Implications of Russian Cyber Battles

Implications of Russian Cyber Battles

By Colin Clark Tuesday, August 19th, 2008 12:18 pm
Posted in Cyber Security, International

When the history of the Russian invasion of Georgia is written, one of the most revealing discussions may center on the role of cyber warfare.

Some questions that will need answering: Just when did Russian hackers begin their attacks on the Georgian websites. Just what role did NATO — especially Estonian and American — cyber warriors have in guiding the Georgian response. Was the enormous three-week attack on Estonia last April from Russia a practice run for the Georgian attack?

When the Russians crippled Estonia’s cyber infrastructure the NATO alliance dispatched top cyber war experts to investigate and to improve the Estonians’ electronic defenses. It seems reasonable that, in the event of a true combined operation against the Georgians, NATO dispatched cyber experts to help though I haven’t confirmed that yet. There are numerous reports that Estonia has sent cyber warriors to help the Georgians combat both countries historic nemesis.


Official and unofficial Pentagon spokesmen refused to comment on whether the US might or might not be assisting the Georgians in their efforts to protect their Internet infrastructure. However, one source said that if any US agency would be helping the Georgians it would be the Department of Homeland Security. The reason: if the Russians were to learn the Pentagon was assisting the Georgians they could claim the US was waging cyber war against them. And US policy is that attacks on our computer systems can be considered an act of war, a logic the Russians would be sure to follow. If DHS is assisting the Georgians then we can make it very clear that US efforts are purely defensive. Also, DHS is home to the Computer Emergency Response Team.

All this raises questions about the US approach to cyber warfare — not defensive and security measures, but the willingness to use the web to attack an enemy to blunt or cripple their offensive capabilities. As one of my wittier sources put it earlier today: Are the Georgians really more afraid of a cyber attack than of all those missiles raining down on their heads. The global World Wide Web may be incredibly resilient, but local web connections can be seriously disrupted by those old timey capabilities known as kinetics. Destroy phone or cable connections –easily done with artillery or bombs — and you’ve made it a lot harder to rebuild and reconnect than would a denial of service attack. On top of the destruction, an enemy can send a much clearer and simpler signal than can be done through cyber attacks. On the other hand, it is the very ambiguity of a cyber attack that can make it such a powerful tool in the times before a conflict erupts. Ask the Russians and the Estonians.

Tags:

Join the Conversation

Tom Reynolds August 19th, 2008 at 5:59 pm

This type of warfare is very important. Remember in Bosnia when we “reprogrammed” the radar system of the enemy. That was done either by satellite or by a stealth plane. I don’t know which but cyber warfare is critical is your are going to render an enemy inoperative with electronic equipment. No doubt we are mixed up in it as are the Russians.

Leon Houston August 19th, 2008 at 6:05 pm

This is an example of why we need to look at my concept of a “Perfect Battalion.” Those who were there already could have had early warning of this happening and spiked back!

Joseph B. Cryer August 20th, 2008 at 8:18 am

Colin thanks for writing this piece.

Awareness is the first step in putting together a comprehensive solution.

Regarding the Soviets (sorry I am OLD SCHOOL) we need to “collectively” try to put ourselves in there position.

Or better yet, there mindset. As a Country I believe that “mentally” (as a whole) they are suffering from some sort of mental trauma with there recent history (WWII, Stalin Holocaust, fall of Communism, etc.).

These ex-Soviet States bring back some of these unfortunate memories (paranoia) and we should be empathetic (to some degree) of this in our diplomatic/economic/military strategies.

Once again (not to repeat myself) an unstable Russia is not in our National Security Interests.

daskro August 21st, 2008 at 6:22 am

This cyber warfare hype really needs to stop. The very technical nature of these attacks lend themselves to being very effective against countries with limited communication infrastructure combined with token network management expertise. There is only a finite amount of network denial capability out there and historically attempts made on larger networks end with slightly slower response times for the user and in the most extreme cases a network denial of hours.

The reasons why are fairly straightforward. Effective botnets operate with tens, if not hundreds of thousands, of infected computers that are told to bombard a target network with data. Unlike with smaller targets, larger networks have both the bandwidth and network hardware/expertise to identify a vast majority of attacks from legitimate data and are able to minimize damage accordingly.

Unlike traditional expansion of capability within the military, governments cannot create greater botnet capability through spending. Botnet creation is not only organic but also implemented by black hats in vicious competition to best one another. It is very much a zero-sum game in that the creation of a new botnet means taking already infected computers and placing them under your control.

Eastern European gangs have been using botnets to extort money from mom and pop internet operations for years. These victims neither have the size nor the IT infrastructure to guard themselves against these attacks. They’d rather pay ransom than have their operation shut down for weeks on end.

Sure, cyber warfare is not limited to denial attacks, but in the case of Estonia and Georgia, these are the examples brought up time and time again. This needs to stop.

Matthew G. Saroff August 21st, 2008 at 10:30 am

The “attacks” on Estonia were some college kid, IIRC.

C4r4b4s August 22nd, 2008 at 11:49 am

I blame 4chan.

daskro August 25th, 2008 at 7:01 am

C4rb4s satirical comment has a glimmer of truth in it. Botnet operators loosely associated with 4chan*, and dozens of other sites like it have just as much capability as these state-sponsored cyber attackers.

The point is ANYONE with the will, time, patience, and a modicum of programming knowledge can create these kind of networks.

* 4chan is a comedy site, not some hacker refuge, but its community has been known in the past to cause some havoc with botnets, such as with the Scientology attacks.

*required

NOTE: Comments are limited to 2500 characters and spaces.

By commenting on this topic you agree to the terms and conditions of our User Agreement