Home / Blogs

Internet Attacks Against Georgian Websites

Gadi Evron

In the last days, news and government web sites in Georgia suffered DDoS attacks. While these attacks seem to affect the Georgian Internet, it is still there.

1. There are botnet attacks against .ge websites.
2. These attacks affect the .ge Internet infrastructure, but it's reachable.
3. It doesn't seem Internet infrastructure is directly attacked.
4. Every other political tension in the past 10 years, from a comic of the Prophet Muhammad to the war in Iraq, were followed by online supporters attacking targets which seem affiliated with the opposing side, and vise-versa.

Up to the Estonian war, such attacks would be called "hacker enthusiast attacks" or "cyber terrorism" (of the weak sort). Nowadays any attack with a political nature seems to get the "information warfare" tag. When 300 Lithuanian web sites were defaced last month, "cyber war" was the buzzword.

Running security for the Israeli government Internet operation and later the Israeli government CERT such attacks were routine, and just by speaking on them in the local news outlets I started bigger so-called "wars" when enthusiasts responded in the story comments and then attacks the "other side".

Not every fighting is warfare. While Georgia is obviously under a DDoS attacks and it is political in nature, it doesn't so far seem different than any other online after-math by fans. Political tensions are always followed by online attacks by sympathizers.

Could this somehow be indirect Russian action? Yes, but considering Russia is past playing nice and uses real bombs, they could have attacked more strategic targets or eliminated the infrastructure kinetically.

Coulda, shoulda… the nature of what's going on isn't clear, but until we are certain anything state-sponsored is happening on the Internet it is my official opinion this is not warfare, but just some unaffiliated attacks by Russian hackers and/or some rioting by enthusiastic Russian supporters.

It is too early to say for sure what this is and who is behind it.

The RBN blog (following the Russian Business Network) is of a different opinion and more here.

Also, Renesys has been following the situation and provides some data.

(Thanks to Paul Ferguson for the URLs)

DDoS attacks harm the Internet itself rather than just this or that web site, so soon this may require some of us in the Internet security operations community getting involved in mitigating the attacks, if they don't just drop on their own.

By Gadi Evron, Security Strategist. More blog posts from Gadi Evron can also be read here.

Related topics: Cyberattack, Cybercrime, DDoS, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

The Emotional Cost of Cybercrime

Why I Wrote 'Thinking Security'

Regulation and Reason

In Network Security Design, It's About the Users

RIPE 71 Meeting Report

Related News


Industry Updates – Sponsored Posts

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

The Deep Web and the Darknet - The Nether Regions of the Internet

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Verisign OpenHybrid for Corero and Amazon Web Services Now Available

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

What's in Your Attack Surface?

Sponsored Topics