In what may be the first instance of government-supported information warfare, an Irish Internet service provider is accusing Indonesia of attacking its computer servers. The Indonesian government denied the allegations.
Connect-Ireland hosts the .tp country code domain for the disputed territory of East Timor, which has been under Indonesian occupation for almost 25 years.
"I believe the attack was sponsored by the Indonesian government," said Martin Maguire, Connect-Ireland's founder and managing director. "I have lodged a complaint with the Indonesian Embassy in London."
An embassy spokesman dismissed the charges.
"The Indonesian government has no interest in attacking Irish companies," the spokesman said. "These claims are baseless and without any proof."
Indonesia annexed Timor, located between Australia and Indonesia, in December 1975 and the island has been fighting for its independence since. On Wednesday, Indonesia's legislative assembly said it might consider granting independence to the troubled province after the country's 7 June national election.
In 1996, Connect-Ireland partnered with East Timor civil rights activists and registered the .tp top-level domain. Protesters have used the domain to distribute information about Timor's struggle for independence.
Connect-Ireland said its computer systems have been attacked for the last nine months. Last week, crackers smashed through the company's security defenses and began to re-register East Timor top-level domain names.
"These attacks were systematic and took place over the course of a long period of time, from 18 different locations, and were targeted at the .tp domain name," said Maguire. The attacks originated from Australia, Japan, Holland, the United States, and Canada.
"This, and the fact that I have been getting phone calls telling that I must stop hosting the East Timor domain, leads me to the conclusion that this is no ordinary hacker attack," Maguire said.
Crackers have been systematically working to break open Connect-Ireland's computer BSD UNIX system since last March, according to Maguire. They launched a series of buffer overflow attacks to breach Web servers, where they defaced Web pages. They also launched denial-of-service attacks, rendering the servers useless.
"We began to get worried when they succeeded to create a buffer overflow attack on our name daemon," he said, referring to a specific exploit against a process running the ISP's domain-name system.
"We waited a while and watched what they were doing but then we disconnected all our computers when they managed to execute a buffer overflow in our POP [ email ] daemon."
If Maguire is correct and the Indonesian government sponsored the attack, then it would be the first documented instance of cyber warfare. In Senate testimony last year, the director of the National Security Agency told the Senate Governmental Affairs Committee that in 1997 the Chinese had included computer warfare in a military exercise.
However, many doubt that Indonesia even has the capability to carry out such an action.
"Its seems unlikely that the Indonesian government sponsored such an action," said Space Rogue, editor of the Hacker News Network. "Indonesia is not known to pursue an information warfare agenda. It's more likely that is was some cracker or group of crackers sympathetic to the government's position."
Connect-Ireland is currently offline while technical staff upgrade hardware and software in the wake of the attack.
Indonesia has previously been the subject of attacks from hacktivist groups protesting the nation's occupation of Timor. Since October 1997, a group called Portuguese Hackers Against Indonesia has launched intermittent attacks against Indonesian networks.
In August 1998, in an effort to raise awareness of alleged human rights violations against ethnic Chinese in Indonesia, Internet vandals began scrawling protest messages across that country's Web sites and sending mailbombs to Indonesians.
