Cyber war fears grow after Georgia Web sites attacked

Attacks that hit Georgian government and news Web sites after Russian tanks rolled across the border into South Ossettia last month have U.S. officials concerned that bands of independent “cyber militias” will increasingly wield power over international relations. The attacks in Georgia were distributed denial of service (DDOS) attacks that coordinate many computers to request information from a website simultaneously, causing it to crash or work only sporadically.

The Georgian government accused the Kremlin, saying the attacks were part of its war plan. New Scientist reports that U.S. analysts agree they originated in Russia but say they were more likely the work of politically motivated hackers, dubbed “hacktivists.” U.S. government officials are worried that groups with little or no connection to any state can now assert such influence. “In future warfare, governments aren’t going to be the only ones waging war,” said a senior U.S. military official, who wished to remain anonymous.

Serious international fears about cyberwar were first aroused in 2007 when serious DDOS attacks brought down many government and civilian sites in Estonia. They too were blamed on Russia, and led NATO to establish its first cyber defence centre in the country. The United States and other Western nations are particularly concerned because so much of their infrastructure is internet-linked. Power grids, banking systems, air traffic, and telecommunications are all potentially vulnerable to online attack. Cyberattacks are especially attractive to small groups because the technology required is easy and cheap to obtain. Sometimes just a computer and an internet connection are all you need, with the required software being available online at no cost. “It’s a great level playing field,” said Jose Nazario, senior technology researcher at Arbor Networks, a technology security company. “A gang can compete against the state,” he said. “Sometimes they can win.”

The attacks on Georgian Web sites were apparently synchronized with Russian troops entering South Ossetia on 8 August to crush a Georgian attempt to reassert Georgia’s control over the breakaway region. The conflict in cyberspace was not one-sided. Georgian authorities blocked most access to Russian news broadcasters and Web sites, saying they could not be allowed “to scare our population.”

Moscow has denied any role in the attacks, and experts point out that Russia could have used far more sophisticated methods and that the attacks do not fit with its apparent objectives. If the intention was to stop Georgia’s government communicating with its people, why attack its Web sites but leave television and radio broadcasting intact? Yet it is almost impossible to know whether the hackers received any official encouragement, highlighting another feature of cyberattacks. Their origins are hard to pinpoint, making it difficult for governments to respond.

Far more serious attacks than those that hit Georgia take place regularly, but get far less attention. The majority are used by criminals to extort money. No one has yet defined what would constitute an act of war in cyberspace — a task that nations must address, said General Gene Renuart, head of the U.S. Northern Command. “Is it degree? If you affect so many millions of people or so many millions of dollars or so many organizations, does that constitute a legal act of war?” asked Renuart, whose headquarters is charged with protecting the US homeland.

NATO members are committed to mutual defence should any member state be attacked. What it would take for that principle to apply in cyberspace is far from certain.