Russia and Georgia continue attacks--online
Details are surfacing on the Internet side of the Russian and Georgian hostilities. Researchers studying botnets report an increase in attacks.
Researchers studying botnets have reported an increase in attacks on Georgian Web sites, including that of the country's president, within the last two weeks. While the attacks--Web site defacement and denial-of-service packet floods--are reminiscent of the Internet attacks waged against Estonia in May 2007, Jose Nazario, security researcher for Arbor Networks, told CNET News that he's seeing evidence that Georgia is apparently fighting back, attacking at least one Moscow-based newspaper site.
As to the source, Nazario said that "almost all of the attacks are broadly and globally sourced. One attack appears to be very narrowly focused, possibly someone with some basic ping flood scripts." He said the exact tools being used had not been determined.
In a presentation at July's Usenix conference in San Jose, Calif., Nazario said Internet wars make for a "great, level playing field" because they're inexpensive to mount.
He also pointed out that Internet-based wars did not start last year with Estonia. He cited previous attacks on Kosovo, during its civil war in the late 1990s; Israel-Pakistan hacking peaked in the fall of 2000; and the 2002 winter Olympics, when a South Korean speed skater was ejected from a competition.
More recently, he said, there were attacks on the Ukraine in the fall of 2007; Chinese national attacks on CNN.com in April 2008; and attacks upon the Democratic voice of Burma in July. In July hundreds of Web sites were.
Internet wars do make for plausible deniability; we may never know who's ultimately responsible (governments or agitated nationals) for these attacks.In each of these cases, Nazario said, "I can't go and talk to these people, so I have to infer what their intent was."