Dhiraagu has become the latest high profile victim of Maldivian cyber crime after continued attacks on the company’s servers during the last few days led to disrupted internet services for its customer; a development that police say serves to highlight concerns over attempts to disrupt the internet services and web sites of state institutions in recent months.
Dhiraagu’s Communications Manager Mohamed Mirshan Hassan said that the company had come under continual denial-of-service (DDoS) attacks since Thursday that had impacted its web services in recent days. Although Mirushan claimed that Dhiraagu had been able to mitigate the impact of the attacks and maintain some web service, he said that the company could not guarantee the situation would not happen again after having experienced a number of similar problems with DDoS since 2009.
The Maldives Police Service today said that it has arrested four individuals suspected of involvement with the attacks after conducting special operations last night at addresses both in Male’ and Addu Atoll.
Three of the suspects were confirmed to be under 18 years of age.
According to police, the country has undergone a number of attacks on government and its own websites in recent months, which has led to specially trained officers focusing on trying to prevent criminal activity online.
Police Sub-Inspector Ahmed Shiyam said that it had managed to apprehended a number of suspects through its own cyber crime team in relation to such attacks, which it said were suspected to be the work of local individuals rather than foreign bodies or groups.
“In previous cases [of cyber crime] we have found it is young people and teenagers that have been involved,” he said. “They often do not demand any reward or payment for the crime, but commit them out of their own interest and amusement. The police are working closely with government on this issue and we take it very seriously.”
In terms of prevention, Shiyam claimed that the police were able to track individuals suspected of conducting cyber crimes relatively easily, but suggested that prosecution remained problematic in certain situations.
“It is challenging, because we are treating cyber crime very seriously,” he said. “We are hoping that new regulations will be passed to help prosecute in the future.”
According to Dhiraagu, a DDoS attack commonly refers to overloading a system or server with information preventing it from functioning properly, recently seen with the difficulties in loading certain web sites. Mirashan said these attacks were equivalent to thousands of cars trying to travel all at once down the two way lane of Majeedhee Magu.
“Dhiraagu has been receiving these type of attacks before since August 2009, but this is one of the largest we have experienced, it is very organised” said Mirushan. “We have been working with our counterparts both in the country and overseas around the clock in order to try and minimise the impacts of the attack on our services.”
Mirushan claimed that similar notable DDoS attacks of late had included targets such as credit groups like Master Card and Visa along with other prominent organisations that had been shut down for prolonged periods of time in certain cases, highlighting the magnitude of disruption that can be caused.
“These are quite common attacks on big global networks. However, DDoS is not directly related to issues of online security,” he said. “They relate to huge amounts of data packages being sent to flood a network.”
According to a recent report by the BBC, online attack mechanisms such as DDoS have been adopted by politically motivated hackers or “hacktivists” to pursue vendettas against companies and groups such as those claimed to have opposed the controversial “whistle-blowing” website Wikileaks.
When visa.com can be brought down by a 16 year old, what can Dhiraagu do? We really need good cyber-law here. Talking of law, I think we need good laws in every other area as well.
It is revealing of a disappointing mindset that young children in this country often first want to learn 'how to hack', instead of say, programming or software design.
I say this from experience, from the sheer number of young cousins and relatives that approach me to 'teach them hacking' (the word they use to refer to cracking websites or breaking into others' computers)
I often respond by asking if they would not rather learn how to build something than to break it?
There is something of an unfortunate, misplaced and misguided 'cool' factor among little children these days that drive them towards pointless, destructive habits like these.
To any such kids reading this, my advise is this. Any two bit carjacker can hotwire an ignition to illegally take over a car, but that in no way makes him an automobile engineer.
If you're genuinely interested in computers/technology, make the efforts to actually learn concepts of software and programming, and build beautiful things with that knowledge. It is far more rewarding.
clearly "yaamyn" has never hacked before.
Corporate espionage is quite well established in Maldives. Especially measures to protect against such hacks..
This is particularly the case in Dhiraagu. This company represents a formidable challenge to internet users who are also hackers.
People are talking about law here and expecting Reko Moosa to write laws, I doubt he can even spell "cyber". Those kids are really smart, its due to bring this blood sucking company in Maldives. Cable and Wireless as part of British colonialism is minting money on small nations. There are much capable Maldivains now can run these high tech business, if we have good political system without corruption. Before MDP came to power they talk make Dhiraagu 100% Maldivian company, as soon as they came to power they also made the same deals Gayyoom did with British.
Dhiraagu needs to invest more in protecting its network. During this attack, it looks like the attackers took out its DNS servers; a very effective way of making all *.mv sites unreachable.
There are well know techniques to prevent such elementary DoS attacks!
You cannot eliminate 'hacking' by telling kids not to do it. It's almost guaranteed, that they'll do it again and again simply because it's seen as 'cool'.
To the kids in Maldives, my advice is you can hack things with a kathivalhi. You can find a kathivalhi at the local market. Try hacking a coconut or a watermelon. Advanced hacking can be done with a feyraa.
