The attack, which started on April 26, intially targeted the website of RFE/RL's Belarus Service, but quickly spread to other sites. Within hours, eight RFE/RL websites (Belarus, Kosovo, Azerbaijan, Tatar-Bashkir, Radio Farda, South Slavic, Russian, and Tajik) were knocked out or otherwise affected.
The "denial-of-service" (DOS) attack was intended to make the targeted website unavailable to its users, according to RFE/RL's Director of Technology Luke Springer. "The way this is normally done is by flooding the target website with fake requests to communicate, thereby using up all [the website's] free sources and rendering the site useless to all the legitimate users," Springer said.
RFE/RL has taken countermeasures and restored full service to most of its Internet sites. The primary target, the Belarus Service, is still affected.
RFE/RL has been hit before by denial-of-service attacks, but this attack was unprecedented in its scale, as RFE/RL websites received up to 50,000 fake hits every second.
Springer says this more sophisticated assault is known as a "distributed denial-of-service" attack, in which "the attacker has made use of other machines, distributed its intentions out to other machines, and then all of these machines attack at the same time."
DOS attacks are difficult to protect against, and the software required to carry them out is available on the Internet.
Other Sites Attacked
RFE/RL Belarus Service Director Alyaksandr Lukashuk said he began getting e-mails from frustrated web visitors about two hours after the attack began on April 26. He noted that the problems began on an important date in Belarus -- the 22nd anniversary of the Chornobyl nuclear catastrophe.
Lukashuk said that a large Internet audience was relying on RFE/RL's Belarus Service to report live on a rally of thousands of people, organized by the Belarusian opposition. The demonstrators were protesting the plight of uncompensated Chornobyl victims and a government decision to build a new nuclear power station.
Other Belarusian websites were also hit, including the Minsk-based nongovernmental organization Charter 97. Since the attacks, many other independent websites in Belarus have carried content from RFE/RL's Belarus Service.
RFE/RL President Jeffrey Gedmin said he is deeply concerned by the attacks. "If free and independent media existed in these countries where we're working and broadcasting, we would have no reason to exist," Gedmin said. "The Belarusians, the Iranians -- they all have basically the same objective. They see free information -- flowing information of ideas and so forth -- as the oxygen of civil society. They'll do anything they can to cut it off. If it means jamming, if it means cyberattacks, that's what they'll do."
Cyberattacks have become more common in recent years, sometimes targeting government institutions or large corporations.
In May 2007, Estonian websites were hit by a wave of cyberattacks. Estonia accused Russia of launching the attacks after Tallinn relocated a monument honoring Soviet troops, sparking anger in Russia and among Estonia's ethnic-Russian population. Moscow denied any involvement.
Belarus Service Director Alyaksandr Lukashuk says that after a massive denial-of-service attack cut the service's website off from its Internet audience, the service was forced to use different means to get its message out. These included:
- going back to the airwaves and broadcasting on shortwave
- posting its material on the websites of the independent media and Internet community in Belarus, which came together in solidarity with the service in its response to the attack
- relying on a network of friends and dedicated listeners to spread the word on how to access the service's materials, on other websites and on the air.