Russia and Georgia Engaged In a Cyberwar 276
doctorfaustus writes "I first picked this up in bits and pieces last week off Daily Rotation. A more in-depth story is available at ZDNet, which reports 'a week's worth of speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia's Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the US, with Georgia's Ministry of Foreign Affairs undertaking a desperate step in order to disseminate real-time information by moving to a Blogspot account.' There is a question whether the computer work is being done by the Russian military or others. ZDNet's story offers further analysis of the attacks themselves and their origins. Some pretty good reporting." And reader redbu11 contributes the news that Georgia seems to be censoring access to all Russian websites, as confirmed by a Georgian looking glass/nslookup tool. The access is blocked on DNS level (Italy censored the Pirate Bay in the same way). Here are a couple of screenshots (in a language other than English) as of Aug 12th 5:40 pm: www.linux.ru nslookup — FAIL, www.cnn.com nslookup — OK.
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."
Poor Atlanta... (Score:5, Funny)
Haha, LOL, but not really! (Score:3, Funny)
Russia: Yes, I would love to cyber
Georgia: 2 late lol..just got 3 msgs
Russia: Die
Georgia: ?
Russia: I winnuke you
Georgia: OH *@#@)(! I am still running win95!
Poor Georgia...living under the Russian boot... (Score:3, Insightful)
The WSJ editorial board wrote, "No matter who fired the first shot last week in the breakaway Georgian region of South Ossetia, Moscow is using the separatist issue as an excuse to demolish Georgia's military and, if possible, depose its democratically elected government. Russian forces moved ever deeper into
Re:Poor Georgia...living under the Russian boot... (Score:4, Informative)
Re: (Score:3, Informative)
*sigh* You can mod my parent post down as "-1, Wrong Guess", it seems. We broke the ceasefire [wikinews.org] once again.
Propaganda? (Score:4, Insightful)
It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.
Re: (Score:3, Interesting)
Re:Propaganda? (Score:5, Insightful)
But since we invaded them, I would say it is absolutely reasonable for them to block our sites from their citizens.
Re:Propaganda? (Score:5, Interesting)
It seems to me that it depends on the situation. If the war's on our soil, blocking communication with the enemy seems fine. It also seems just fine to block our troops access to our enemies sites when they're on enemy soil. Also, if we're on their soil, blocking access to our sites seems fine. Basically, you want to interfere with orders being issued to a saboteur or similar and make sure that your citizens aren't subjected to foreign propaganda (only domestic propaganda).
Note that that's a very different thing than launching DDoS attacks on servers that blocks your enemies from accessing their own servers or communicating internally. That may be fine too depending on the situation. If you're disrupting military communications, that's probably OK. If you're blocking civilian access to sites advising them on emergency procedures or preventing them from accessing medical assistance, that's pretty shady.
Re:Propaganda? (Score:5, Interesting)
Sorry for the self-reply, but TFS just got more interesting with the computerworld thing.
Assuming that Russia cyber-bombing Georgia's sites is a valid war-time maneuver, is it also OK for them to do the same thing to the servers in Poland and Estonia that are now hosting the offending sites? If those sites are dangerous enough to be considered targets, can hosting those sites be viewed in the same way as supplying weapons to Russia's enemies? Methinks that we'll see some ugly traffic between Russia and these Estonian and Polish servers (that Russia will of course disavow all knowledge of).
Of course, the US is hosting too. Surely none of our Communist comrades would ever be brazen enough to launch attacks on servers hosted here? ;o)
Re: (Score:2, Interesting)
The answer is in the "rules of war": if a Russian flagged vessel were to dock in a neutral country, like the Ukraine, George would be within its rights to attack that port and destroy it. That's why neutral countries usually bar belligerents from using their docks.
Same thing here. If Poland wants to allow Georgia to use their servers, they shouldn't be surprised if Russia "hacks" those servers with a 2,000 lb bomb.
Re: (Score:3, Insightful)
Probably false, and certainly stupid.
Real Life Examples:
When a German vessel docked in a neutral port, Buenos Aires, the British could/did demand that Argentina either (1) expel the Graf Spee within 24 hours after immediate danger (from damage received) to the crew had passed, or (2) intern the ship and its crew for the duration. They did NOT attack Argent
Re: (Score:2)
If you're blocking civilian access to sites advising them on emergency procedures or preventing them from accessing medical assistance, that's pretty shady.
But it's not like humans didn't survive emergencies before the internet. The British survived relentless aerial bombardment with little to no warning back when telephones weren't even direct-dial, instead manually connected by human switchboard operators.
