Home / Blogs

Updates on the Georgian Cyber Attacks

Gadi Evron

This is an update of my previous post on the subject.

To be honest here, no one truly knows what's going on in Georgia's Internet except for what can be glimpsed from outside, and what has been written by the Georgians on their blog (outside their country). They are probably a bit busy avoiding kinetic bombing.

As mentioned in the previous post, Renesys has been following the Georgian links, which seem to be there, but occasionally drop due to possibly power failures.

Shadowserver and others have been following the botnets attacking the Georgians web sites, and that is confirmed as happening.

According to Dancho Danchev, there have also been some defacements, which he describes.

So — it is clear their web sites are under attack, and that Internet visibility-wise, the impact is real for the Georgians. And yet, it is simply too early and there is not enough information to call this an Internet war. It is too early to establish motive or who the perpetrator is, however much we may want to point fingers.

Following every, and any political or ethnic tension, world-wide, an online aftermath comes, in the form of attacks, defacements, and enthusiast hackers swearing at the other side (which soon does the same, back).

While Georgia's suffering is real, such attacks are nothing but routine here in Israel. When I ran the defense for the Israeli government Internet operation and then the Israeli government CERT, such attacks would occur daily. Hackers on the other side would band together, talk, coordinate a date, exchange tools, and attack.

While I apologize for the analogy, post-9/11 Israelis were shocked. We were sympathizing and crying for the victims. What we did not understand was why people were still shocked ten minutes past, as this was a normal every-day life happening for us over here. The same applies for cyber-space, the Internet — we are used to this.

The difference in this attack was that the Georgian authorities, like numerous others around the world still aren't, were not prepared to face and fend against such an attack.

In my article "Fighting Botnets and Online Mobs” for the Georgetown Journal of International Affairs covering the Internet war in Estonia, I state how our opponents will no longer be just countries, or even organizations as Martin van Creveld once predicted ahead of his time, but that on the Internet playing field any individual or loosely affiliated group can be a player, affecting countries and yes, corporations as well.

The best article describing the events so far is by John Markoff at the New York Times.

By Gadi Evron, Security Strategist. More blog posts from Gadi Evron can also be read here.

Related topics: Cyberattack, Cybercrime, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Dyn Acquires Internet Intelligence Company, Renesys

Tips to Address New FFIEC DDoS Requirements

Smokescreening: Data Theft Makes DDoS More Dangerous

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Verisign

Security

Sponsored by
Verisign
Afilias

DNSSEC

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines