Georgia Cyber Attacks By Russian Gov't? Not So Fast

Georgia Cyber Attacks By Russian Gov't? Not So Fast

Let's try to understand what is really happening online between Georgia and Russia, and what it means.

In fact, I unintentionally started bigger so-called "wars" on my own when talking to the Israeli press. One such example was three years ago when 180 Israeli websites were defaced by unaffiliated Turkish hackers. Enthusiasts responded to the news story in comments and then attacked the "other side." I learned to avoid the press on such matters.

While I apologize for the analogy, after 9-11 Israelis were shocked. We were sympathizing, emphasizing and crying for the victims. What we did not understand was why people were still shocked 10 minutes past, as this was a normal every-day life happening for us over here. The same applies for cyberspace, where we have gotten used to this.

The difference in this attack was that the Georgian authorities, like numerous others around the world, were not prepared to fend off such an attack.

In my article "Battling Botnets and Online Mobs" (.pdf) for the Georgetown Journal of International Affairs coverage of the Internet war in Estonia, I quoted Martin van Creveld who predicted how our opponents will no longer be just countries, but organizations, decades ahead of his time. It is my stated belief that on the Internet playing field any individual or loosely affiliated group can be that player in an information warfare scenario.

How will we be able to tell if Russia was somehow sponsoring these attacks? If we end up suspecting it as likely, we probably would still never be able to know with complete certainty. That does not mean Russia won't make use of these attacks to their benefit. In the aftermath of the Estonian war, Russia used the incident to create a stronger deterrence against the former Eastern-block nations, affecting international politics and the security of the region.

One claim which has been made is that these botnet attacks against Georgia had been staged for a while before the attacks. Shadowserver, as one reliable source, released information that shows how DDoS attacks are a regular occurrence, world-wide, and that attacks against Georgian websites before the military engagement in the field in recent days were not necessarily relevant, as sites which were attacked ranged from gambling to pornography rather than political targets.

If it indeed isn't Russia, who attacked is a much scarier notion as that means this was all done by kids (read amateurs).

Other seemingly unaffiliated action was in the form of spam e-mail messages. Call it outreach, call it propaganda or call it brilliance or even desperate measures, spammers who favor the Georgian side in the recent conflict have been spamming using e-mail to get their point across.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments