Russian Hacking – crime or war? It’s personal.

We are a VERY obscure web site. We haven’t at the time I write this even officially been launched. Only invited people know about this site. Here are stats of where people are in the world who are accessing our site over the last week, either personally or ‘electronically’ through ‘robot’ software (called bots in the trade)

Location Visits % Visits
1. Russia 826 58.75%
2. Canada 155 11.02%
3. Denmark 154 10.95%
4. UK 111 7.89%
5. Ukraine 46 3.27%
6. Kazakhstan 20 1.42%
7. Illinois 15 1.07%
8. Italy 7 0.50%
9. Belarus 6 0.43%
10. California 6 0.43%

Canada is there because we use a free service from there to run a scheduled job that frequently ‘wakes up’ our site (called a ‘cron’ job) to post any breaking news into the newsfeed.
Denmark is where out site physically is (yes, even though this is the internet, sites don’t really exist in some mythical ‘cloud’ – that’s just marketing spin)
Russia? That’s bots snooping around, seeing if there is any useful information they can acquire. We THINK we are keeping them all out, but it is why we advise you NOT to use an email address you need really secure for banking (and definitely don’t use the same password!).

Surely they can fake the country they are from? Yes, that isn’t too difficult to do (you need to fake what is known as your IP address), but if you do it the ‘easy’ way of using what’s called a VPN (where you link to another country through a ‘private network’) you leave a huge thumbprint that’s fairly easy to follow. It’s actually very hard indeed to do this without leaving a trace.

If you are interested, one of the ways the CIA knows that the hacking of the DNC was Russian was because in the tens of thousands of times the Russians did this, ONCE a human forgot to run the ‘masking’ job first that hid their real address. All their traffic was appearing as if it were from Arizona and on just one occasion they let their true address show. The CIA can pinpoint that address down to a specific PC in Moscow. And to show how scary THEIR intel is, they know the name of the person who owns/uses that PC (because of course they’ve hacked it).

On a parochial level, although we are running this site ‘on the cheap’ where we can, we are using good commercial defences and this site is at least as secure as all the usual sites you use like the BBC or whatever. We can’t keep the Russian spies out, but we do we think keep this low-grade ‘criminal’ snooping out. That accounts for a significant chunk of our running costs as we use a professional hosting company that does most of this for us. (The only other running cost element is the hire of the software to manage the forum boards, allows us to send emails and newsletters etc).

On the broader political level, we as a little minnow on the internet get this amount of Russian traffic, because it’s electronic ‘robotic’ and doesn’t cost them to do it. Worse, this is such low grade attempted hacking (essentially criminal) that they don’t try to hide where they are from – only the very serious spy folk can do that. So they don’t care that you know all this. Think of it as a local criminal gang trying your house lock every night to see if you’ve forgotten to close the door properly. They are so confident they don’t care people can see them do this on all the CCTVs that exist. In fact, they want you to know it’s them.

Whether this is ‘ordinary’ crime or actually the skirmishes of a full blown cyber war, it’s all scary stuff. The internet COULD be broken one day. Your local Tesco Express would run out of stocks within 2 or 3 days. There’s no way any business of size can truly ‘go back to paper’ now.