The service counters at Dhiraagu front office experience DDOS attacks. Why doesn't the police arrest people trying to pay their bills? Why?
during 1984 AT&T network was on their knees as Paul ,Mark , and Gang attacked . At that time they were high school kids.
They got sentenced but later Government gave them great jobs as they had immense talent.
As a result one of them became NSA (National Security Agency )consultant
in my opinion talking about the laws of cyber crime such as Internet proper use policy is itself an unacceptable,limiting a service for its consumers although they buy the service at any value the providers decide.It will be fair only if the point "the price should match the value of its speed,bandwidth and amount of use to meet the customers desire", is included.They used to fed on Maldivians blood for a number of years.I think we haven't found any laws to protect the poor maldivians who were unable to deny the service although the price were so high...they used it to call their sons,daughters who were studying at male',husbands abroad...where is the laws to protect the call id 1rf daily,the high sim cost,call rate...so i dont think this is the only time we all have to talk about laws...why to make laws to protect a single firm only...i dont believe laws to protect only riches...so unfair...give our deliberate money back..give a better service,make the price to meet its value.
Dhiraagu deserves it. this ugly monopoly company shall be dismantled. why, because of it no other company can thrive. they are on wired network aswell as wireless network in rajjethere. this is too much. why cannot they allow others to implement wifi networks in the country. why shall it have to be dhiraagu only? is fathuhulla jameel still a memeber of dhiraagu board? they paid him bribes to keep their monopoly in mamoon era. dunno what they are doing now. what i know is this is a curse of a company to madives. if not for wataniyya they will still be charging 3rf per minute on mobile.
Agree with Jameel(if not for wataniyya they will still be charging 3rf per minute on mobile)
and I personally think Dhiraagu shud be ashamed of this whole thing...Teens brought down the Major ISP in Maldives? shame Dhiraagu and shame on Mirshan to come on TV and say they have proper Security....Keeps me wondering what foreign more advanced hackers could do to Maldivian economy...huh?
Dhiraagu is a blood-sucking monopoly which has cheated Maldivians from the beginning. I am asking everyone here, how much competition really IS there for Dhiraagu, despite Wataniya coming in? Prices have been reduced..yes, but Wataniya has still been restricted a lot of privileges that Dhiraagu enjoys. And speaking about the Internet, what kind of company charges 690 rufiyaa for a 512kbps package per month in this time and age? And that being the only unlimited package available, we see them advertising their "fast" 10mbps and such, which is limited. So, if we want to download at faster speeds, then we have to pay 5000 rufiyaa and more, but if we want to have unlimited downloads but at speeds slower than advertised, then we go for the unlimited package. The moment restrictions don't exist anymore, Dhiraagu, a corrupt company, will fail. And agreed with Jameel. Dhiraagu DID deserve this. If kids can bring down their whole network, then I guess pro hackers can use Dhiraagu as target practice right?
Some people do not know the difference between Distributed Denial of Service (DDoS) attack and 'hacking'. People tend to think that DDOS is hacking. Kids can be kept at the front to operate although these attacks are deisgned by professional through impersonated trojans/ virus scripts such as free games, wallpapers, MSN plus, .exe applications, etc...
Dhiraagu has done a good job in mitigating the attacks and avoiding any major service interuptions and they are the most technologically advanced company in the Maldives.
I have my confidence in Dhiraagu and will remain as their customer. Wataniya is foreign company and they have no concern for the benefit of Maldives. All they are here is to take from us and give to Kuwait. As for ROL they should do better to win the hearts and trust of maldivians.
EPIC FAIL!
Why is it that they are DDOSing only towards Dhiraagu and why not Wataniya or ROL? If its about price then it should go to all 3 and if its about quality it should go to Wataniya and ROL as i believe Dhiraagu quality is much better when compared with the other 2.
So this does not make sense to me and also I am using Dhiraagu with a choice not that they are forcing me to. If i feel they suck then I will move to ROL or wataniya. So the group claiming to undertake the DDOS are not benefiting me or the larger population because I dont think anyone will want to negotiate with pirates or terrorists. They are criminals regardless of age/sex for conducting such acts that disturb public services. A cyber law needs to be passed and such criminals need to be brought to justice.
amayyai...
@Azmi, whats quality about dhiraagu than wataniya?.
i'm very disturbed when people try to say hacking and DDOS are two different things. hacking, programming, DDOS, web surfing are the same thing. the programmers behind the dhiraagu DDOS (DDDOS) are extremely clever and we should take extra care in how we deal with such expert hackers.
Azmi why Dhiraagu, because those kids are fed up of Dhiraagu's snail speed, the way they were fed up of Gayyoom's 30 years old regime. Its time to say NO to Dgiraagu and open Mlaidves telecommunication for healthy competition.
Dhiraagu, STO, and a few others are trying way beyond any other institutions to provide quality service to the customers.