The only authority that could effectively interfere with an official operation to sabotage a civilian network would be the UN International Criminal Court. Considering the scope of this incident compared to even recent conflicts resulting in civilian casu
Re: (Score:2)
If you're blocking civilian access to sites advising them on emergency procedures or preventing them from accessing medical assistance, that's pretty shady.
But it makes it easier to rack up collateral damage. Think of it as shock and awe.
You've got to be really careful if you're doing anything that makes it appear that you're punishing "both guilty and innocent alike". Some countries [icrc.org] consider it tacky [wikipedia.org].
(In case you're curious, both Georgia and Russia are included on the linked list of signatories. Along with 194 others.)
Re: (Score:3, Insightful)
Re:Propaganda? (Score:5, Insightful)
It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.
If one country (Georgia) moves their websites to some other country (the USA) and the aggressor (Russia) continues the cyber attack, is the aggressor committing an act of war against the "other country"?
If it isn't an act of war, what should the "other country" do about the attack on their infrastructure/website.
Re: (Score:2)
If one country (Georgia) moves [some of] their [government/military property/infrastructure] to some other country (the USA) and the aggressor (Russia) continues the [attack on said property/infrastructure], is the aggressor committing an act of war against the "other country"?
Yes. But this also means that the government/entity who knowingly received the property/infrastructure is taking sides.
Although it is similar to Russia hitting the embassy/military base in Georgia of that of a foreign country, this is a bit different as the property/infrastructure is being moved.
Re: (Score:2, Insightful)
But different from NATO bombing the Chinese embassy in Belgrade?
Re:Propaganda? (Score:4, Insightful)
Re: (Score:2)
This is just one of the ways wars will be fought from now on.
Stopping and disrupting your the flow of information from and to your enemy is a age old tactic. Now it's taken to a virtual level but the tactic is the same. Chaos, disorder, misinformation, non information. Key elements in a war.
In the old days when a country went to war young kids would run up to the draft office in a heroic mood so they could defend their country with a gun.
Now they meet
Re: (Score:3, Insightful)
Yes, that's a nice, logical, disinterested way to look at it. However it IS pertinent in that someday this is going to happen to us. Someone is going to attack on a large, coordinated scale and we had better be more prepared than what we've seen in the recent past. We do have a larger structure. Unless of course they are taking the electrical grids down (a likely target) which would cut off all mass communication in the area along with taking down our economy.
It should be somewhat alarming to those of us in
Well, that's a relief (Score:4, Funny)
I heard all this talk about a war between Russia and Georgia and got kind of anxious, but itturns out it's just a cyberwar. The media really should stop sensationalizing these things like that.
Re: (Score:2)
Sigh...I know all that. I was hoping the war was big enough news that the sarcasm in my post would be obvious, but apparently not.
Re:Well, that's a relief (Score:5, Insightful)
This was not started by Russia.
Rather than getting into the "he did this, oh yeah, well he did this first" thing that will have us talking about Attila the Hun in short order... I'd just like to point out that Russia's latest response was pretty over-the-top.
Re: (Score:2, Insightful)
From what I hear (in the UK), it sounds like Georgia was testing, toying with the Russians, and got the shock of their life.
But I don't know about the history of the region, so I don't know how accurate that impression is.
It's quite interesting sometimes to read the "Have Your Say" on news.bbc.co.uk [bbc.co.uk] - it's interesting to read a:, what people are sayi
Re:Well, that's a relief (Score:5, Insightful)
Though to be fair, if you go and kick a big, tough, strongman in the shins, you can't complain that he reacted disproportionally, and you're now in hospital.
Oh, no question there. Georgia was definitely reckless here.
but then they side with the Georgians against the mainly Russian South Ossestia.
I'm new to this as well and am still catching up on history. But I think that the Russians are more interested in control than they are in the welfare of 70,000 people in South Ossetia. They stuck their nose into a civil war, and then complain when their "peacekeepers" (who actually seem to run the government) get killed in the process. And then granting South Ossetians Russian citizenship when they are still part of Georgia? Well, that's pretty brazen. Even more brazen is claiming that now "Russians" are being killed in South Ossetia. They have effectively annexed South Ossetia... and now are grabbing even more of Georgia to "protect" it.
Re:Well, that's a relief (Score:4, Insightful)
Georgia never gave any Russians permission to act as "peacekeepers" in South Ossetia. If there were any armed Russian "peacekeepers" in South Ossetia they were operating illegally within another country's borders.
Georgia is _entirely_ within its rights to police any province within its borders. None of the allegations of genocide etc have even remotely been substantiated. Russia invaded Georgian territory, that's all there is to it.
