Civilians cyberattacked Georgia in 2008 war

By

Attacks on Georgian government websites during the 2008 war with Russia were carried out by civilians - with little or no direct involvement on the part of the Russian government or military -- according to a new report.

The report from the U.S. Cyber Consequences Unit (US-CCU), an independent nonprofit research institute, says that whilst most of those carrying out the cyberattacks were Russians, sympathisers outside Russia joined in as the conflict continued. The organisers of the cyberattacks, however, had advance notice of Russian military intentions, the report said.

Moreover, according to the report, the forums used to recruit and arm the cyberattackers were primarily social networking sites, based in the Russian language.

Some of the web servers and addresses used to control and coordinate the attacks had previously been used by Russian criminal organisations. Also, the botnets used in the first wave of attacks were closely associated with Russian organised crime.

The tools for the attacks appear to have been written or customised specifically for the campaign against Georgia. For example, one tool repeatedly requested non-existent web pages, which overwhelmed servers as they looked for pages that were not there. It specifically targeted 17 different Georgian websites, according to the report.

“The most important lesson here is that Georgia was not prepared for anything of this sort,” Ariel Silverstone, an independent security consultant in Atlanta, told SCMagazineUS.com.

Georgia could have done several things to defend against the attacks, he said.

“They could have had better firewalls. Apparently, they didn't because some of the attacks that succeeded against them were very simple,” Silverstone said.

“Also, some of their sites were not patched,” he added. “And they could have simply shut off the connection to a specific group of subnets -- if an attack coming though the pipe is too strong, shut off the pipe, or divert it.”

“The real story here isn't about Georgia, of course,” John Bumgarner, chief technical officer at the US-CCU and primary author of the report, told SCMagazineUS.com in an email. “It's about the sort of cyber campaign that we can now expect to accompany most future international conflicts if they become intense enough.”

Other observers tend to agree.

“Worldwide, governments need to be more involved and coordinate better on cyber warfare issues,” Sam Masiello, VP of information security at MX Logic, told SCMagazineUS.com in an email. “Cyberwarfare moves at a speed much faster, and has the potential to cause more damage to critical infrastructures quicker, than any military offensive.”

See original article on scmagazineus.com


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?