Bosnian Websites Try to Recover After ‘Intensive’ Hacker Attacks

Cyber attacks hit companies around the globe. Photo: EPA/ERDEM SAHIN

Sandra Gojkovic-Arbutina, editor-in-chief of Nezavisne Novine, told BIRN that the site was one of several online media outlets in Bosnia and Herzegovina that were subjected to an intensive DDoS attack that was at its peak around ten days ago.

“It is hard to explain it to readers, but for instance, at one point you had 200 million requests to access the homepage, which of course no server can handle, so problems of accessibility occur,” Gojkovic-Arbutina said.

Such attacks by hackers, which Nezavisne Novine was last subjected to in 2019, make the site impossible for readers to access, she explained.

“It started with us first – we were under attack for ten full days – and there are also colleagues from Buka, from BN TV, Face TV, so I don’t know what the [hackers’] selection system was. I know that all these websites have great readership,” she said.

She added that it will take a long time to recover from the loss of readership caused by the attack, because when readers check a site several times and find it unavailable, they are unlikely to come back. But she said that the Nezavisne Novine newsroom is now trying to restore its readership.

Gojkovic-Arbutina explained that in order to counter the attacker, the type of attack needs to be studied.

“So when you actually identify the system that is attacking you, you can defend yourself, but until you have identified it, you are totally ‘unavailable’ at some points,” she said.

“When you identify the system and you increase your protection or you actually adapt your protection to the type of attack, you become more and more available and when you finally overcome it, you are completely available,” she added.

Face TV said that the attacks were ongoing intensively for seven days. It added that previously there have been attacks every two to three years.

“However, during the past week, they have been really intense, and we have had up to 300 million attempts to access our website in one day,” Face TV’s newsroom told BIRN.

“These are so-called DDoS attacks. They generally to shut down our page by sending an increased number of access requests through their software, thus flooding the hosting space,” it added.

It said that one of the effects of DDoS attacks is to create distrust of the site among readers, explaining that such attacks are usually used to reduce a media outlet’s income. But it said that Face TV believes that this was not the case with the latest attacks, which could be connected to the current political events.

Gojkovic-Arbutina said Nezavisne Novine has reported the attack to the police and the cybercrime department.

“We know where the attacks are coming from when it comes to these bots, but who the contracting entity is and where most of them come from, that should be investigated by the cybercrime department. We know they can do it, but they should demonstrate the will,” she said.

She added that nothing was done after Nezavisne Novine reported the 2019 attacks.
Aleksandar Djuric of the Cyber Security Excellence Centre, CSEC, explained that during DDoS attacks, hackers use network traffic from multiple sources to overload a certain server, network or internet resource.

“Imagine a DDoS attack as a situation in which a huge number of people are entering a shop at the same time, preventing other customers from entering,” Djuric said.

He explained that as well as suspending the provision of services, DDoS attacks can lead to a loss of data and damage the reputation of the organisations that are affected. He stressed the importance of a swift reaction if there is an attack, and the need to work with cybersecurity experts.

“What CSEC recommends to the media is to approach the Project Shield initiative for help, as it is a free service that protects web pages from DDoS attacks,” Djuric said, adding that CSEC was ready to help anyone with the implementation of the service.

In mid-April, CSEC and BIRN Bosnia and Herzegovina published the first Cyber Threat Report for Bosnia and Herzegovina, in which DDoS attacks were listed as the most common form of cyberattacks in the country.