Burmese exile news site endures hacking, DDoS attacks

Like other Burmese exile-run media, the Irrawaddy has been plagued by numerous denial-of-service (DDoS) attacks in recent years that have forced its website to be shut down. Now, Aung Zaw, the publication’s founder and editor, believes Burma’s military-backed regime has adopted a new cyber-attack strategy that aims to undermine the exile media’s credibility among readers.

Earlier this year, unknown hackers penetrated the Irrawaddy’s central computer system and planted false news on its website’s front page claiming that a popular Burmese film star had died. The bogus report sparked a protest from the still living actress and an outcry among readers about the inaccuracy before editorial staff could delete the posting and issue an explanation.

Aung Zaw told CPJ he fears the damage from the attack may have been wider reaching, potentially jeopardizing the identity of secret in-country sources and contributors. He says the hackers first breached the Irrawaddy’s central computer system using password-cracking software two weeks prior to planting the false story.

“Tons of confidential information was exposed when our site was hacked,” said Aung Zaw during a recent interview with CPJ. “We assume they were reading our day-to-day messages.”

After the attack, Aung Zaw said the Irrawaddy hired Internet security experts in Europe to audit the extent of the security breach. The experts were able to track one of the IP addresses of an apparent team of hackers to London. They used proxy servers in China in a circuitous bid to conceal their location.

The audit also showed that the IP address for the hacker who planted the false story had, two weeks earlier, amended for accuracy several sections on the Burmese military’s Wikipedia page. Aung Zaw said the amendments demonstrated in-depth knowledge of the military’s structure and symbols, including the number of stripes and other insignia on obscure military decorations. 

Burma’s military-backed regime has never publicly taken responsibility for the various DDoS attacks that have anonymously debilitated Burmese exile media in recent years. Nor has anyone acknowledged orchestrating the recent cyber-attack against the Irrawaddy–though Aung Zaw notes that many former soldiers and other regime allies are known to reside in the United Kingdom, Burma’s former colonial ruler.

The Irrawaddy has since upgraded its computer system’s security and, with help from outside experts, is actively guarding against a similar future attack. Nonetheless, hackers have attempted in recent weeks to breach an Irrawaddy database and, in another instance, posed as one of Aung Zaw’s China-based contacts while messaging on Facebook.

“Whoever they are, they’re getting more clever and more dangerous,” said Aung Zaw.

(Reporting from Chiang Mai, Thailand)