Russia engaging in cyber warfare, says Georgia

12 Aug 2008

The bitter conflict currently ongoing between Georgia, the former Soviet republic, and Russia over the Georgian province of South Ossetia appears to have migrated online.

The Georgian presidential website and other government sites have apparently been targeted by a distributed denial of service attack (DDoS) – a malicious attack which aims bring a computer network to a standstill by flooding it with useless traffic.

The Georgian Ministry of Foreign Affairs has set up a blog hosted on Google in which it states: “A cyber warfare campaign by Russia is seriously disrupting many Georgian websites, including that of the Ministry of Foreign Affairs.”

A similar attack occurred in early July of this year on the website of Georgian President, Mikhail Saakashvilli.

The blog RBNExploit, which tracks the Russian Business Network (RBN) – a notorious cybercrime organisation – claims that information on official Georgian websites may no longer be reliable: “We provide an important reminder to use caution with any websites that appear of a Georgian official source but are without any recent news, ie Sat / Sun, Aug 9/10, as these may be fraudulent”.

According to the blog, many of Georgia’s internet servers were under external control from late Thursday 7 August.

“For those of a technical nature we show the latest server routing map (pictured), which clearly shows the Russian-based servers AS12389 ROSTELECOM, AS8342 RTCOMM, and AS8359 COMSTAR, controlling all traffic to Georgia’s key servers,” the blog states.

“It should be noted servers AS8342 RTCOMM (Ru), AS12389 ROSTELECOM (Ru), AS9121 TTNet Autonomous System Turk Telekom (Tk) are well known to be under the control of RBN and influenced by the Russian Government. All efforts are being made to regain server control, and international assistance is requested to provide added internet routing via neutral cyberspace.”

This is not the first time a country’s governmental web resources have been subjected to a cyber attack. A three-week wave of such attacks was unleashed against Estonia in May of 2007, in the midst of its bitter dispute with Russia over the relocation of a Bronze Soldier Soviet war memorial from the centre of the Estonian capital Tallinn.

The main targets included the websites of the Estonian presidency and its parliament; almost all government ministries, three of the countries biggest news organisations and two of Estonia’s biggest banks. Such was the scale of the attack that Nato sent some of its key cyber-terrorism experts to Tallinn to investigate and to help the Estonian authorities strengthen their cyber defenses. Despite Estonian accusations that Moscow was to blame, only one arrest was ever made. 

If the Russian state is indeed responsible for this double-pronged military/cyber military manoeuver, this would be an unprecedented development in the history of human conflict. From the televised bombardments of the Gulf War to footage uploaded to YouTube from troops on the frontlines in Iraq, it appears humanity has followed this technological trajectory to its natural conclusion and is now actually waging war online.

By Jennifer Yau

Pictured: Server routing map from RBNExploit illustrating Russian-based servers controlling all traffic to Georgia’s key servers