Russia Accused of Cyber-War Against Estonia

earthlingpink writes about the ongoing DDoSing of Estonia. The Guardian is reporting that Russia stands accused of engaging in a three-week-long series of cyber-attacks. Government, banking, and media websites have been targeted. It is unclear whether the attacks are sanctioned or initiated by the Russian Government, but Estonian authorities believe that to be the case. NATO has sent security experts to Tallinn to help beef up defenses. The Estonian defense minister said, "At present, NATO does not define cyber-attacks as a clear military action. This means that the provisions of... collective self-defense, will not automatically be extended to the attacked country... this matter needs to be resolved in the near future."

I can confirm

As an American-Estonian (1/3 Estonian on my Mother's side), I can confirm that Russia has been attacking my programming project, making it impossible to debug. And THAT boss is why the project isn't done yet! What can I do when all of Russia is against me?

Where did I hear about this attack? Uh.. slashd... an on-line news source specializing in technical news of course!

Re:I can confirm

As an American-Estonian (1/3 Estonian on my Mother's side),

How can you be ONE THIRD something? I'd understand 1/2 or 1/4 or 1/8 (etc.)

Or, perhaps, you're 1/3 SWEDISH. }:->

(I know I'd be downmodded for this, but I HAD to say it)

Re:I can confirm

1/3 is binary 0.0101010101... , so obviously his grandfather, great-great-grandfather, great-great-great-great-grandfather and (great-great-)^n grandfather are all Estonian, while the rest of his relatives are completely !Estonian.

Re:I can confirm

How can you be ONE THIRD something? I'd understand 1/2 or 1/4 or 1/8 (etc.)

Ménage à trois? ;)

Russia or Russians?

Are they accusing the Russian government of perpetrating this attack, or are they stating that this attack is coming from Russian soil?

Re:Russia or Russians?

According to rumor, Russia has been up to a lot of subterfuge in Estonia lately.

It didn't make US news, of course, but Estonia just had some of the first riots in their capital, Talin. Lately, the Estonian government has been removing Soviet war memorials because, well, they partly respresented the Soviets ruling their country. Just like the Russians have been doing in Moscow, they remove them all and have a single statue garden (they are historical, after all).

However, when they removed one statue of a Soviet soldier in a cemetary, thousands of Russians living in Estonia started protesting. Now, maybe the Russian population just liked that particular statue, but there were rumors that Russian agents were stirring up trouble just to stir up trouble.

Russia's been flexing its muscles across Eastern Europe again. They've been punishing "bad" countries which disobey them. First the riots (which were suspected to be caused by Moscow), now cyber attacks. Neither are outright military moves, but they sure as hell get the message across.

Combined with the recent crackdown on free media and opposition in Russia, it sounds like life might get interesting in 5 years. It seems that, with America's short attention span focused on Iraq, Russia has been putting the pieces in place to recapture former glory.

Do you think that after 50 years that Boris the Soviet simply retired to the countryside? Or has he just been waiting patient for the right opportunity?

Maybe I just haven't had enough coffee this morning to make the conspiracy theories go away.

Re:Russia or Russians?

As an Estonian-American, I can confirm that we Estonians are a might bit riled up about the Russians. On June 13-14, 1941 huge numbers of Estonians were forcibly deported to Siberia. Another deportation occurred in 1949. Then Russians were imported to re-occupy many of the vacant households. Estonians view this as a sort of ethnic cleansing. Estonians were forced to speak Russian in the school system and all traces of their former nationalism were banned. To put it bluntly, many Estonians viewed the occupations under Stalin (and later) as being the worst thing to ever happen to the country (including the Nazi occupation). Putting up Russian war monuments on Estonian soil was insulting to boot. Now the Russians are riled that the Estonians want to move such monuments from their places of prominence (not destroy, mind you, but move). Considering what Estonians have suffered at the hands of Russians, we tend to think that the Russians have no ground to lodge any kind of complaint.

Re:Russia or Russians?

I think the general consensus among those who watch the geopolitical scene is that Russia is attempting to rebuild its empire. It views the Baltic states pretty much as China views Tibet, but because of their NATO membership, Russia can't just march the troops in, so it's using agent provocateurs from among the ethnic Russian minority in the country as well as defacto economic sanctions and cyber attacks to push its weight around. If you think what Russia is doing in Estonia is bad, look at the kind of games they're playing in the Ukraine, which is furiously trying to Westernize and shed its Russian colonial past. Christ, they poisoned Viktor Yushchenko to prevent him from gaining power. The KGB is still very much alive and well. Russia may have had a brief flirtation with friendly relations with the West, but they day is done, and now it wants its empire back.

Re:Yuschenko and the CIA revolution?

