Saakashvili administration denies crippling hacker attack on president’s website

Russian hackers are to blame for an internet attack that took down the official website of the Georgian president over the weekend, suggested network security experts who documented the incident. A spokesperson for the president's administration, however, denied that the website had come under attack.

The alleged attack was reported by Shadowserver.org, which describes itself as “an all volunteer watchdog group of security professionals that gather, track, and report on malware, botnet activity, and electronic fraud.” The group said the internet assailants used a DDoS attack to take down the president’s website, www.president.gov.ge.

A successful DDoS, or Distributed Denial of Service, attack overwhelms the target server with floods of requests from a network of hijacked computers. Because there are too many requests, the website and its server under attack become so overloaded that the site becomes inaccessible for all users.

According to Shadowserver.org, the attack began on the morning of July 19 and continued until July 20. As of last night, the president’s website was running smoothly.

But an administration spokesman said the incident never occurred.

"It's not true, the web site didn't stop even for a minute over the weekend," said spokesman Vano Noniashvili.

The internet secrurity watchdog group contradicted that, but suggested the Georgian website's administrators are not to blame.

"We can confirm there was a DDoS attack and that we were unable to access the server," wrote Steven Adair, internet security expert for Shadowserver.org, in an email. "We believe that a substantial number of bots were used in this attack and could quite possibly have the capability to take most websites offline."

"Periodically for a period of over 24 hours, we were not able to access the website or any other website on the server. The same results were experienced by others in various geographic locations," Adair wrote.

Shadowserver.org said the server controlling the computer network used for the attack had “bogus registration information but does tie back to Russia.”

Arbor Networking, another Internet security company, also confirmed the DDoS attack on www.president.gov.ge. The company’s chief analyst, Jose Nazario said on his company blog that one of the messages in the electronic trash that forced the president’s site offline reads “win+love+in+Rusia.”

Nazario suggested a connection between the attack and the frayed political relations between Moscow and Tbilisi over Georgia’s conflict regions and NATO aspirations.

The Saakashvili administration would not be the first post-Soviet government to come under attack from computer crackers. In June this year, Russian news agencies reported a widespread attack on Lithuanian government websites, with the culprits leaving behind the Soviet hammer and sickle on the main pages.

Lithuanian officials said the attack was a protest against Vilnius’s decision that month to ban displays of Soviet symbols.

And in 2007 Estonian websites came under DDoS attacks which forced many major sites offline, including the webpage of the police force and those of several leading newspapers. That attack was thought to be connected to Tallinn’s controversial decision to relocate a Soviet war memorial.