Russia-Georgia conflict shows new frontier in war

Soviet states in particular are poorly connected and increasingly reliant on Russia, he says. This is in part due to the legacy of the Soviet period, but now it has more to do with Russia’s ability to offer superior Internet service through its investments in infrastructure. The situation is somewhat analogous to the more-widely-noticed reliance that neighbors have on Russia’s energy pipelines. China and India have been laying even more fiber-optic cable than Russia, allowing them to offer cheap prices and snatch away much of the Asian Web traffic that at one time flowed through Palo Alto and Los Angeles, says Woodcock.

Shoring up the cyberdefenses of friendly governments could involve laying new fiber to be price-competitive with adversaries, establishing Internet exchange points, and building up expert strike teams that can respond rapidly to attacks, cybersecurity experts say. The Baltic nation of Estonia, which last year weathered significant cyberattacks, has dispatched two computer experts to help Georgia, according to Katrin Pärgmäe, an Estonian spokeswoman (see 15 May 2008 HS Daily Wire story). The attacks seen on Georgia were shorter, but more intense, than those seen in Estonia, says Jose Nazario with Arbor Networks, a network-security firm in Lexington, Massachusetts. They have also gone in both directions at times, with some limited attacks on Russian sites. Despite Russia’s military halt, cyberattacks were still reported against some Georgian sites as of press time Tuesday. “I don’t see a cybertruce, but I’m not seeing devastating effects as well,” he says.

Georgia was under cyberassault as early as 20 July, when the president’s Web site was barraged with traffic, according to André DiMino with Shadowserver, an Internet-based security watchdog group. The computer used to lead that initial assault, known as a denial of service (DOS) attack, was in the United States and was shut down fairly quickly, he says. Then DOS attacks resurged over the weekend, this time with a leading machine in Turkey. The locations of the machines mean little, however, since nefarious hackers and crime syndicates are able to hijack computers across borders.

Experts like DiMino and Gadi Evron, a former Israeli computer-security official, say they have seen no indication yet that the attacks are more sophisticated than something that could be done by hactivists. “It’s obvious they are suffering from serious attacks, but saying this is an Internet war is blowing it out of any possible proportion before we have more information,” says Evron. Others, including Alperovitch and Woodcock, see the DOS attacks as more sophisticated in the way they have choked the limited data pipelines that Georgia depends on. Indeed, much of Georgia’s remaining connectivity has come through non-Russian pipes, Woodcock says. Sources and methods aside, there is broad agreement that cyberattacks can be so cheap and distracting as to be a no-brainer once bullets start flying. Alperovitch describes such attacks as “psy-ops,” comparable to bombing radio towers to stifle an opponent’s ability to get its message out.

Georgia’s online retreat to Google was also no doubt demoralizing. In a long-term conflict, says Woodcock, such an attack could serve longer-term goals. “You can bet that these attacks have cost Georgia’s private sector far more than the perhaps $2,000 it cost the [perpetrators] to do them,” he says. “And in the long run, that loss of national productivity affects not only Georgia’s financial ability to wage war, but its people’s willingness to engage in it,” he adds.

-read more in Jeremy Kirk’s Computerworld report