While it was no walk in the park, so long as you were neither Jewish nor Romani, life was quite a lot better under German occupation than under Russian occupation. (Jews and Romani had it as bad in Estonia under the Nazis as anywhere in occupied Europe.) Here in the West, we view Hitler as the arch villain. In Estonia, it is Stalin who is viewed as such. Therefore when you make a statement alluding to how "millions of soldiers died fighting the Nazis and protecting Estonia" you display an ignorance of history. It is like saying that the wolf is protecting the rabbit when it drives off the hawk. Truly the Estonians wanted neither the Russians NOR the Germans as overlords.

The real outcome of the attacks

By now, most of the sites under attack have been blocked to the outside traffic. That by itself means the attacks have been successful, information from Estonian government stays in the country.

How would you you fight a DDoS attack and make sure all non-bot users have access?

reminds of

the Hainan Island incident [wikipedia.org]

before 9/11 in early 2001, a chinese jet fighter bumped a us spy plane it was trying to harass away. the chinese fighter crashed and the pilot was never found, and the spy plane was forced to make an emergency landing on hainan island, where the chinese stripped the plane of equipment and then returned the crew to the usa

what happened for a few tense weeks was a lot of nationalistic chest thumping by chinese and american hackers: chinese hackers defacing poorly patched american servers, everything from small businesses to government systems, and american hackers defacing chinese servers: schools and government (i remember this well as i had a box that was hacked: my home page was replaced with a chinese flag and a "fuck usa", heh)

the point is, it's probably not official, it's probably by an independent group of weakly organized russian hackers upset due to nationalistic pride

the trigger for them is that statue that estonia got rid of in tallinn, which russians probably view as thousands of dead soldiers in the defense of estonia from the nazis, and estonia being ungrateful, and estonians viewing as an example of soviet domination, and a symbol of the past cold war era, and russians trying to retain their dominance

regardless, i expect some pissed off estonian hackers soon to plaster "in soviet russia, estonia hackers hack you!" all over pravda.ru, or something

hello brawling estonians and russians

i would like to open this nationalistic chest thumping thread with an exhortation from the rest of us here at slashdot: please be extremely hysterical and hot-headed and entertaining

please be accusing each other's mothers of various acts of bestiality and extreme promiscuity, and do not go lightly on the creative threats of violence, including skewering the eyes with pokers, and the twisting of testicles in various farm machinery. proper english grammar is optional, in fact, it is better if your english grammar is nonexistent

ok, my popcorn is ready, any russian want to respond to the above estonian?

go!

Re:dude

If the French or Belgians started digging up American WWII cemetaries and moving them I'd be pretty pissed too. Lots of Russians died fighting the Germans in the Baltics in WWII and these countries aided and abetted the Nazis (including the holocaust). Size has nothing to do with the ability to be selfrightious so I don't see why size (or Germany in this case) has anything to do with it.

Since you remind about holocaust, remember gulag. Millions of people from Baltic states died there. And deportations started one year before Germany attacked SSSR.

Americans haven't occupied France and Belgium for 45 years. Russians haven't liberated Estonia. In 1944 Estonia one occupant was replaced by other. If Sadam's statue is erected in Kuwait, do people of Kuwait have to leave it in front of emir's palace after Iraqies are gone. Did Russians had to leave Stalin next to Lenin in Mausoleum after 1953.

Actually this has happened before, to the USA

The Guardian article is not correct, in stating "the first known incidence of such an assault on a state". James Adams published an article entitled "Virtual Defense" from Foreign Affairs, May/June 2001 that details a number of cyber-attacks on a massive scale, against the United States. Specifically the Pentagon, NASA, as well as private universities and research laboratories, and a number of military defense contractors were targeted and the security breaches were enourmous, with highly sensitive documents vulnerable. Here is a link to the article (brief preview, then they make it available for purchase - sorry) http://www.foreignaffairs.org/20010501faessay4771/ james-adams/virtual-defense.html [foreignaffairs.org] According to Foreign Affairs: The U.S. government now believes that more than 30 nations have developed aggressive computer-warfare programs. The list includes Russia and China, volatile governments such as Iran and Iraq, and U.S. allies such as Israel and France...The hackers have built "back doors" through which they can re-enter the infiltrated systems at will and steal further data; they have also left behind tools that reroute specific network traffic through Russia. [end of excerpt] The danger here is very high, especially for small businesses, who certainly do not have the technical resources of the US military (and even that was breached). Many small businesses have military contracts, etc. In short, this is a genuine act of war, and the potential for breaches of security across small businesses in the US (or really anywhere) is very high.

Cut Russia off the net

I've said this again, but until Russia (and other Eastern bloc countries) start taking cybercrime seriously, it should just be cut off the net entirely.

Most of the botnets in the world are controlled by Russian mafia. The rest of the world is spending an insane amount of time, money and effort defending against these attacks that orginate 90% from one part of the world. It's like criminally created welfare program, and we're all paying.

