Jamestown Website Restored After Malware Attack

Age: 10 years

The Jamestown Foundation website was inaccessible to most web users on Thursday, February 6, owing to a malware attack. After an investigation, we identified and resolved the problem: a section of JavaScript code inserted into the site’s main template by an unauthorized user. The website returned to full function the same evening. We have not yet determined the purpose of this code, but believe that it was added on the morning of February 6 at 3:08 A.M. Most up-to-date web browsers were able to detect the malicious code and blocked access to the website, but users who were able to access the site during the day are advised to clear their browser’s history and data and to run an anti-virus scan on their computer. We believe that it is now safe to visit the website, and are continuing to investigate the nature of the attack and to upgrade our web security.

Publication of Jamestown’s newsletters covering Eurasia, China and terrorism continued via e-mail while the site was down.

Given that February 6 marked the starting events of the Sochi Olympics, it is likely that the attack was motivated by political concerns related to The Jamestown Foundation’s efforts to provide timely and accurate information about the North Caucasus, a turbulent region of Russia closed off to most Western observers. The threat of terrorist attacks associated with the region has dogged Russia’s preparations for the Olympic Games. The Jamestown Foundation suffered similar attacks in September 2012 and the summer of 2011. Investigation by the Foundation’s web hosting company was able to place the source of the 2011 attack in Chechnya, a North Caucasian region in which all web servers are owned by the Russian government. An outside investigation also suggested that the 2012 attacks originated in the region. At least one other website associated with the North Caucasus, that of the Circassian organization No Sochi 2014, was attacked and disabled on the same day.

At this time, we believe that the present attack has been resolved, and that it is safe to visit The Jamestown Foundation’s website. We thank you for your patience, and look forward to continuing to provide accurate and timely analysis of political and security developments in the North Caucasus and across Eurasia.