South Ossetia is basically a tiny place, ie nowhere near the size of Kosova. If my town (Colchester, which has about the same population as South Ossetia) had a referendum, we might vote for independence from the UK. We wouldn't get it though.
Re: (Score:2)
A system with no offensive capability? Oh yeah, that's the same thing as invading a country and effectively annexing part of it.
Re: (Score:3, Interesting)
The US has been "advising" the Georgians until a few weeks ago, last month they had a thousand guys there "training".
You know what the US was advising Georgia? Not to pick a fight that they can't win with Russia.
just shelling the city hard, but they couldn't take it
They actually did take it, which is why the Russians rolled in.
So what is over the top about fighting back if you get attacked,
Russia was not directly attacked. Some of their "peacekeepers" who were occupying part of Georgia were killed during the blitz. Now here's where the finger-pointing starts.
How about if it was your relatives that got wasted by the Georgians being "advised" by the US?
That depends... am I pro-Georgian or pro-Russian? I could probably find a way to blame this on the separatists or the Georgians depending on my stance.
There is no such thing as a "fair fight" in war, you fight to win, period.
I'm all for that, but... why ar
Re: (Score:2)
Yeah, it's just sickening how Georgia was sure they had an easy conquest in taking on a tiny country like Russia.
Re: (Score:2)
Japan has more people than Russia IIRC.
Re: (Score:2, Interesting)
Georgia was stupid enough to think it could invade Russian territory and not get the shit raped out of their little country.
Re: (Score:2)
Your head.
Re: (Score:2)
How much more of this until browsers adapt? (Score:2)
Just like we can specify a URL like "http://username:password@www.somewhere.com/" can we come up with a way to specify a given virtualhostname at an IP address (say... "http://www.somesite.com>192.168.1.5/")?
Aside from evading such DNS censorship, it'd make debugging DNS and vhost configuration errors much, much easier.
Re:How much more of this until browsers adapt? (Score:4, Interesting)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
Re:How much more of this until browsers adapt? (Score:5, Informative)
Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.
It's actually /etc/hosts, believe it or not.
Well, or something like C:\Windows\System32\etc\hosts. But the format is identical, save for maybe using \r\n instead of \n (and I'm not even sure about that).
Must be all that BSD code in the Windows IP stack.
Re:How much more of this until browsers adapt? (Score:5, Informative)
Re: (Score:2)
Why not just use different DNS servers that are not blocking said sites like the OpenDNS servers just for example. Yes, I know some people have other issues with OpenDNS' servers but it's just an example.
Re: (Score:2)
Direct translation to Battlefield... (Score:3, Funny)
It seems that Georgian military units are pinging off the map, while russian units are enjoying first shot capability.
This has allowed the Russians to clear each map easily, with little resistance.
Dupe? (Score:2, Informative)
I first heard about this by reading an article titled "Evidence of Russian Cyberwarfare Against Georgia [slashdot.org]". It was posted on this site you might have heard about called /. (or Slashdot).
DOS? (Score:2)
The official response to DOS is to Distribute content as widely as possible. They can't really censor things if others want the info spread. There are way too many tools available now to keep something censored.
We'll call this the Russian Correlation to The Streisand Effect from now on.
a Language other than English (Score:3, Funny)
Here are a couple of screenshots (in a language other than English)
It's Georgian. In language and alphabet.
mod parent up (Score:2)
Ya dumb fuckers - was it that hard to try to identify the language involved? Even just the alphabet, if you weren't sure of the specific language?
Sigh.
Wasn't this the plot of a Tom Clancy game? (Score:2)
I'm pretty sure the Georgians tried this once already, in Splinter Cell...
Re: (Score:2)
http://www.youtube.com/watch?v=XvVZRwlwebo [youtube.com]
Try Ghost Recon 1
Without country (Score:5, Interesting)
Re: (Score:3, Funny)
What's to stop widespread vigilante justice against either side?
Hot double agents who promise to aid the hackers in their jihad against perpetual virginity in return for non-interferenece.
Defcon guys... (Score:2)
Looks like the Defcon network guys could have a nice little contracting business...
NOT CYBER WAR, It's something else... (Score:5, Informative)
I've listened to NPR yesterday about this, and the best experts have been able to say so far is that it is cyber VANDALISM. No major infrastructure has been crashed. Hospitals and such have not been imploded.
There is even speculation that Georgians themselves crashed/trashed their OWN systems to exploit the current bad image Putin (yes, PUTIN is calling the shots, not Medvedev. Moreover, and ironically, a US-based outfit in, guess where... GEORGIA (yes, the state) offered and took on the hosting for the Georgian President's web site. Guess what? It wasn't working out. It was still being crashed/taken down. So, another party (seems to be Estonia) is helping out.
