28 Eylül 2012 Cuma

There was no Georgia cyber-war

To contact us Click HERE
A common feature of "cyber-war" discussion is the 2008 event where Russia attacked the country of Georgia with "cyber" attacks coordinated with military attacks. However, there's no evidence the cyber attacks were by the Russian government, or that they were anything more than normal "citizen hacktivism".

Georgia looms large in "cyber-war" rhetoric because people believe they have a smoking gun in the way that "the cyberattackers appear to have had advance notice of the invasion and the benefit of some close cooperation from a state organ". But that's not really what happened. The conflict didn't start with a surprise attack by Russia. Instead, the attack by Russia was the result of escalating tensions over weeks, and was in direct response to the Georgian invasion of the province a day prior. Both the cyber-attacks and military attacks happened at roughly the same time because both were in reaction to the same events.

Russian hacktivists are involved in all of Russia's conflicts, bot internal and external. This leads to an "Occam's Razor" situation. We know that Russian hackers would DDoS and deface Georgian websites anyway. We have the forum posts pointing to this. When the Russian people get upset, they launch DDoS from their personal machines, and from the botnets run by the criminal gangs. Russian hackitivism explains the attack, adding "government direction" is superfluous.

Moreover, the other evidence points to hacktivists rather than military strategists. The attacks had no military value. Hackers went after high profile sites. Sure, they impacted Georgia infrastructure, but that was only a side effect. When those sites were taken out of country, the DDoS attacks followed, instead of continuing to hit Georgia infrastructure.

The situation is a lot like the paranoid conspiracy theories in the Muslim world that America must've been behind the "Innocence of Islam" film. It's because they can't conceive of things like that happening without state sponsorship. This stupidity is exploited by those who want to cause riots. In much the same way, those who wish to fan the flames of cyberwar exploit the sentiment that DDoS/defacements must be directed by a nation state.

When I bring this up, people demand that I present evidence to the contrary, as if it's up to me to prove that the Russian government wasn't involved. That's like demanding evidence that there are no UFOs. I'm not trying to prove that the Russian government wasn't involved, I'm simply pointing out that there is no evidence to their involvement. We know such cyber attacks come with all major conflicts, but attribution of those attacks is still speculation. Indeed, I would be unsurprised to find out that Russian government was involved -- I'm just saying that no evidence of this has yet been published.
Cyberwar is a serious thing. Sadly, most people pounding the drums of cyberwar are the non-serious type. How they approach the Georgia DDoS attacks is a good litmus test for their seriousness.


Update: The Statfor article on the event is a good example of how this nonsense works. It starts with the text: Russia's offensive against Georgia began not with tanks or fighter jets, but in cyberspace. ...Georgian government and media Web sites began to crash the night of Aug. 7 -- well before Russian troops emerged ... in the breakaway republic of South Ossetia the following morning

What this article leaves out is how Georgia had invaded South Ossetia on August 7, and how the cyber attacks were in response to that invasion (as well as in retaliation to Georgian hackers attacking Russian sites), and not a prelude to surprise attack. Likewise, the Statfor article points out that the website of the Georgia President had been DDoSed on July 20. This ignores the fact that the conflict had already heated up, with South Ossetia separatists having shelled Georgian forces on June 14, and that Russian jets had been overflying South Ossetia on July 9. The point is: these cyberattacks didn't happen in a vacuum, but where most likely the normal hacktivist response to events in the news.



Update: Some wikipedia references:
http://en.wikipedia.org/wiki/Cyberattacks_during_the_2008_South_Ossetia_war
http://en.wikipedia.org/wiki/2008_South_Ossetia_war
http://en.wikipedia.org/wiki/Georgia%E2%80%93NATO_relations
http://en.wikipedia.org/wiki/South_ossetia
http://en.wikipedia.org/wiki/Georgian%E2%80%93Ossetian_conflict

Some "analysis" of the Georgia cyber attacks:
http://usacac.army.mil/CAC2/MilitaryReview/Archives/English/MilitaryReview_20111231_art013.pdf
http://www.scribd.com/doc/6967393/Project-Grey-Goose-Phase-I-Report
http://www.scribd.com/doc/13442963/Project-Grey-Goose-Phase-II-Report

Hiç yorum yok:

Yorum Gönder