Wednesday, September 03, 2008

Recommended Reading: "Georgia Cyber Attacks By Russian Gov't? Not So Fast"

Gadi Evron, the founder of Israel's Government CERT group, wrote an article that was published in the Australian version of (notably absent from the U.S. site) concerning the recent attacks on Georgia.

It is always refreshing to hear an experienced investigator discuss the issues:

"Running security for the Israeli government Internet operation and later founding the Israeli government CERT, I found that such attacks were routine. Seeing the panicked reaction this type of attack has generated seems quaint from my perspective. Not all fighting is warfare. While Georgia is obviously under DDoS attacks that are political in nature, it doesn't so far seem different from any other online aftermath by fans. Political tensions are always followed with online attacks by sympathizers.

"DDoS attacks harm the Internet itself rather than just this or that website, which often requires some of us in the vetted Internet security operations community to get involved in mitigating the attacks, if they don't just drop on their own. Our purpose is not to get involved in any local situation, but rather to preserve our common global critical infrastructure - the Internet.

"Could this somehow be indirectly related to Russian military action? Yes, but there is no evidence to indicate it is the case as of yet. If anything, the opposite seems likely at this point in time."

As with similar online attacks, there is wild speculation and near hysteria in the media concerning cyber attacks against Georgia originating in Russia. It is rare to have a commentator that can take a step back and analyze the situation based on known facts and an understanding based on real-world investigations.

Mr. Evron also notes the effect of the traditional media as both a motivator and as propogandia. This symbiotic relationship between poitically motivated cyber attacks and PR is documented in Hacktivism & Politically Motivated Computer Crime.

Georgia Cyber Attacks by Russian Gov't? Not So Fast

No comments: