Cyberwarfare Escalates Between Georgia, Russia

hijacking

In the wake of a recent series of attacks on Georgian Websites that rerouted visitors and left many government and news sites defaced or blocked entirely, Russian media accused Georgia of targeting the state-sponsored news organization RIA Novosti with denial of service attacks that left the site down for hours.

In addition, the Russian press reported that a South Ossetian government Website was hijacked and blocked for hours following Georgia's peppered South Ossetian villiages with artillery fire.

In recent weeks, a slew of Georgian government and news Websites were hit with defacement and denial of service attacks, which rerouted Internet traffic or blocked viewer access altogether. The first of the attacks against Georgia were launched in July, several weeks before Russia invaded the former Soviet Bloc nation with tanks in South Ossetia.

Hit particularly hard was Georgia President Mikheil Saakashvili's Website, which was sabotaged with an attack that redirected viewers to a page that displayed images of Hitler juxtaposed with images of the Georgian president. Additionally, several Georgian governmental Websites, including those of the Ministry of Internal Affairs and Ministry of Defense, were also disabled with denial of service, crippling the agencies' means to disseminate information regarding the conflict via the Web.

Following the attacks, the Georgian presidential Website relocated to a host based in Atlanta, USA. Several security researchers maintained that the attack appeared to be launched from servers based in both Russia and Turkey. However the Russian government is denying it was behind the attack.

While no one knows who is responsible for the initial attacks against Georgia, security experts maintain denial of service and other malware used to compromise Web infrastructure are the natural evolution of modern day warfare. Consequently, experts say, governments can expect see more of these kinds of cyber attacks launched in tandem with military actions.

"I think it's a natural evolution in warfare, it's just a reflection of modern times. That's the way armies communicate, they do things through computer networks, just like the rest of the world does," said Dave Marcus, security research and communications manager for McAfee. "Of course they're going to leverage or exploit those types of communication. It would be nave to think it wasn't going to happen."

While some suspect the Russian government of being behind the attacks, others speculate that the attacks could be propelled by the notorious crime organization Russian Business Network, or numerous galvanized and overly zealous Russian nationalists.

So why is it so hard to determine the source? That's the nature of the Internet and this type of cyber activity, experts say.

"It's always a little easier in the digital realm to make like someone else did it. You can route through proxies to anonymize it," said Marcus. "When you disrupt communication along digital lines, it makes sense that they anonymize it in order to not be giving their hand away."