Re:Cut Russia off the net

Problem is this could be a slippery slope.

So if we cut their IP blocks off from the world beacuse of botnets, what other excuses could we use? Well, China supports terrorism, so lets cut them off too. And both Koreas. And the entire middle east. Etc.

Also, the hackers would end up proxying through another set of IPs and getting to where they need to be anyway. And could write up their bots to do the same.

That said, don't use technical solutions for social problems. The problem is the governments of the countries in question don't care. They can deny involvement but still watch their enemies writhe. It should be treated as if a stream of foreign nationals marched out of their country and into ours, guns drawn. And that their government is doing nothing to stop them.

Re:Common Sense

You haven't got a clue.

A DDOS attack is basically an attempt to saturate the capacity of the target. The "distributed" part means that it is difficult to screen out the attackers because the machines are on so many different subnets. The flaws that a DDOS relies on are not in the attacked systems, but in the attacking ones which have been compromised and have had software installed that makes them a "bot". A network of these "bots" are then coordinated by the attacker.

And if you think that shutting down the websites of pretty much every government institution, bank and commercial enterprise in a highly connected country like Estonia amounts to "a few eggs thrown over the fence" then just think what it would do your nations economy.

Re:Common Sense

For the love of freedom, just patch the boxes and shut up!

You just don't get it do you? A DDOS is not indicative of a flaw in the systems under attack, it is using the regular means of access to the systems (HTTP requests mostly) but doing it on a massive scale from machines around the world taht have been compromised. Or are you suggesting that Estonian sysadmins perform the impossible and patch all these lousy Windows boxes on various ISP accounts around the world?

Unless you've experienced a large scale DDOS or read the detailed summary of how one was handled then all I can suggest is looking at some descriptions of what a DDOS is. Wikipedia is a good start. Our Payment Service Provider received a blackmail threat a couple of years ago, and then experienced a massive ten day long DDOS attack. Once it was over they provided us with a very detailed account of the attack. What impressed me was the sheer number of machines used in the attack and how evenly spread around the world they were. Trying to contact the relevant sysadmins or ISPs for these machines was simply not feasible.

Re:Common Sense

The problem is the flaws that are being attacked aren't necessarily resident on the machines being attacked - as you know, since you mention zombie computers.

But that doesn't make cyber attack bullshit. That's like saying that land invasions are a made up boogeyman because they depend on flaws like "not having a giant impregnable wall surrounding your country." DDoS attacks, in particular, are problematic. A given target has no way to prevent zombied machines from participating in the attack.

Besides which, a DDoS attack is just a bandwidth race. If my home PC were to be attacked like this, there's nothing I, personally, can do about it. My router won't pass any of the packets to my machine, but if there's 6 Mbps worth of incoming traffic, even if I drop it at the router, I still can't get much legit traffic through. I can call my provider, and see if they can stop it upstream, but then it's just a comparison of the bandwidth at the DSLAM to the bandwidth of the attacker. The only thing to hope for is that, somewhere up the chain, you can reach a node with enough bandwidth that the attacker can't overwhelm it. When you start getting up into backbone territory, this isn't a problem.

But - if we hypothesize for the moment an actual planned assault by a country - odds are pretty good that the US DoD, for example, has more bandwidth than Iran.

Re:They forgot something.

The summary doesn't mention that the attacks started after Estonia began excavating graves of Soviet troops killed during the World War II and vandalized the memorial devoted to them.
Vandalized? Moved to cemetery where it belongs.

Estonia is seen as a neo-fascist regime by Russia, and in my opinion, rightly so
Russia is seen as imperialist regime by Estonia, and in my opinion, rightly so

you can't deny over 30% of your population [estimate of Russian population in Estonia] the most basic rights, including citizenship
You learn the language, pass one exam and voila - the citizenship is yours.

and education for children based on their nationality, and be seen otherwise.
We have schools for Russian-speaking children where most of the subjects are taught in Russian. Unbelievable, yes?

Of course, Europe and the United States ignore this issue.
And Russians ignore the reality. I'm sorry if you do not agree.

Re:They forgot something.

Nope the starting point of this was the relocation of a large statue of a Soviet soldier from central Tallinn to a Soviet Army military cemetery on the outskirts of the city. The Estonians were occupied twice by the Soviet Union, once at the beginning of World War II and again at the end. The second occupation was billed as a liberation of Estonia by the Soviets, but both times large numbers of Estonians were deported to labour camps in the east of the Soviet Union, many to never return. As a result, the statue came to symbolise the occupation of Estonia, and it was felt it should not be in the centre of the countries capital.