I really fracking wish some of these sensationalistic headers on Slash would get slashed.
http://www.npr.org/blogs/talk/2008/08/august_12th_show.html [npr.org]
Now, given that Putin/Medvedev claim Russian advances are immediately ceasing (purportedly) there really isn't "cyber warfare" going on, isn't there? If things continue, or escalate, THEN it might truly eclipse the bounds into "warfare".
Well, tough for them. (Score:2)
I'm sure that they were largely on top of it, right up until their back-ups got linked on slashdot.
That's more force than any government could muster.
A new opportunity arises.... (Score:2)
This is a perfect situation for the REST of the world to voice its opinion.....by its own action.
C'mon, you guys. You know damn well that if enough /.ers got it together, the response to all this doesn't have to come from Georgia. The only requirement to respond is a conscience.
A background in IT is most certainly useful, though.
The problem is finding out who is in the wrong, and who is in the right.
Uh? People? (Score:2, Interesting)
Wasn't the internet invented with the idea in mind that you can't do exactly that, stop information from being exchanged? Wasn't that what the idea behind the whole resilence of the net and rerouting past clogged or destroyed nodes was, back when ARPA had its fingers on it?
Back to the drawing board, people, epic fail. Or rather, get back to the redundancy we stripped because we're cheap and want the net to be profitable.
Re:Uh? People? (Score:4, Insightful)
Re: (Score:2)
Wow, people just don't understand. The Internet is not down there. The packets get routed. It's the web servers that are being vandalized. The actual servers that host the actual content the Internet delivers. Hence, Garbage in, Garbage out.
Um, no. It seems you don't understand. Access is being blocked at the DNS level no just web servers. So like...go back in your know-it-all hole.
Re: (Score:2)
Re: (Score:2)
And that is exactly what it is doing now. Routing around "damage". Georgia, for whatever reason(DDOS, actual destruction, hacking), is "damaged". The rest of the internet is just fine.
Re: (Score:2)
two words (Score:2)
"There is a question whether the computer work is being done by the Russian military or others."
Plausible deniability.
I didn't know Georgia had computers (Score:3, Funny)
Oh wait, you meant the other Georgia.
In Soviet Russia... (Score:5, Funny)
Censoring access? I think not. (Score:5, Interesting)
I think the claim that Georgia is censoring traffic is probably misleading.
What's happening is that they've got incoming DoS-attacks, and have probably nullrouted quite a few russian IP-ranges. This probably includes quite a few DNS servers, making DNS lookups fail.
I haven't taken the time to _check_ any of this, but if you nullroute the DNS servers, of course DNS lookups will fail. If you're under a DoS, of course you nullroute quite a lot.
Teh Googles (Score:3, Interesting)
Hear from the security team defending the website (Score:5, Informative)
Re: (Score:3, Insightful)
Why are you calling Russians bastards?
On the night of August 7th/8th, Saakashvili launched an operation to "restore constitutional order" in South Ossetia. He started by bombing the crap out of Tskhinvali using Grad rocket launchers, resulting in hundreds of dead Ossetian civilians (1500 according to Ossetian and Russian numbers). Why wasn't there an outcry over their deaths in the western media? Whenever the Ossetian death toll was called it was qualified as unconfirmed. However, when a Russian plane misse
Isn't this an act of war against the U.S? (Score:5, Interesting)
CyberWar Weapon (Score:4, Funny)
Slashdotted (Score:3, Funny)
Hmm, the preseident's site seems to be down now, I guess they could handle the attacks, but not slashdot. I wonder if Slashdot should be considered a WMD?
Re:let it loose! (Score:5, Informative)
A grey hat, in the hacking community, refers to a skilled hacker who sometimes acts legally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
A black hat hacker would hack the firewall in order to get credit card numbers.
Re:let it loose! (Score:5, Insightful)
Define "legally" in a war...
Seriously, black hat, white hat, grey hat or technicolor hat, it kinda loses meaning when legality itself isn't really applicable anymore.
Re: (Score:3, Informative)
I think it's safe to say they are black hats- they're deliberately, maliciously attacking other networks. The distinguishing feature isn't legality, it's the goal of the attacker.
Grey hats generally disregard the laws but don't want to cause harm. Black hats steal credit card numbers, deface servers, and generally bork things up. White hats do the same as black hats, but with the end goal of hardening systems.
Re:let it loose! (Score:4, Insightful)
Isn't "causing harm" the idea behind a war? I mean, if I don't want to hurt you, your country, your economy, why bother going to war in the first place? So I can shoot people legally?
So is the attacking hacker a "black hat" and the defending hacker a "white hat"? I guess Russia would disagree.
