Is CYXYMU the first "digital refugee"?

The blogosphere is about to explode with buzz about CYXYMU, a Georgian blogger writing predominantly in Russian, who may have been the real target of cyber-attacks that made Twitter, Facebook, and LiveJournal inaccessible on August 06, 2009 (ominously close to the anniversary of the Russian-Georgian war of the last year).

I won't lie: I am happy we are finally beginning to address this issue. CYXYMU's problems - which have plagued his blogging for more than a year now - have turned him into the first  "digital refugee", perhaps, the best term to describe his tireless forced migration between various blogging sites to ensure that his message gets heard. I have been calling attention to CYXYMU's problems for months now, and this brought no results. Here's me in February 2009 in Project Syndicate

Whenever manipulation efforts fail, cyber-attacks offer yet another powerful tool to crack down on dissent without triggering public accusations of formal censorship. This is what happened to a Georgian (known by the screen name cyxymu) who used his blog on LiveJournal to criticize how both governments handled last summer’s war. A series of cyber-attacks followed, and was so devastating that the entire service – with its millions of other blogs – crashed, forcing LiveJournal administrators to delete his account temporarily.

And here is me again on the same issue just a few months ago in Dissent (full version of the article is also available from my Web-site)

 A refugee from the earlier war in Abkhazia, CYXYMU emerged as one of the most visible and consistent critics of how both the Russian and Georgian governments handled last year’s war in South Ossetia. Blogging in Russian, he has cultivated a relatively large following in both countries, particularly among the users of LiveJournal, one of the most popular blogging platforms in post-Soviet cyberspace. However, in October 2008, somebody got angry at his writings, and his blog—also hosted by LiveJournal—fell victim to a massive wave of cyber attacks, so severe that millions of other LiveJournal blogs became inaccessible for more than an hour. The only way to reduce the damage was temporarily to delete CYXYMU’s account from LiveJournal, which its administrators did. Cyberattacks followed the blogger even after he set up a new blog on, another popular blogging platform (his account was quickly deleted from there as well). DDOS attacks against his new and old URLs continued unabated for more than six months. We should recognize CYXYMU for what he is—a “digital refugee” and a victim of geopolitics playing out in cyberspace, where free speech is possible in theory, but increasingly unavailable in practice.

So as someone who has been watching CYXYMU's problems for a while now, I have a more nuanced take on what has happened. In short, I think that the current wave of attacks had one objective: to flesh attackers' cyber-muscles by revealing the kind of leverage that CYXYMU's detractors have on the Internet's most popular sites. Make no mistake: these attacks on Twitter and Facebook were NOT about silencing him down or thwarting the distribution of information that would Kremlin feel uncomfortable. Most of CYXYMU's critical views are to be found elsewhere: they are published on his LiveJournal blog (and its back-up version, also hosted by LiveJournal, to be used when the main one is not accessible), which also suffers from regular cyber-induced outages (LiveJournal itself also suffered in the current wave of attacks).

If you carefully look at CYXYMU's Twitter account (most of it in Russian), you will see that there is really no information of ANY political significance there. He's been tweeting since late December 2008, produced 41 updates, and most of them had nothing to do with politics (here are some typical updates: "Summer is good!", "Life is great! I am recalling all the jokes about mothers-in-law", "Oh those bureaucrats").

This is definitely not the kind of stuff that threatens Kremlin. For those who do not follow the Russian-speaking blogosphere, I should point out that CYXYMY is not a crusading investigative journalist who produces breaking stories that challenge the regime; he's more of a pundit who has very articulate and predictably Kremlin-bashing views on the regional conflicts. His blog is also somewhat of a news hub: he has done an amazing job of keeping his followers in the loop as to what happens in Abkhazia and Georgia, the two regions that are not exactly in the center of media attention (even in Russia). He's definitely NOT the blogosphere's version of Anna Politkovskaia; it is his opinions and visibility - rather than his revelations - that have made him an important target.

Thus, I think that the attackers' real goal was humiliation, not censorship (however, more on the censorship part at the very end). A secondary  goal was to generate awe-inducing headlines about Russia's cyberpower all over the Web; there is no better way to do it these days than to make Twitter inaccessible for a few hours.

However, we should keep in mind that we still don't really know if there is any connection to the Kremlin, even though the scale of the attacks (and the costs associated with it) suggest that they probably had a sponsor (nevertheless, it's also true that there are plenty of rich people in Russia who are not exactly fans of the current Georgian government; furthermore, there are surely some people in Georgia who think that generating negative PR for Russia by attacking a Georgian blogger is not exactly a bad deal).

The amateurization of cyberwarfare has been one permanent feature of virtually all recent cyber-attacks that somehow implicated Russia; it may be part of a broader Kremlin effort to "crowdsource" its defenses and offenses to groups of nationalistic vigilantes, not just in cyberspace. Thus, recent news reports suggest that Nashi, Kremlin's youth arm, will soon be recruiting up to 100,000 problematic teenagers to form ARMED militia units that would patrol the streets. It would make some sense if they also invest into units of "cyber-vigilantes" who would be patrolling cyberspace, particularly given the rising importance of the Internet in Russia's public life.

None of this, of course, excludes the possibility that some ordinary non-Nashi net-savvy Russians might be behind the recent attacks; we simply do not know it for sure (well, to show you how much this debate is driven by conspiracy theories: we do not even know if CYXYMU himself may have attacking his own web-sites to generate additional publicity for himself or the Georgian cause; this is not likely but plausible).

However, now that the media bomb has now finally exploded, we are poised to see thousands of stories about CYXYMU. However, I actually disagree with those who think that attacks on CYXYMU's blog would backfire through the Streisand effect, i.e. make the previously unknown CYXYMU into a global blogging star.

That's unlikely to happen for several reasons: first, he doesn't speak English well enough to muster international support and attract a huge following (however, this is where people close to Saakashivili, Georgia's President, have to be really creative and spend their lavish PR budgets on working with CYXYMU and presenting him as a martyr of free speech: his story has all the right ingredients to generate more publicity and compassion than Saakashvili himself could ever dream of). Second, let's not kid ourselves: in the absence of Twitter downtime, nobody gives a damn about Abkhazia and Georgia.

One immediate danger here is that we will spend the next few days arguing about Russia's cyberwarfare ambitions, while, in fact, we should be talking about ways to protect freedom of expression online. Yes, the attacks - and their consequences - did show the fragility of the Internet, but even more so they revealed that we do not yet have robust and resilient models of protecting free expression online. Remember what happened to CYXYMU's blogs in last year's attacks, when they were not nearly as publicized as this year? Yes, that's right: CYXYMU's blogs were deleted by the platforms that had been attacked (LiveJournal and WordPress amongst them), since there was no other way to stop them.

By now, CYXYMU is too public for Twitter or Facebook to remove his accounts without causing universal outrage, but how many other bloggers like him are there? There was virtually no coverage in the English-language press of the earlier attacks on CYXYMU - in part, because they targeted sites like LiveJournal and WordPress that are not in the news as often as Twitter - but I am afraid that much of the controversial and really critical blogging happens precisely on sites like this (e.g. QQ in China or Orkut in Brazil and India, etc). Thus, we don't really know how many other bloggers are in CYXYMY's shoes these days. But I bet that there are quite a few - and there will be many more, as the cyberwarfare options becomes even more available to amateurs.

The real problem here is that in the absence of strong and public commitments to defending freedom of expression, most Web2.0 companies would inevitably lean towards organizational efficiency and cost-optimization - i.e. deleting problematic users, particularly if solving their problems eats up too much of corporate resources and staff time.

However, these problematic bloggers - the new dissidents - are usually the ones who need protection the most, simply because they find it even harder to deal  with censorship and cyber-attacks on stand-alone blogs and web-sites. Thus, they flea to Facebook and LiveJournal, thinking that the scale of those services will help to protect them. However, as we have just witnessed, the offensive capacity of those launching cyber-attacks currently outweighs the defensive capacity of those who find themselves on the receiving end.

Targeted cyber-attacks on popular Web services like Twitter and Facebook also present the strongest antidote to Ethan Zuckerman's Cute Cat Theory, which states that to avoid being censored activists should place their online presence right in the middle of mundane and trivial spaces (e.g. people sharing videos of cats), because their governments won't be bold enough to censor those ones. Well, as we have seen in the case of CYXYMU, if bloggers do irk somebody, they might be still be silenced - this time not by a government fiat blocking the service, but by targeted cyberwarfare campaigns against the sites that host that blogger, no matter how trivial those are.

This is what I call "Terms of Service Censorship", because, technically, the blogger's account would be deleted beause they violate the site's terms of service (i.e. attracting cyber-attacks and thus slowing down the site for everyone else) and thus it all appears perfectly legal and acceptable; thousands of accounts are removed because of "ToS", so adding a few more is not going to be a problem.

I do hope that in the current media storm over CYXYMU, we would at least broach this subject, because, as far as I am concerned, suppression of free speech is the most significant and dangerous consequence of cyber-attacks on popular blogging and social networking services.