Attack Hits Swedish Signals Intelligence Agency's Website

The website of the Swedish National Defence Radio Establishment (Forsvarets Radioanstalt) has been the target of a prolonged denial of service attack this week. There is some speculation that the incident was caused to protest to the agency's new role of intercepting and monitoring Internet traffic passing through Sweden.

Forsvarets Radioanstalt (FRA) is an intelligence agency of the Swedish government, subordinated to the country's Ministry of Defence. It was official established in 1942 and its primary role was radio signal interception and monitoring.

In June 2008, the Swedish Parliament passed anti-terrorism legislation allowing FRA to coduct warrantless wiretapping of telephone and Internet communications that crosses Swedish borders. This includes all international Internet traffic that passes through Sweden, such as Russia's. The law went into effect at the beginning of January but the actual monitoring started last month.

The DoS attack on FRA's website began on Monday evening and according to a report from the Pingdom uptime monitoring service, extended well into Tuesday and Wednesday. This type of attack involves overloading a server with bogus requests until it is unable to process legit ones.

The total downtime suffered was of almost 29 hours, but according to an official announcement (in Swedish), it did not affect the agency's work. "FRA has good protection for its operations, since they are physically detached from the Internet at the authority," Jan Donner, FRA's director of information security, explained (rough translation from Swedish).

It is worth noting that FRA is not the only Swedish authority to be attacked in this way in recent times. Last week, the website of the Swedish police forces was the target of a similar denial of service attack, launched from compromised hosts in China and the United States. "We have recently seen that this type of cyber attacks have increased and there are many organizations who have been affected. It is difficult to defend against attacks of the kind, which attempt to overwhelm a website," Mr. Jan Donner concluded.