Slashdot Log In
Russia and Georgia Engaged In a Cyberwar
Posted by
kdawson
on Tue Aug 12, 2008 02:10 PM
from the who-shot-first dept.
from the who-shot-first dept.
doctorfaustus writes "I first picked this up in bits and pieces last week off Daily Rotation. A more in-depth story is available at ZDNet, which reports 'a week's worth of speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia's Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the US, with Georgia's Ministry of Foreign Affairs undertaking a desperate step in order to disseminate real-time information by moving to a Blogspot account.' There is a question whether the computer work is being done by the Russian military or others. ZDNet's story offers further analysis of the attacks themselves and their origins. Some pretty good reporting." And reader redbu11 contributes the news that Georgia seems to be censoring access to all Russian websites, as confirmed by a Georgian looking glass/nslookup tool. The access is blocked on DNS level (Italy censored the Pirate Bay in the same way). Here are a couple of screenshots (in a language other than English) as of Aug 12th 5:40 pm: www.linux.ru nslookup — FAIL, www.cnn.com nslookup — OK.
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
Related Stories
[+]
News: The Pirate Bay Blocked In Italy 247 comments
imhassan tips us to news that The Pirate Bay has been blocked in Italy. Other attempts to block the popular P2P site have been somewhat less than successful. From TorrentFreak:
"Pirate Bay's IPs and the domain name are inaccessible, as they are blocked by ISPs all over the country. Whether these blocks will be very effective, however, is doubtful, since The Pirate Bay has already announced several countermeasures. An insider working at an Internet provider in Italy told TorrentFreak that all the relevant large access ISPs in Italy have complied with the request to block the popular BitTorrent tracker, which was sent out yesterday. Italy is taking a stand against BitTorrent sites, so it seems. Two weeks ago, the largest Italian torrent site, Columbo-BT, was shut down by the same prosecutor who is responsible for the Pirate Bay block."
[+]
Is There a Cyberwar, and Is the US Losing It? 320 comments
kenblakely writes "BusinessWeek is running a story asserting that the 'US
is Losing the Global Cyberwar.' This whole
cyberwar thing has been discussed a few times on Slashdot where the Chinese are asserted to be using
cyberwarfare to attain military superiority. And, of course, there is
the whole Russia-Georgia thing. Even
the US military is getting in on the action, and the fear
of a cyber
Pearl Harbor seems almost palpable. I'm curious
what the Slashdot crowd thinks about the growing fascination with 'cyberwar':
hype to get more money and create new force structure, source of the next
world war, or somewhere in between?"
[+]
Technology: Beyond Firewalls — Internet Militarization 83 comments
angry tapir writes "One of the discussions at the Source Boston Security Showcase has been the militarization of the Internet. Governments looking to silence critics and stymie opposition have added DDOS attacks to their censoring methods, according to Jose Nazario, senior security researcher at Arbor Networks, with international political situations spawning DDOS attacks."
[+]
Report Links Russian Intelligence Agencies To Cyber Attacks 57 comments
narramissic writes "A report released Friday by a group of cyber-security experts from greylogic finds it is very likely that the Foreign Military Intelligence agency (the GRU) and Federal Security Service (the FSB) directed cyber attacks on Georgian government servers in July and August of 2008. 'Following a complex web of connections, the report claims that an Internet service provider connected with the Stopgeorgia.ru web site, which coordinated the Georgian attacks, is located next door to a Russian Ministry of Defense Research Institute called the Center for Research of Military Strength of Foreign Countries, and a few doors down from GRU headquarters.' But Paul Ferguson, a researcher with Trend Micro who has reviewed the report, says it's a 'bit of a stretch' to conclude that the Georgia attacks were state-sponsored. 'You can connect dots to infer things, but inferring things does not make them so,' he said. One other interesting allegation in the report is that a member of the Whackerz Pakistan hacking group, which claimed responsibility for defacing the Indian Eastern Railway Web site on Dec. 24, 2008, is employed by a North American wireless communications company and presents an 'insider threat' for his employer."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Poor Atlanta... (Score:5, Funny)
Haha, LOL, but not really! (Score:3, Funny)
Russia: Yes, I would love to cyber
Georgia: 2 late lol..just got 3 msgs
Russia: Die
Georgia: ?
Russia: I winnuke you
Georgia: OH *@#@)(! I am still running win95!
Re:Poor Georgia...living under the Russian boot... (Score:4, Informative)
Parent
Propaganda? (Score:4, Insightful)
It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.
Re: (Score:3, Interesting)
Re:Propaganda? (Score:5, Insightful)
But since we invaded them, I would say it is absolutely reasonable for them to block our sites from their citizens.
Parent
Re:Propaganda? (Score:5, Interesting)
It seems to me that it depends on the situation. If the war's on our soil, blocking communication with the enemy seems fine. It also seems just fine to block our troops access to our enemies sites when they're on enemy soil. Also, if we're on their soil, blocking access to our sites seems fine. Basically, you want to interfere with orders being issued to a saboteur or similar and make sure that your citizens aren't subjected to foreign propaganda (only domestic propaganda).
Note that that's a very different thing than launching DDoS attacks on servers that blocks your enemies from accessing their own servers or communicating internally. That may be fine too depending on the situation. If you're disrupting military communications, that's probably OK. If you're blocking civilian access to sites advising them on emergency procedures or preventing them from accessing medical assistance, that's pretty shady.
Parent
Re:Propaganda? (Score:5, Interesting)
Sorry for the self-reply, but TFS just got more interesting with the computerworld thing.
Assuming that Russia cyber-bombing Georgia's sites is a valid war-time maneuver, is it also OK for them to do the same thing to the servers in Poland and Estonia that are now hosting the offending sites? If those sites are dangerous enough to be considered targets, can hosting those sites be viewed in the same way as supplying weapons to Russia's enemies? Methinks that we'll see some ugly traffic between Russia and these Estonian and Polish servers (that Russia will of course disavow all knowledge of).
Of course, the US is hosting too. Surely none of our Communist comrades would ever be brazen enough to launch attacks on servers hosted here? ;o)
Parent
Re: (Score:3, Insightful)
Re:Propaganda? (Score:5, Insightful)
It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.
If one country (Georgia) moves their websites to some other country (the USA) and the aggressor (Russia) continues the cyber attack, is the aggressor committing an act of war against the "other country"?
If it isn't an act of war, what should the "other country" do about the attack on their infrastructure/website.
Parent
Re:Propaganda? (Score:4, Insightful)
Parent
Re: (Score:3, Insightful)
Yes, that's a nice, logical, disinterested way to look at it. However it IS pertinent in that someday this is going to happen to us. Someone is going to attack on a large, coordinated scale and we had better be more prepared than what we've seen in the recent past. We do have a larger structure. Unless of course they are taking the electrical grids down (a likely target) which would cut off all mass communication in the area along with taking down our economy.
It should be somewhat alarming to those of us in
Well, that's a relief (Score:4, Funny)
I heard all this talk about a war between Russia and Georgia and got kind of anxious, but itturns out it's just a cyberwar. The media really should stop sensationalizing these things like that.
Re:Well, that's a relief (Score:5, Insightful)
This was not started by Russia.
Rather than getting into the "he did this, oh yeah, well he did this first" thing that will have us talking about Attila the Hun in short order... I'd just like to point out that Russia's latest response was pretty over-the-top.
Parent
Re:Well, that's a relief (Score:5, Insightful)
Though to be fair, if you go and kick a big, tough, strongman in the shins, you can't complain that he reacted disproportionally, and you're now in hospital.
Oh, no question there. Georgia was definitely reckless here.
but then they side with the Georgians against the mainly Russian South Ossestia.
I'm new to this as well and am still catching up on history. But I think that the Russians are more interested in control than they are in the welfare of 70,000 people in South Ossetia. They stuck their nose into a civil war, and then complain when their "peacekeepers" (who actually seem to run the government) get killed in the process. And then granting South Ossetians Russian citizenship when they are still part of Georgia? Well, that's pretty brazen. Even more brazen is claiming that now "Russians" are being killed in South Ossetia. They have effectively annexed South Ossetia... and now are grabbing even more of Georgia to "protect" it.
Parent
Re:Well, that's a relief (Score:4, Insightful)
Georgia never gave any Russians permission to act as "peacekeepers" in South Ossetia. If there were any armed Russian "peacekeepers" in South Ossetia they were operating illegally within another country's borders.
Georgia is _entirely_ within its rights to police any province within its borders. None of the allegations of genocide etc have even remotely been substantiated. Russia invaded Georgian territory, that's all there is to it.
South Ossetia is basically a tiny place, ie nowhere near the size of Kosova. If my town (Colchester, which has about the same population as South Ossetia) had a referendum, we might vote for independence from the UK. We wouldn't get it though.
Parent
Direct translation to Battlefield... (Score:3, Funny)
It seems that Georgian military units are pinging off the map, while russian units are enjoying first shot capability.
This has allowed the Russians to clear each map easily, with little resistance.
a Language other than English (Score:3, Funny)
Here are a couple of screenshots (in a language other than English)
It's Georgian. In language and alphabet.
Without country (Score:5, Interesting)
Re: (Score:3, Funny)
What's to stop widespread vigilante justice against either side?
Hot double agents who promise to aid the hackers in their jihad against perpetual virginity in return for non-interferenece.
NOT CYBER WAR, It's something else... (Score:5, Informative)
I've listened to NPR yesterday about this, and the best experts have been able to say so far is that it is cyber VANDALISM. No major infrastructure has been crashed. Hospitals and such have not been imploded.
There is even speculation that Georgians themselves crashed/trashed their OWN systems to exploit the current bad image Putin (yes, PUTIN is calling the shots, not Medvedev. Moreover, and ironically, a US-based outfit in, guess where... GEORGIA (yes, the state) offered and took on the hosting for the Georgian President's web site. Guess what? It wasn't working out. It was still being crashed/taken down. So, another party (seems to be Estonia) is helping out.
I really fracking wish some of these sensationalistic headers on Slash would get slashed.
http://www.npr.org/blogs/talk/2008/08/august_12th_show.html [npr.org]
Now, given that Putin/Medvedev claim Russian advances are immediately ceasing (purportedly) there really isn't "cyber warfare" going on, isn't there? If things continue, or escalate, THEN it might truly eclipse the bounds into "warfare".
I didn't know Georgia had computers (Score:3, Funny)
Oh wait, you meant the other Georgia.
In Soviet Russia... (Score:5, Funny)
Censoring access? I think not. (Score:5, Interesting)
I think the claim that Georgia is censoring traffic is probably misleading.
What's happening is that they've got incoming DoS-attacks, and have probably nullrouted quite a few russian IP-ranges. This probably includes quite a few DNS servers, making DNS lookups fail.
I haven't taken the time to _check_ any of this, but if you nullroute the DNS servers, of course DNS lookups will fail. If you're under a DoS, of course you nullroute quite a lot.
Teh Googles (Score:3, Interesting)
Hear from the security team defending the website (Score:5, Informative)
Isn't this an act of war against the U.S? (Score:5, Interesting)
CyberWar Weapon (Score:4, Funny)
Re:let it loose! (Score:5, Informative)
A grey hat, in the hacking community, refers to a skilled hacker who sometimes acts legally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
A black hat hacker would hack the firewall in order to get credit card numbers.
Parent
Re:let it loose! (Score:5, Insightful)
Define "legally" in a war...
Seriously, black hat, white hat, grey hat or technicolor hat, it kinda loses meaning when legality itself isn't really applicable anymore.
