account, meanwhile, never went down.