Re: (Score:2)
In the ashes of war, everything is grey?
Or gray, just so's to not be an insensitive clod.
Re: (Score:2, Funny)
Re: (Score:2)
Re: (Score:3, Insightful)
Define "legally" in a war... when legality itself isn't really applicable anymore.
Now that's just a bit too cynical. War itself involves a lot of actions where the combantants will disagree about legality, but it is meaningful to call some of them "illegal" as a bystander.
For example, if a Georgian troop goes into Russia and kills a Russian troop by firing at him with a rifle, Russia would certainly love to characterize that as "murdering" (i.e. illegal killing of) a Russian citizen. But it's not (in and of itself) a "war crime".
There exist widely respected protocols for what a well-in
Re: (Score:3, Insightful)
Define "legally" in a war...
See Conventions, Geneva.
Re: (Score:2)
See Conventions, Geneva.
I wasn't aware they had an IT policy.
Re: (Score:2)
I was gonna say.
Attacking IT infrastructure that is not attached to the government or military would probably fall under "total war"; which is a big no-no under Geneva.
Re: (Score:3, Insightful)
You mean the stuff you'll be tried for in Den Hague when you break it, unless you have bigger guns than the rest of the planet so they don't dare to pull you to the court?
Yeah, I'm sure Russia is afraid of that.
Re: (Score:2)
We need a "hat colour" for a war hacker. This will become a lot more common in the information age.
Any takes on a good colour?
Occupied:
White- Good and legal
Grey - Shady
Black - Malicious and for personal gain
Red - lol
Blue perhaps?
Re:let it loose! (Score:5, Funny)
We need a "hat colour" for a war hacker. This will become a lot more common in the information age.
Any takes on a good colour?
Digital Camo of course. Sheesh, what's your excuse? Your UID isn't THAT high.
Re: (Score:3, Interesting)
Define "legally" in a war...
Seriously, black hat, white hat, grey hat or technicolor hat, it kinda loses meaning when legality itself isn't really applicable anymore.
When I was a kid, my best friend's dad was a WW II Navy vet, one that saw a lot. He scoffed at the very notion of "rules of war".
As he put it, "If I have an 'illegal' weapon, and an enemy is trying to kill me... guess what... I'm using the illegal weapon".
Re: (Score:3, Interesting)
To quote my army trainer, rules of engagement exist for Generals and other cushion-poopers who don't have to worry about bigger problems. Like, for example, bullets.
Re: (Score:3, Interesting)
http://en.wikipedia.org/wiki/War_crime [wikipedia.org]
Clearly, the US ignoring this concept has been going on long enough that people are returning to the Bad Old Days when "there's a war on" meant "we can commit any atrocity we want, fuck you".
Comment removed (Score:5, Funny)
Re:let it loose! (Score:4, Funny)
hmm...Russia....RED hat hackers?!? ehh? ehhh?? get it?!
So... red hats... a bunch of old ladies [wikipedia.org]?
Re: (Score:3, Funny)
Re: (Score:3, Insightful)
Not as many niggers as US Georgia.
In Soviet Georgia, Blacks lynch you.
Yes, you specifically.
Re:You know what's great about Soviet Georgia? (Score:5, Funny)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Re:You know what's great about Soviet Georgia? (Score:4, Funny)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Yah, but they're mostly self-loathing caucasians, as opposed to white supremacists.
Re: (Score:3)
I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.
Yah, but they're mostly self-loathing caucasians, as opposed to white supremacists.
You think white supremacists don't loathe themselves? I always figured those who have to denigrate others to feel better about themselves must have a pretty low opinion of themselves to start with.
Re:You know what's great about Soviet Georgia? (Score:4, Insightful)
because the USSR spent 70 years building a large economy out of those little states, and they moved a lot of people around to keep the piece. Then the 1990's hit, the wall fell and the USSR was carved up into little ethnic groups while NATO held a gun to Russia's head. Now that the US is over-committed it's a good time for Putin to grab some home points and get some wayward "states" back.
Re: (Score:3, Funny)
"Russians, Georgians, and Niggers are all sub-human."
History of the Internet, Chapter 5: David Duke gets his first email address, Slashdot account.
Re: (Score:3, Informative)
Georgia attacked separatists and criminals within their own borders. Yes, it was a stupid move, but all that different from Russia attacking Chechyneyan rebels and criminals within its own borders.
Granted, there were a lot of soldiers there as "peacekeepers", and a lot of people who had been given Russian passports (not really Russian citizens). It was a stupid move of Georgia to start a crackdown on the separatists when it was obvious it was in a precarious situation. Don't poke the bear in the eye if y