Slashdot Log In
Russia and Georgia Engaged In a Cyberwar
Posted by
kdawson
on Tue Aug 12, 2008 03:10 PM
from the who-shot-first dept.
from the who-shot-first dept.
doctorfaustus writes "I first picked this up in bits and pieces last week off Daily Rotation. A more in-depth story is available at ZDNet, which reports 'a week's worth of speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia's Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the US, with Georgia's Ministry of Foreign Affairs undertaking a desperate step in order to disseminate real-time information by moving to a Blogspot account.' There is a question whether the computer work is being done by the Russian military or others. ZDNet's story offers further analysis of the attacks themselves and their origins. Some pretty good reporting." And reader redbu11 contributes the news that Georgia seems to be censoring access to all Russian websites, as confirmed by a Georgian looking glass/nslookup tool. The access is blocked on DNS level (Italy censored the Pirate Bay in the same way). Here are a couple of screenshots (in a language other than English) as of Aug 12th 5:40 pm: www.linux.ru nslookup — FAIL, www.cnn.com nslookup — OK.
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
Related Stories
[+]
News: The Pirate Bay Blocked In Italy 247 comments
imhassan tips us to news that The Pirate Bay has been blocked in Italy. Other attempts to block the popular P2P site have been somewhat less than successful. From TorrentFreak:
"Pirate Bay's IPs and the domain name are inaccessible, as they are blocked by ISPs all over the country. Whether these blocks will be very effective, however, is doubtful, since The Pirate Bay has already announced several countermeasures. An insider working at an Internet provider in Italy told TorrentFreak that all the relevant large access ISPs in Italy have complied with the request to block the popular BitTorrent tracker, which was sent out yesterday. Italy is taking a stand against BitTorrent sites, so it seems. Two weeks ago, the largest Italian torrent site, Columbo-BT, was shut down by the same prosecutor who is responsible for the Pirate Bay block."
[+]
Is There a Cyberwar, and Is the US Losing It? 320 comments
kenblakely writes "BusinessWeek is running a story asserting that the 'US
is Losing the Global Cyberwar.' This whole
cyberwar thing has been discussed a few times on Slashdot where the Chinese are asserted to be using
cyberwarfare to attain military superiority. And, of course, there is
the whole Russia-Georgia thing. Even
the US military is getting in on the action, and the fear
of a cyber
Pearl Harbor seems almost palpable. I'm curious
what the Slashdot crowd thinks about the growing fascination with 'cyberwar':
hype to get more money and create new force structure, source of the next
world war, or somewhere in between?"
[+]
Technology: Beyond Firewalls — Internet Militarization 83 comments
angry tapir writes "One of the discussions at the Source Boston Security Showcase has been the militarization of the Internet. Governments looking to silence critics and stymie opposition have added DDOS attacks to their censoring methods, according to Jose Nazario, senior security researcher at Arbor Networks, with international political situations spawning DDOS attacks."
[+]
Report Links Russian Intelligence Agencies To Cyber Attacks 57 comments
narramissic writes "A report released Friday by a group of cyber-security experts from greylogic finds it is very likely that the Foreign Military Intelligence agency (the GRU) and Federal Security Service (the FSB) directed cyber attacks on Georgian government servers in July and August of 2008. 'Following a complex web of connections, the report claims that an Internet service provider connected with the Stopgeorgia.ru web site, which coordinated the Georgian attacks, is located next door to a Russian Ministry of Defense Research Institute called the Center for Research of Military Strength of Foreign Countries, and a few doors down from GRU headquarters.' But Paul Ferguson, a researcher with Trend Micro who has reviewed the report, says it's a 'bit of a stretch' to conclude that the Georgia attacks were state-sponsored. 'You can connect dots to infer things, but inferring things does not make them so,' he said. One other interesting allegation in the report is that a member of the Whackerz Pakistan hacking group, which claimed responsibility for defacing the Indian Eastern Railway Web site on Dec. 24, 2008, is employed by a North American wireless communications company and presents an 'insider threat' for his employer."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Poor Atlanta... (Score:5, Funny)
Propaganda? (Score:4, Insightful)
It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.
Re:Propaganda? (Score:5, Insightful)
It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.
If one country (Georgia) moves their websites to some other country (the USA) and the aggressor (Russia) continues the cyber attack, is the aggressor committing an act of war against the "other country"?
If it isn't an act of war, what should the "other country" do about the attack on their infrastructure/website.
Parent
Re:Propaganda? (Score:5, Insightful)
But since we invaded them, I would say it is absolutely reasonable for them to block our sites from their citizens.
Parent
Re:Propaganda? (Score:5, Interesting)
It seems to me that it depends on the situation. If the war's on our soil, blocking communication with the enemy seems fine. It also seems just fine to block our troops access to our enemies sites when they're on enemy soil. Also, if we're on their soil, blocking access to our sites seems fine. Basically, you want to interfere with orders being issued to a saboteur or similar and make sure that your citizens aren't subjected to foreign propaganda (only domestic propaganda).
Note that that's a very different thing than launching DDoS attacks on servers that blocks your enemies from accessing their own servers or communicating internally. That may be fine too depending on the situation. If you're disrupting military communications, that's probably OK. If you're blocking civilian access to sites advising them on emergency procedures or preventing them from accessing medical assistance, that's pretty shady.