During the Soviet era, a large number of ethnic Russians were settled in Estonia and a program of Russification carried out that tried to extinguish Estonian language and culture. This was a common policy across the Soviet Union, as it was seen as a way of preventing a future break up of the union. The Putin government plays on the tensions amongst these former Soviet populations as a way of reasserting Russias importance in the region.

The bodies that are often mentioned in the news reports are actually located some distance from the original site of the statue. They have been located (there was no sign of their presence above ground) under a tram stop and road junction. Excavation was carried out, and the coffins relocated to the same cemetery as the statue. This is in accordance with war graves agreements that are part of internation law.

Re:They forgot something.

The summary doesn't mention that the attacks started after Estonia began excavating graves of Soviet troops killed during the World War II and vandalized the memorial devoted to them. Estonia is seen as a neo-fascist regime by Russia, and in my opinion, rightly so: you can't deny over 30% of your population [estimate of Russian population in Estonia] the most basic rights, including citizenship and education for children, based on their nationality, and be seen otherwise. Of course, Europe and the United States ignore this issue.

Let me give you another perspective on this. You can decide whether or not you want to stick to your guns here. Are you by any chance married to a Russian woman? Because if you are, that will certainly inhibit your ability to see the other side.

Estonia was under Russian control until 1918. It remained an independent nation until 1940, when the USSR invaded it. Germany occupied it from 1941 to 1944. During the 1 year or so of Soviet occupation prior to the Nazi invation, the Soviets did such nice things as kill the intellectuals and forcibly conscript Estonians into the Red Army. I can't say it's any wonder that as in Ukraine (where Stalin and his henchmen had killed and starved to death millions of Ukrainians in the 1930s), the locals viewed the Nazis as liberators and then found out that they were just as bad if not worse as the Soviets. Do note that the USA never recognized the Soviet occupation of Estonia, Latvia and Lithuania. NEVER. It's important to know that for over 50 years, official US policy was that the occupation of these 3 countries was illegal.

After WWII ended, Estonia was screwed. They were part of the Soviet Union. The Soviets moved hundreds of thousands of Russian speaking immigrants into Estonia in an attempt to "Russify" it and to dilute Estonian nationalism. Estonian freedom fighters fought a small scale guerilla war against the USSR into the early 1950s when they finally gave up and realized it was hopeless.

During the USSR period, Russian was the official language in education. It was possible to have education in whatever the local language was (Krushchev made some changes that allowed this), but there was a catch - if you wanted to get a good job, you absolutely had to speak Russian well. Given that Russian and Estonian are about as closely related as English is to Polish, you might understand that Estonian parents had no choice but to send their kids to Russian language schools so as to give them the best chance to prosper in the USSR.

Cut to 1991 when Estonia gets its independence. They now have a rather large Russian speaking population who they were forced to accept by a government that no longer exist. These people have never assimilated into Estonian society. In fact, they were encouraged immigrate there specifically to dilute Estonia's sense of national identity and to turn them into "good little Soviet subjects". These immigrants have never bothered to learn the Estonian language since Russian was the official language of the government prior to 1991. Now you have all these people who say "Screw you! We want to speak Russian!" in a country where the majority of citizens speak the local language, Estonian. They demand that everything be done in Russian so they can understand it. The Estonians never wanted to speak Russian to begin with, so they are promoting the use of their national language. Now you have about 26% of the population who refuses to "get with the program", demands that their language be given equal footing with the national tongue and even worse, feels that things were a lot better back when they were in charge and the stupid locals were taking orders from them. So given that Estonia never wanted the Soviets/Russians there to begin with and the Soviets weren't exactly enlightened when they ran the show, can you really blame them for not being real happy with Russia today? By the way, ethnic Russians can become Estonian citizens, but they have to take

Re:Why Is This In Politics??!!!

The world does not evolve around America kiddy wink!

The politics section originally started out I believe a year or two ago to cover the election and resulting aftermath of "ZOMG BUSH GOT LESS VOTES!" type story. It has since become a more rounded section and carries stories from all over the world under it's banner, because you know "Stuff that matters" is quite often political.

I mean when people start having wars via the Internet (as this rather implies is happening in some twisted form) it starts to effect us geeks as well. So we discuss it on Slashdot and because it's political based they used the politics banner.

I feel sorry for you if you can't see that the FAQ maybe outdated and this has been this way for a good few months (maybe 12+) now, so decide to grind your axe on a stone that's been here longer than you probably have (Anoncow has no ID so I can't tell from your number, but I have to assume you're new if you don't understand the politics section).

Re:Why Is This In Politics??!!!

The world does not evolve around America kiddy wink!

Of course not. Real Americans don't believe in evolution.

Re:Oh yeah?

Does this mean that get a ping wrong and it's not simply packets that might be coming back the other way?

That's why in Hunt for Red October, Sean Connery says "ping -c 1 sub.navy.mil" (or simply "One ping only")

That joke worked so well in my head :-(