The Russian blogging mystery
With four million accounts and about 20 million visits daily, LiveJournal is one of the most popular Russian blogging platforms and social networks. Originally started in the US, LiveJournal became very appealing to Russian audiences and in 2007 it was bought by Russian media company SUP, turning LiveJournal into an advertising and media site, hiring successful bloggers to work for them full time. In 2009 the company transferred much of the development and design operations to Moscow. Also in 2009, Russian President Dmitry Medvedev opened a LiveJournal blog. A number of other high-ranking politicians and businessmen also opened blogs in LiveJournal, with various motivations and various results.
The acquisition sparked rumors of possible political motivations of SUP owners as some LiveJournal users saw the site as a place for independent political discussions and the promotion of political ideas. Those people openly expressed their fear that opinions are out of line with Russia’s authorities would be censored. However, so far no one can give a clear example of such censorship. On the other hand, some political struggle really took place, and often it went beyond the debates in the comments. Several bloggers have reported that their accounts have been hacked and either defaced or deleted, and more than once popular LiveJournal users fell victim to the so called DDoS attacks – a flood of requests from computers infected with special viruses that overloaded the servers and brought down whole sectors of the platform.
Over the past few days LiveJournal was down several times and its owners – the SUP company, blamed the most powerful DDoS attack ever. Many bloggers, including several opinion makers put forward the idea that the attack was ordered by the Kremlin in order to get rid of a popular discussion site in a year of parliamentary elections. The media, both Russian and foreign, gladly distributed this conspiracy theory. The fact that the platform is successfully used by Russian civil servants, including the President himself as well as hundreds of conservative politicians and political technologists was not taken into consideration.
However, as the attacks continued, people started to suggest different explanations.
Apart from the obvious thought that the attack was ordered by competitors, there was a version that appeared simultaneously with the political one – SUP was blaming unknown hackers for its own technical mistakes. The company has earlier stated that late March through early April would be a period of serious changes, and syndication with other popular networks was announced on the day when the first serious attack took place. Third party security specialists, like antivirus software producer Kaspersky Labs confirmed that the DDoS attacks were real and named their types, terms and targets. However, it was not immediately clear how Kaspersky Labs obtained the information.
At the same time, the addresses from the SUP press service were unclear and reminiscent of propaganda leaflets. SUP said that the problems were caused by DDoS, but refused to name the exact target of the hackers and immediately called for the users to unite, show their support, and never leave the platform. The call was heard and distributed not by those who used the blogs for political purposes, but rather by a number of popular authors who made money from advertising on their blogs (and most likely shared the profits with the hosting platform). Traveling photographer Sergey Mukhamedov called upon the users to gather near the SUP headquarters at noon on Friday to show support for the owners of the blog platform. The move was supported by similar figures, but none of them were engaged in politics.
Another peculiarity of SUP behavior was that the businessmen did not complain to the police. Many experts pointed out that turning to law enforcement for help was an effective tactic – there is a department for countering cyber crime in the Russian Interior Ministry and its specialists are capable of locating the main servers hosting the attackers while the owners of the servers usually switch off the malicious data streams after first requests. Neither did SUP approach a company specializing on DDoS protection. These options, while being very effective, required disclosure of information and for some reason this is not what LiveJournal owners are willing to do.
It is too early to say that LiveJournal problems, attacks or malfunctions, have been left behind, but at the moment the blog service is working and it does not differ from the pre-attack version.