Computer experts are investigating the cyberattack that brought down Georgian Web sites during Russia’s invasion of Georgia, and say the assault may mark the first large-scale attempt at “cyber warfare.” As Russian tanks began to roll into Georgia on Friday, millions of extraneous requests — a so-called Distributed Denial of Service (DDoS) attack — took down Georgia’s banking and government sites. [Security expert Graham Cluley says:] “In modern warfare, it’s not unusual to see opposing forces take over TV stations, radios and newspapers. In our century, taking over Internet sites is now part of the same kind of strategy” [Venture Beat].
The attack is similar to an incident in May 2007 when Estonian government Web sites were brought down in response to the government’s plans to move a Russian-installed monument; a 20-year-old Russian hacker was later convicted of organizing that attack. As for who’s responsible for the current online strike against Georgia, the theories range from “some kids who got overexcited” [CNET] to a criminal network directed by the Russian government.
Don Jackson of the computer security company SecureWorks said he saw clear evidence of a shadowy St. Petersburg-based criminal gang known as the Russian Business Network, or R.B.N. “The attackers are using the same tools and the same attack commands that have been used by the R.B.N. and in some cases the attacks are being launched from computers they are known to control,” [he said]…. The group has been linked to online criminal activities including child pornography, malware, identity theft, phishing and spam [The New York Times]. But other researchers questioned the idea that R.B.N. was involved in the attack.
Despite a ceasefire agreement yesterday, Russian troops are reportedly still advancing, and computer security experts say the online bombardment is also ongoing. The U.S. Web hosting company Tulip Systems volunteered to host several government Web sites that crashed over the weekend, but company spokesman Tom Burling says the attacks haven’t ceased: [T]he Web site of the president of Georgia was the target of a flood of traffic from Russia aiming to overwhelm the site. Burling said bogus traffic outnumbered legitimate traffic 5000 to 1 at president.gov.ge [AP]. That website is down as of posting time.