Take mwsc. Just how many islands have got clean water and sewerage? How many islands have got medical personnel? Police presence? Mndf protection of eez? And oh my, the judiciary taking the cake!
It's extremely difficult to provide services to far flung islands and continue to do so. Bear in mind maldivian psyche, where you take more coffee breaks than work packages. Kids to be dropped to school. It's the single most reason why civil servants is so lethargic. Overstaffed and under performiing. And why Anni finds it difficult to whip into shape.
So what's the hell are the Maldivians complaining about? Why don't we try and be civilized. Think. Reduce the number of islands we live in. Instead of 200 odd, go for 5-10 islands. I'm sure all services will be cheaper and better served to the communities.
Quit bickering and work towards a constructive Maldives.
Why not open electricity and water to an open bid? Like they did to mobile operators?
I can imagin more cooler packages. 50 rf for 10 ton of water??Extra ton @ 10 mrf??lol
@Ahmed:
"Quit bickering and work towards a constructive Maldives."
This is not an exclusively Maldivian problem. All nations have their 'bickering' and 'lethargic' citizens. Look at the USA, or Western European nations. These countries have powerful lobbies that try to protect the rights of the 'lethargic' ones.
This is not an excuse to be 'lethargic'. In a globalised economy Maldivians cannot afford to be so. Look at Sri Lanka; since the end of the civil war, that economy is growing at astonishing speed. Maldives used to enjoy a position of peace and tranquility due to the troubles in Sri Lanka. Not anymore. Maldives will be eclipsed pretty soon; and rightly so.
The telecommunication in Maldives has competition and this is why we see ROL operating for over 8 years and Wataniya (giant middleast company) operating in Maldives for over 5 years but still they are unable to come close to Dhiraagu. Unlike before Maldivians now have a choice, they have the freedom to chose their party, they have the freedom to vote for their preferred candidate, they have the freedom to chose their internet provider and they also have the freedom to chose their mobile operator. However, majority still prefer Dhiraagu and this is because Dhiraagu offers a better service, they play a major social role and because majority of people like myself have confidence in Dhiraagu. Oh! besides that the Maldivians have a 48% stake in the company and from what i gather its all maldivian staff operating the company unlike Wataniya who takes 100% of the money they make to Kuwait and also they have more foreigners working than Maldivians.
Yea.. what about ROL.?. well ROL will be ROL, dont think they wold ever know what customer service is and its an individual's business.
Dhiraagu is Cable & Wireless. Cyber-security should be run by a specialized MNDF unit, and their arm should reach above and beyond Dhiraagu protocols as far as access and security is concerned. Esp for governments servers. Else the risk is always there- it has been so for many years.
Before mass paranoia sets in, we need to realize how helpless we are, and bring down foreign service providers. There is nothing you can do about it.
haseena: 'hacking, programming, DDOS, web surfing are the same thing."
Wow, then I've been hacking Minivan News about twice a day for months now 😉
Probably the right word for what many script kiddies call 'hacking' is perhaps 'cracking'. Hackers aren't necessarily bad or have malicious intentions.
That said, I just saw a blog/pretend-newspaper that says these kids should be given some kind of job in Dhiraagu for being such expert 'hackers'.
That's the kind of clueless reasoning that would imply all of 4Chan should be hired by Paypal and Mastercard, because clearly, if they can bring down the servers, they must be experts right?
Wrong. DDOS attacks are hardly rocket science.
I think Dhiraagu did a commendable keeping things running despite what appears to be a well-organized attack.
Another thing I do not understand is the hatred for 'Cable and Wireless' taking away the country's wealth to UK. How is that better than Wataniya that is, to my knowledge, FULLY owned by a foreign company, and has a largely foreign management?
@yaamyn
right now i'm hacking the minivannews comment 'system'.
the kids should be given jobs as cashiers at dhiraagu front office. this is where we see most DoS attacks in maldives.
regarding taking away the country's wealth, if there was some way we could export stupidity and make a profit.
@Thashigandu
"Before mass paranoia sets in, we need to realize how helpless we are, and bring down foreign service providers. "
That sounds like real paranoia to me. By bringing "down foreign service providers", how do you propose to provide a 21st century telecommunication service in the Maldives? With coire-rope and coconuts shells?
its only the begining....
who benefits from these attacks? can "kids" do this for fun? is there money involved to get this done? if so who will invest so much money and what is the return? can i ddos a company like dhiraagu using my home connection? how much does it cost to carry out a ddos of this magnitude? too many questions here that we don't still have answers to. anyone ?
@Mondhu: Good questions and I applaud for raising those. My initial response to those questions would be it would be in the best interest of Wataniya or ROL when such attacks are targeted towards Dhiraagu. Having said that, it leaves me to thinking if any of them (or both) have a hand in funding for those attacks at Dhiraagu 😐 After all, when Wataniya and ROL have no other means than play dirty. Money talk.....