Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Georgia Cyber Attacks By Russian Gov't? Not So Fast

Let's try to understand what is really happening online between Georgia and Russia, and what it means.
Page:

In recent days, news and government websites in Georgia have suffered DDoS attacks. While these attacks seem to indirectly affect the backbone of the Georgian Internet, it is still there.

News reports popped up everywhere, along with supposedly informed technical analysis, claiming anything from the Georgian Internet routes being hijacked to Russia launching a cyber offensive, but with little proof.

Let's try to understand what is really happening over there, and what it means.

Facts: 1.) There are botnet attacks against Georgian websites.

2.) These attacks affect the Georgian Internet infrastructure indirectly, due to the mass of traffic sent, but the Internet is still very much there.

3.) Some Georgian websites have been defaced with political statements.

4.) Unrelated, a media war is being fought.

Up to the Estonian war, such attacks would be called "hacker enthusiast attacks" or "cyber terrorism" (of the weak sort). Nowadays any attack of a political nature seems to get the "information warfare" tag. When 300 Lithuanian websites were defaced last month, "cyber war" was the buzzword, even though it ended up being an internal Lithuanian matter.

Running security for the Israeli government Internet operation and later founding the Israeli government CERT, I found that such attacks were routine. Seeing the panicked reaction this type of attack has generated seems quaint from my perspective. Not all fighting is warfare. While Georgia is obviously under DDoS attacks that are political in nature, it doesn't so far seem different from any other online aftermath by fans. Political tensions are always followed with online attacks by sympathizers.

DDoS attacks harm the Internet itself rather than just this or that website, which often requires some of us in the vetted Internet security operations community to get involved in mitigating the attacks, if they don't just drop on their own. Our purpose is not to get involved in any local situation, but rather to preserve our common global critical infrastructure - the Internet.

Could this somehow be indirectly related to Russian military action? Yes, but there is no evidence to indicate it is the case as of yet. If anything, the opposite seems likely at this point in time.

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

References show all
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Protecting Generation Web
    From data privacy to personal safety issues, cyber-bullying, inappropriate content and malware, schools are facing an increasingly difficult task when it comes to allowing young people to spread their online wings without compromising their safety and personal development. The reality that most schools are catering to the needs of mixed age groups and abilities, and it’s easy to understand why a simple stop and block approach won’t work. Learning environments are, by nature, flexible. It stands to reason that the IT resources used in them should be flexible too. Read on.
    Learn more »
  • Fixing Your Dropbox Problem - How the Right Data Protection Strategy Can Help
    It’s estimated that more than 50 million people have used public cloud storage services such as Dropbox to share and exchange files. Public cloud services are so easy to use that their openness can undermine existing IT policies regarding the transmission of confidential data. With data volumes threatening to overwhelm onsite storage, IT managers are looking to find a solution that’s affordable and secure. This paper details a simple three-step approach to helping users manage access to the public cloud without placing your data or your business at risk. Read on.
    Learn more »
  • Using Application Control to Reduce Risk with Endpoint Security
    Unwanted applications, like games, result in productivity loss. This is often the primary consideration when applying application control. But unauthorized applications also increase your company’s risks of malware infection and data loss. This paper details how endpoint security solutions that incorporate application control provide the most efficient, comprehensive defense against unauthorized applications.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments