10 Novembre 2013
November 10, 2013
http://ajw.asahi.com/article/behind_news/social_affairs/AJ201311100027
Anti-nuclear citizens groups around Japan were left reeling from a blizzard of e-mail traffic--more than 2.53 million messages--that had all the hallmarks of a coordinated cyber-attack.
At least 33 groups were targeted in the campaign carried out from mid-September to early November.
Experts said there was little doubt that a computer program developed exclusively for the purpose was used in the attack. It ranks as Japan’s first cyber-attack to target specific citizens groups.
Lawyer Yuichi Kaido, who is acting on behalf of those groups, told The Asahi Shimbun he is considering filing a criminal complaint against the senders of the e-mails on grounds of forcible obstruction of business--that is, if the perpetrators can be found.
Kaido is also a co-representative of “Datsu-genpatsu Bengodan Zenkoku Renrakukai” (Nationwide liaison office for groups of lawyers working for the anti-nuclear lawsuits).
The groups targeted include the Women’s Active Museum on War and Peace and the Metropolitan Coalition Against Nukes.
The e-mail blitz started simultaneously on Sept. 18 or 19. In the 13 days up to Sept. 30, more than 2.1 million e-mails were sent to the groups.
One e-mail read, “Unless we kill all of the anti-nuclear believers, world peace will be never achieved.”
During the period from Oct. 24 to Nov. 4, two groups were singled out for more than 430,000 e-mails.
Some of the groups provided the e-mails and other details to The Asahi Shimbun, which then asked several computer security companies to analyze them.
It emerged that the senders of the e-mails used a computer system that returns registration confirmation e-mails if people register their e-mail addresses to receive e-magazines or make inquiries.
The method of the attack is as follows:
Someone obtains an e-mail address of an anti-nuclear group from its website. Then, the person registers the e-mail address on the website of a different anti-nuclear group from twice to 300 times per minute using a special computer program by pretending that he or she wants to receive the e-magazine or make an inquiry.
Then, the website returns the same number of registration confirmation e-mails to the former anti-nuclear group.
The computer security firms tried to find the IP address of the person who registered the e-mail addresses. However, they were not able to do so as the person used the “Tor” anonymity system that makes it impossible to uncover IP addresses.
This type of cyber-attack is known as “Denial of service” because its aim is to obstruct the activities of the targeted organization.
The Tor system was also used in a 2010 incident in which information on international terrorism that had been gathered by Tokyo’s Metropolitan Police Department was leaked to the Internet.
In previous cyber-attacks, perpetrators tried to access individual Internet banking accounts, or attempted to get hold of confidential information of private companies and government organizations or obstruct their activities.
As of now, there are no obvious leads into who is responsible for the cyber-attack against the anti-nuclear groups.
“The sender may have tried to sow an internal feud among anti-nuclear groups,” said Shuichi Yanagimachi, a member of “Genpatsu-mondai Jumin-undo Zenkoku Renraku Center” (Nationwide liaison center on citizens movements on nuclear power generation issues).