Russia and Georgia Engaged In a Cyberwar 276
doctorfaustus writes "I first picked this up in bits and pieces last week off Daily Rotation. A more in-depth story is available at ZDNet, which reports 'a week's worth of speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia's Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the US, with Georgia's Ministry of Foreign Affairs undertaking a desperate step in order to disseminate real-time information by moving to a Blogspot account.' There is a question whether the computer work is being done by the Russian military or others. ZDNet's story offers further analysis of the attacks themselves and their origins. Some pretty good reporting." And reader redbu11 contributes the news that Georgia seems to be censoring access to all Russian websites, as confirmed by a Georgian looking glass/nslookup tool. The access is blocked on DNS level (Italy censored the Pirate Bay in the same way). Here are a couple of screenshots (in a language other than English) as of Aug 12th 5:40 pm: www.linux.ru nslookup — FAIL, www.cnn.com nslookup — OK.
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
Dupe? (Score:2, Informative)
I first heard about this by reading an article titled "Evidence of Russian Cyberwarfare Against Georgia [slashdot.org]". It was posted on this site you might have heard about called /. (or Slashdot).
Re:let it loose! (Score:5, Informative)
A grey hat, in the hacking community, refers to a skilled hacker who sometimes acts legally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
A black hat hacker would hack the firewall in order to get credit card numbers.
NOT CYBER WAR, It's something else... (Score:5, Informative)
I've listened to NPR yesterday about this, and the best experts have been able to say so far is that it is cyber VANDALISM. No major infrastructure has been crashed. Hospitals and such have not been imploded.
There is even speculation that Georgians themselves crashed/trashed their OWN systems to exploit the current bad image Putin (yes, PUTIN is calling the shots, not Medvedev. Moreover, and ironically, a US-based outfit in, guess where... GEORGIA (yes, the state) offered and took on the hosting for the Georgian President's web site. Guess what? It wasn't working out. It was still being crashed/taken down. So, another party (seems to be Estonia) is helping out.
I really fracking wish some of these sensationalistic headers on Slash would get slashed.
http://www.npr.org/blogs/talk/2008/08/august_12th_show.html [npr.org]
Now, given that Putin/Medvedev claim Russian advances are immediately ceasing (purportedly) there really isn't "cyber warfare" going on, isn't there? If things continue, or escalate, THEN it might truly eclipse the bounds into "warfare".
Re:How much more of this until browsers adapt? (Score:3, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
Re:How much more of this until browsers adapt? (Score:5, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
It's actually /etc/hosts, believe it or not.
Well, or something like C:\Windows\System32\etc\hosts. But the format is identical, save for maybe using \r\n instead of \n (and I'm not even sure about that).
Must be all that BSD code in the Windows IP stack.
Re:How much more of this until browsers adapt? (Score:5, Informative)
Re:let it loose! (Score:3, Informative)
I think it's safe to say they are black hats- they're deliberately, maliciously attacking other networks. The distinguishing feature isn't legality, it's the goal of the attacker.
Grey hats generally disregard the laws but don't want to cause harm. Black hats steal credit card numbers, deface servers, and generally bork things up. White hats do the same as black hats, but with the end goal of hardening systems.
Hear from the security team defending the website (Score:5, Informative)
Well, it was NOT Russian territory (Score:2, Informative)
In general, this is just a part of The Great Game. Divide your enemies, make Abkhazians, Ossetians, Georgians hate each other and fight each other, and rule them all. But I still think that Russia provoked this war, and they were preparing for this war long time before Georgian strike on Friday. Russia has been meddling and fighting in Caucasus for hundreds of years now. They have been meddling with other neighboring countries as well. And if the world doesn't stand up to their bullying, this will make Russia feel invincible and beyond punishment. I wonder who would suffer next. Ukraine? Baltic states? Poland? Chechnya is still occupied, and genocide there is still ongoing. Russia never cared and will never care for lives of people, their own citizens or not, nor for peace.
And don't get me started on peacekeepers. Russia having "peacekeepers" in Ossetia is similar to Nazi Germany having peacekeepers in Poland.
--Coder
Re:Many people do not realize:Georgia started the (Score:3, Informative)
Georgia attacked separatists and criminals within their own borders. Yes, it was a stupid move, but all that different from Russia attacking Chechyneyan rebels and criminals within its own borders.
Granted, there were a lot of soldiers there as "peacekeepers", and a lot of people who had been given Russian passports (not really Russian citizens). It was a stupid move of Georgia to start a crackdown on the separatists when it was obvious it was in a precarious situation. Don't poke the bear in the eye if you want to keep your finger.
But the Russian response was amazingly out of proportion. Tanks crossed into a sovereign country, beyond even the disputed South Ossetia region in question, without any delay for negotiations or even an hour or two of threatening postures. This is not like US invading Iraq after months of rhetoric and misinformation to the UN and a small bit of planning.
Of course there was a cyber war. Russia tried it against Estonia. I don't think the government itself was behind it, as it's an ultimately futile gesture. But the government certainly took no action to find or punish whoever was behind the cyber attacks there. Probably better to wink at the script kiddies aimed against outside countries than to have them focus on targets at home.
Re:Poor Georgia...living under the Russian boot... (Score:4, Informative)
Re:Poor Georgia...living under the Russian boot... (Score:3, Informative)
*sigh* You can mod my parent post down as "-1, Wrong Guess", it seems. We broke the ceasefire [wikinews.org] once again.