2010 cyberattacks on Myanmar

The 2010 cyberattacks on Myanmar (also known as Burma) were distributed denial-of-service attacks (DDoS) that began on 25 October, occurring ahead of the 2010 Burmese general election, which is widely viewed as a sham election. This election was the first that Burma had had in 20 years. The attacks were significantly larger than attacks against Estonia and Georgia in 2007 and 2008 respectively. The attack followed a similar one on 1 February 2010, and also followed an incident of a total loss of connection to the internet the previous spring when a submarine communications cable was severed accidentally.

Attacks beginning 25 October 2010
Over the period of a week, a large-scale massive DDoS attack targeted Burma's main Internet provider, the Ministry of Post and Telecommunication. Successful attacks to this network interfered with the majority of all incoming and outgoing network traffic.

The motivation for the attacks, and hence the culprits, were unclear, but there was significant speculation that blamed the Burmese government for a pre-emptive attack to disrupt Internet access just before the general elections. The ruling military junta, the State Peace and Development Council (SPDC), was known for denying universal human rights such as freedom expression; the government's efforts to silence dissent are extended to cyberspace, and it has one of the most restrictive systems of Internet control in Asia. The fact that international observers and foreign journalists were not being allowed into the country to cover the polls raised suspicions that Burma's military authorities could have been trying to restrict the flow of information over the election period.

Technical details
A DDoS attack attempts to flood an information gateway with data exceeding its bandwidth. The "distributed" element of a Distributed Denial of Service means that it involves PCs spread all over the world. These enslaved computers, called "botnets," are usually home computers that have been hijacked and compromised by a virus. Botnets are usually rented out by cyber criminals for various purposes, which includes web attacks. They can be controlled from across the internet. The size of the October–November 2010 attacks increased daily from 0.5 to 10-15 Gbit/s, each daily attack lasting over eight hours (always during regular office hours), from computers across the globe. This was several hundred times more than enough to overwhelm the country's 45 Mbit/s T3 terrestrial and satellite links. Attacks on blogging websites in September were also on the order of Gbit/s.

By comparison, the 2007 cyberattacks on Estonia were at most 90 Mbit/s, lasting between a minute to over 10 hours.

Cyberattacks in Burma prior to the 2010 election
This cyber attack notably followed a similar one on 1 February 2010, when the internet link service of Myanmar's Yatanarpon Teleport Company was struck, and also followed the incident of a total loss of connection to the internet the previous spring when a submarine communications cable was severed accidentally.

Despite the heavy hand that the regime wields over cyberspace, information communication technologies (ICTs) have provided Burmese opposition groups the means to challenge the government by broadcasting their message to the world. There has been an ongoing battle between the liberation technologies and the authoritarian government. In 2000, Burmese political activists received numerous e-mails that contained viruses, which many believe were part of an organised campaign perpetrated by state agents. The first major example of a DDoS attack in Burma was in 2007, during the Saffron Revolution when Burmese activists managed to put videos and pictures of the demonstrations and government crackdown on the internet, at which time the government severed the internet connection for almost two weeks.

Near the one-year anniversary of the Saffron Revolution, the websites of three main Burmese independent media organisations were attacked and effectively silenced. The Democratic Voice of Burma and The Irrawaddy were made inaccessible through a DDoS attack, and the website for Mizzima News was defaced. Through 2009 and 2010, attacks on Burmese opposition media sites continued periodically. The timing of these attacks and the nature of the websites being attacked indicate a political connection. Although the identity of the attackers remain unknown, it is widely believed that the government played a role. This belief is still held, because the Burmese government has consistently made efforts to control and censor the communications environment of the country. Also, the timing and co-ordination of these attacks being around the anniversary of the Saffron Revolution suggests that the motivation of them was to prevent the websites from commemorating the protests and possibly mobilising new political actions.

In September 2010, coinciding with the third anniversary of the Saffron Revolution, the websites belonging to independent and opposition news sites and blogs were brought down by DDoS attacks similar to, but less powerful than, the ones that took place prior to the election. On 27 September 2010, DDoS was used specifically against two news websites in Burma: the Democratic Voice of Burma and The Irrawaddy Magazine. Both of these magazines were providers of independent coverage of current affairs in Burma. These attacks were believed to originate from the Burmese government, and with the election a month away, media workers feared that this attack was a test run leading up to the election. In 2009, Burma ranked 171 out of 175 countries in the Reporters Without Borders (RSF) Press Freedom Index.