Parent
Re:Propaganda? (Score:5, Interesting)
Sorry for the self-reply, but TFS just got more interesting with the computerworld thing.
Assuming that Russia cyber-bombing Georgia's sites is a valid war-time maneuver, is it also OK for them to do the same thing to the servers in Poland and Estonia that are now hosting the offending sites? If those sites are dangerous enough to be considered targets, can hosting those sites be viewed in the same way as supplying weapons to Russia's enemies? Methinks that we'll see some ugly traffic between Russia and these Estonian and Polish servers (that Russia will of course disavow all knowledge of).
Of course, the US is hosting too. Surely none of our Communist comrades would ever be brazen enough to launch attacks on servers hosted here? ;o)
Parent
Well, that's a relief (Score:4, Funny)
I heard all this talk about a war between Russia and Georgia and got kind of anxious, but itturns out it's just a cyberwar. The media really should stop sensationalizing these things like that.
Re:Well, that's a relief (Score:5, Insightful)
This was not started by Russia.
Rather than getting into the "he did this, oh yeah, well he did this first" thing that will have us talking about Attila the Hun in short order... I'd just like to point out that Russia's latest response was pretty over-the-top.
Parent
Re:Well, that's a relief (Score:5, Insightful)
Though to be fair, if you go and kick a big, tough, strongman in the shins, you can't complain that he reacted disproportionally, and you're now in hospital.
Oh, no question there. Georgia was definitely reckless here.
but then they side with the Georgians against the mainly Russian South Ossestia.
I'm new to this as well and am still catching up on history. But I think that the Russians are more interested in control than they are in the welfare of 70,000 people in South Ossetia. They stuck their nose into a civil war, and then complain when their "peacekeepers" (who actually seem to run the government) get killed in the process. And then granting South Ossetians Russian citizenship when they are still part of Georgia? Well, that's pretty brazen. Even more brazen is claiming that now "Russians" are being killed in South Ossetia. They have effectively annexed South Ossetia... and now are grabbing even more of Georgia to "protect" it.
Parent
Without country (Score:5, Interesting)
NOT CYBER WAR, It's something else... (Score:5, Informative)
I've listened to NPR yesterday about this, and the best experts have been able to say so far is that it is cyber VANDALISM. No major infrastructure has been crashed. Hospitals and such have not been imploded.
There is even speculation that Georgians themselves crashed/trashed their OWN systems to exploit the current bad image Putin (yes, PUTIN is calling the shots, not Medvedev. Moreover, and ironically, a US-based outfit in, guess where... GEORGIA (yes, the state) offered and took on the hosting for the Georgian President's web site. Guess what? It wasn't working out. It was still being crashed/taken down. So, another party (seems to be Estonia) is helping out.
I really fracking wish some of these sensationalistic headers on Slash would get slashed.
http://www.npr.org/blogs/talk/2008/08/august_12th_show.html [npr.org]
Now, given that Putin/Medvedev claim Russian advances are immediately ceasing (purportedly) there really isn't "cyber warfare" going on, isn't there? If things continue, or escalate, THEN it might truly eclipse the bounds into "warfare".
In Soviet Russia... (Score:5, Funny)
Censoring access? I think not. (Score:5, Interesting)
I think the claim that Georgia is censoring traffic is probably misleading.
What's happening is that they've got incoming DoS-attacks, and have probably nullrouted quite a few russian IP-ranges. This probably includes quite a few DNS servers, making DNS lookups fail.
I haven't taken the time to _check_ any of this, but if you nullroute the DNS servers, of course DNS lookups will fail. If you're under a DoS, of course you nullroute quite a lot.
Hear from the security team defending the website (Score:5, Informative)
Isn't this an act of war against the U.S? (Score:5, Interesting)
Re:let it loose! (Score:5, Informative)
A grey hat, in the hacking community, refers to a skilled hacker who sometimes acts legally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
A black hat hacker would hack the firewall in order to get credit card numbers.
Parent
Re:let it loose! (Score:5, Insightful)
Define "legally" in a war...
Seriously, black hat, white hat, grey hat or technicolor hat, it kinda loses meaning when legality itself isn't really applicable anymore.
Parent
Re:let it loose! (Score:5, Funny)
We need a "hat colour" for a war hacker. This will become a lot more common in the information age.
Any takes on a good colour?
Digital Camo of course. Sheesh, what's your excuse? Your UID isn't THAT high.
Parent
Re:let it loose! (Score:5, Funny)
Parent
Re:You know what's great about Soviet Georgia? (Score:5, Funny)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Parent
Re:You know what's great about Soviet Georgia? (Score:4, Funny)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Yah, but they're mostly self-loathing caucasians, as opposed to white supremacists.
Parent
Re:How much more of this until browsers adapt? (Score:4, Interesting)
Parent
Re:How much more of this until browsers adapt? (Score:5, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
It's actually /etc/hosts, believe it or not.
Well, or something like C:\Windows\System32\etc\hosts. But the format is identical, save for maybe using \r\n instead of \n (and I'm not even sure about that).
Must be all that BSD code in the Windows IP stack.
Parent
Re:How much more of this until browsers adapt? (Score:5, Informative)
Parent
Re:Uh? People? (Score:4, Insightful)
Parent