Almost three weeks before the shooting war between Russia and Georgia began last August, online attackers started assaulting Georgia’s Web sites. Months after the cease-fire, the attackers’ identities remain a mystery. What is known suggests widespread vulnerability to such elusive attackers.
In July the foreign ministry’s Web site was defaced with a slide show comparing Georgia’s president to Hitler. In August hundreds of thousands of computers were taken over and linked into “botnets” that overloaded Georgian servers with junk traffic, hampering the nation’s efforts to communicate.
Georgian officials blamed the Russian government, but online attacks are notoriously hard to pinpoint. Hackers take circuitous paths to their targets, masking their origins.
Then the Russian Business Network, a shadowy Moscow cyber- criminal group, came under suspicion in media reports. The group disbanded more than a year ago, but cyber-security watchdogs claim that many of the same people, under a different name, were involved in these attacks. Finally, a journalist reporting in Slate discovered for himself how easy it was to wreak cyber-havoc. Simple, downloadable scripts allowed anyone to join the online pile-on.
Bill Woodcock, research director with the Internet infrastructure group Packet Clearing House, is cautious about assigning blame. “You’ll never be able to establish who was sitting in front of a computer from which an attack originates,” he says.