With wave after wave of Russian troops, and bomber aircraft pouring over the border, Georgia have been under a hell of a lot of attacks in the last few days, but it?s not just the physical battering of the nation, Russian Cyber operatives have crippled the country?s communications network, halting the Georgian government?s flow of information.
In an effort to keep lines of communication open, Georgia?s president, Mikheil Saakashvili, has moved his website to a US hosting company ? in Georgia, Atlanta – and now the foreign ministry is using Blogger to release statements.
Russia has denied crippling the network, but the timing is suspicious so it?s easy to point the finger of blame. Estonia and Poland have both faced cyber attacks from Russians ? though never proved, and have rushed to the aid of stricken Georgians.
The cyber attacks have all the trademarks of Russian operatives who specialise in organised cyber crime. Frontpage defacements of websites, jamming of networks, ?they?ve done that before,? said James Lewis, of the Center for Strategic and International Studies.
“It’s a nice trade for everybody. The criminals get a little protection; the Russian government gets to have something happen without having their fingerprints on it. That’s the assumption.
?Like Estonia, we don’t have links to the Russian government, but it’s not a fluke where we magically have this happen when a shooting war starts,” he said
Criminal groups are likely involved in the cyber blitz, agreed Paul Ferguson, advanced threat researcher for Trend Micro “This looks to me like more than just some grassroots, hacktivist-inspired attacks,” he said
“But at the same time there’s no way to link it to a state-sponsored type of attack. It’s somewhere in the middle … it certainly has criminal elements.”
Sean Barnum, principal consultant for Cigital Security, said, that when you think of a nation engaging in cyber warfare, the image that may arise is one of coordinated chaos at a country?s command-and-control infrastructure. Georgia?s experiences are more like info-war.
“This was really targeted at preventing Georgia from presenting its message to the world through its communications platform and the Web,” Barnum said. “Obviously [the Georgians] can talk to reporters, but as more and more communications move to the Internet, with distributed blogs and all that, all the attacks that have happened were targeted at preventing Georgia from quickly and easily presenting the facts or their spin on what’s going on.”
“Anywhere you have organized crime, they leap in to take advantage of the news of the day,” David Perry, global education director for Trend Micro, said.
“If there’s an armed conflict between two nations and there are criminals in both nations, they would leap to take advantage of that, don’t you think?” he added
Georgia is especially susceptible because of its proximity to potential adversaries; its main Web communications lines go through Russia and Turkey. “This underscores the whole issue for evolving nations in the sense of how they’re projecting their presence on the Internet,” Ferguson said, “and who they have to rely on for connectivity. If your service is going next door to a country that might not be a friendly nation, they may want to rethink their plans on connectivity.”