Parent
Re: (Score:3, Informative)
I think it's safe to say they are black hats- they're deliberately, maliciously attacking other networks. The distinguishing feature isn't legality, it's the goal of the attacker.
Grey hats generally disregard the laws but don't want to cause harm. Black hats steal credit card numbers, deface servers, and generally bork things up. White hats do the same as black hats, but with the end goal of hardening systems.
Re:let it loose! (Score:4, Insightful)
Isn't "causing harm" the idea behind a war? I mean, if I don't want to hurt you, your country, your economy, why bother going to war in the first place? So I can shoot people legally?
So is the attacking hacker a "black hat" and the defending hacker a "white hat"? I guess Russia would disagree.
Parent
Re: (Score:3, Insightful)
Define "legally" in a war... when legality itself isn't really applicable anymore.
Now that's just a bit too cynical. War itself involves a lot of actions where the combantants will disagree about legality, but it is meaningful to call some of them "illegal" as a bystander.
For example, if a Georgian troop goes into Russia and kills a Russian troop by firing at him with a rifle, Russia would certainly love to characterize that as "murdering" (i.e. illegal killing of) a Russian citizen. But it's not (in and of itself) a "war crime".
There exist widely respected protocols for what a well-in
Re: (Score:3, Insightful)
Define "legally" in a war...
See Conventions, Geneva.
Re: (Score:3, Insightful)
You mean the stuff you'll be tried for in Den Hague when you break it, unless you have bigger guns than the rest of the planet so they don't dare to pull you to the court?
Yeah, I'm sure Russia is afraid of that.
Re:let it loose! (Score:5, Funny)
We need a "hat colour" for a war hacker. This will become a lot more common in the information age.
Any takes on a good colour?
Digital Camo of course. Sheesh, what's your excuse? Your UID isn't THAT high.
Parent
Re:let it loose! (Score:5, Funny)
Parent
Re:let it loose! (Score:4, Funny)
hmm...Russia....RED hat hackers?!? ehh? ehhh?? get it?!
So... red hats... a bunch of old ladies [wikipedia.org]?
Parent
Re: (Score:3, Funny)
Re: (Score:3, Insightful)
Not as many niggers as US Georgia.
In Soviet Georgia, Blacks lynch you.
Yes, you specifically.
Re:You know what's great about Soviet Georgia? (Score:5, Funny)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Parent
Re:You know what's great about Soviet Georgia? (Score:4, Funny)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Yah, but they're mostly self-loathing caucasians, as opposed to white supremacists.
Parent
Re: (Score:3)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Yah, but they're mostly self-loathing caucasians, as opposed to white supremacists.
You think white supremacists don't loathe themselves? I always figured those who have to denigrate others to feel better about themselves must have a pretty low opinion of themselves to start with.
Re:You know what's great about Soviet Georgia? (Score:4, Insightful)
because the USSR spent 70 years building a large economy out of those little states, and they moved a lot of people around to keep the piece. Then the 1990's hit, the wall fell and the USSR was carved up into little ethnic groups while NATO held a gun to Russia's head. Now that the US is over-committed it's a good time for Putin to grab some home points and get some wayward "states" back.
Parent
Re: (Score:3, Funny)
"Russians, Georgians, and Niggers are all sub-human."
History of the Internet, Chapter 5: David Duke gets his first email address, Slashdot account.
Re:How much more of this until browsers adapt? (Score:4, Interesting)
Parent
Re: (Score:3, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
Re:How much more of this until browsers adapt? (Score:5, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
It's actually /etc/hosts, believe it or not.
Well, or something like C:\Windows\System32\etc\hosts. But the format is identical, save for maybe using \r\n instead of \n (and I'm not even sure about that).
Must be all that BSD code in the Windows IP stack.
Parent
Re:How much more of this until browsers adapt? (Score:5, Informative)
Parent
Re:Uh? People? (Score:4, Insightful)
Parent