The New York Times has an article discussing two different possibilities for the most recent Kyrgyzstan attacks:
- Russian "cyber-militias" are attacking to intimidate the Kyrgyzstan government for any number of reasons; or,
- Kyrgyzstan hired Russian "hackers" to attack itself in order to "crackdown on an opposition party in Kyrgyzstan that uses the Internet to organize".
I have been involved in numerous complex, international cyber investigations where the source and motive were determined. However, it is almost never simple and requires extensive intelligence gathering and analysis (beyond basic Internet traffic analysis). This requires time and expenses beyond what most organizations are willing to invest in. Yet doing anything less leaves only guesswork.
Also see Analyzing Goggle Attacks - Plenty of Room for Error
Are ‘Cyber-Militias’ Attacking Kyrgyzstan?