Cyberattacks on Georgia's sites continue

As a shaky truce that halted the military conflict between Russia and Georgia took hold today, Georgia’s Internet infrastructure continued to be plagued by cyberattacks, according to observers who have been monitoring the attacks.

Today, more than 20 Georgian government Web sites, three commercial financial institutions and two media outlets remain off-line, said John Bumgarner, the research director for Security Technology at the U.S. Cyber Consequences Unit. He has been monitoring the situation from the United States. The US-CCU is an independent, nonprofit research institute, originally established at the request of senior U.S. government officials.

The rash of virtual attacks that overwhelmed Georgia's Web sites in recent days coincided with the outbreak of the military clash between Georgia and Russia. The targets of the attacks have included Georgia’s National Guard Ministry of the Defense, the nation's presidential site, and Georgia’s parliament’s site, Bumgarner said.

Bumgarner explained that the number of Web sites off-line can fluctuate dramatically, depending on which offensive and defensive measures being employed.  Bumgarner said his calculations were based only on certain sites of interest, and thus the total number of sites off-line could be higher.

Yevgeniy Khorishko, a spokesman for the Russian Embassy in Washington, said Russian officials had nothing to do with the cyberattacks. He said Georgia was blocking Russian Web sites to prevent Russia' s point of view from being available in Georgia.

Given the nature of the distributed denial-of-service cyberattacks on Georgia's Internet infrastructure, experts say it remained impossible to determine who is behind the attacks.

“That’s the problem with distributed denial-of-service [attacks] — it’s really hard to identify the actor,” Bumgarner said. 

The attacks are similar to the ones that brought Estonia’s Internet infrastructure to a standstill in April 2007, as political tensions rose between Russia and Estonia. The tactics include botnet attacks, in which computers, hijacked and controlled remotely, are used to overload the country’s information technology infrastructure.

Lauri Almann, Estonia’s permanent undersecretary of defence, confirmed today that Estonia had responded to Georgia's request for assistance in dealing with the cyberattacks by sending two civilian Estonian computer experts to that nation. Estonia has also been hosting Georgian Web sites to help.

The experts “have experience from the recent attacks of last year that took place against Estonia,” he said. “The attacks are quite similar in nature there for we have been successful in using some of the lessons learned from April 2007.”

However, authorities have still been unable to confirm exactly who was responsible for the 2007 cyberattacks on Web sites in Estonia.

“As we all know the attribution is what is so unpleasant and dangerous with cyberattacks,” he said. “When you take a look at conventional warfare, there are no questions or very [few] questions about attribution…but when we look at cyberwarfare, attribution is complicated.”

Almann said the primary goal of the attacks appeared to be disruption of the Georgian government’s ability to disseminate information.

Bumgarner said the initial attacks used standard Internet Control Message Protocol packets to overwhelm the sites, but after these "ping" packets were blocked, the attackers quickly shifted to using the Hypertext Transfer Protocol—the protocol that most Web traffic uses to communicate.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.