Burma hit by massive net attack ahead of election

Graph of net attack, Arbor Networks Huge amounts of traffic easily overwhelmed Burma's links to the net

Related stories

An ongoing computer attack has knocked Burma off the internet, just days ahead of its first election in 20 years.

The attack started in late October but has grown in the last few days to overwhelm the nation's link to the net, said security firm Arbor Networks.

Reports from Burma say the disruption is ongoing.

The attack, which is believed to have started on 25 October, comes ahead of closely-watched national elections on 7 November.

International observers and foreign journalists are not being allowed into the country to cover the polls.

It will raise suspicions that Burma's military authorities could be trying to restrict the flow of information over the election period.

The ruling generals say the polls will mark a transition to democratic civilian rule.

But as the BBC's Sue Lloyd-Roberts reports from Burma, many believe the election is a sham designed to cement the military's grip on power.

In the last elections in 1990, Aung San Suu Kyi's National League for Democracy (NLD) won a landslide victory but the junta ignored the result and have remained in power ever since.

Cyber attack

The Distributed Denial of Service (DDoS) attack, as it is known, works by flooding a target with too much data for it to handle.

BURMA ELECTION: NUMBERS

  • First election in 20 years
  • Total of 37 parties contesting the polls
  • 29 million voters eligible to cast ballots
  • About 3,000 candidates of whom two-thirds are running for junta-linked parties
  • 1.5 million ethnic voters disenfranchised because areas deemed too dangerous for voting to take place
  • No election observers, no foreign journalists

The "distributed" element of it means that it involves PCs spread all over the world. These networks of enslaved computers - known as "botnets" - are typically hijacked home computers that have been compromised by a virus.

They are typically rented out by cyber criminals for various means, including web attacks. They can be called into action and controlled from across the internet.

Burma links to the wider net via cables and satellites that, at most, can support data transfers of 45 megabits of data per second.

At its height, the attack was pummelling Burma's connections to the wider net with about 10-15 gigabits of data every second.

Writing about the attack, Dr Craig Labovitz from Arbor Networks said the volume of traffic traffic was "several hundred times more than enough" to swamp these links.

The result, said Dr Labovitz, had disrupted network traffic in and out of the nation.

He said the attack was sophisticated in that it rolled together several different types of DDoS attacks and traffic was coming from many different sources.

At time of writing, attempts to contact IP addresses in the block owned by Burma and its telecoms firms timed out, suggesting the attack is still under way.

"Our technicians have been trying to prevent cyber attacks from other countries," a spokesperson from Yatanarpon Teleport told the AFP news agency.

"We still do not know whether access will be good on the election day."

Mr Labovitz said that he did not know the motivation for the attack but said that analysis of similar events in the past had found motives that ran the gamut "from politically motivated DDoS, government censorship, extortion and stock manipulation."

He also noted that the current wave of traffic was "significantly larger" than high-profile attacks against Georgia and Estonia in 2007.

More on This Story

Related stories

From other news sites

* May require registration or subscription

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

Elsewhere on the BBC

bbc.co.uk navigation

BBC © MMX The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.