Thursday, January 29, 2009
Cyber Assault Cripples Web in Kyrgyzstan
It's almost like I'm watching Groundhog Day with Bill Murray, only it's actually Russia repeating their cyber attacks on post-Soviet countries. Read this piece from DefenseNews by William Matthews.
Kyrgyzstan, a former member of the Soviet Union, is the latest victim of a cyber assault that appears to originate in Russia.
Distributed denial-of-service attacks that began Jan. 18 have crippled Internet service in the mountainous Central Asian nation of 5.2 million on China's western border.
The attacks have been traced to Russian Internet addresses, according to Internet monitoring organizations and network security firm SecureWorks, based in Atlanta.
Denial-of-service attacks use a multitude of computers to contact Web sites simultaneously, overwhelming them and blocking legitimate traffic. The attacks have shut down most Internet service in Kyrgyzstan, according to the Information Warfare Monitor, a joint project of Cambridge University and the University of Toronto.
"The motivation appears to be political," the Information Warfare Monitor's Web page said.
The attacks may be intended to silence opponents of Kyrgyz President Kurmanbek Bakiyev who are active on the Internet. They may also be intended to pressure Kyrgyzstan to close an air base that is used by the United States for the war in Afghanistan, an arrangement Russia opposes.
The attacks on Kyrgyzstan are similar to attacks launched from Russia against Web sites in Georgia, before Russian troops invaded last August to drive Georgian troops out of two breakaway provinces sympathetic to Russia.
Those attacks shut down Web sites of the Georgia Ministry of Defense and other government agencies and defaced sites of Georgia's national bank and Ministry of Foreign Affairs. News sites also were attacked.
Although the cyber attacks did little real damage, the fact that they were coordinated with military operations appeared ominous.
In 2007, more extensive cyber attacks on Estonia disrupted banking and shut down Web sites of the Estonian parliament, government ministries, banks, newspapers, broadcasters and others.
Those attacks, too, were traced to Russia and came amid a violent Russian reaction to an Estonian decision to move a memorial to Soviet soldiers out of the central square in Estonia's capital, Tallinn.
With a third denial-of-service attack traced to Russia, "my guess is that the Russians, having gotten away with it twice, and generally enjoying it, have made it part of their operations," said James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies.
"It's also possible," he said, "that others are copying them or even hiring Russian hackers" to carry out the attacks. "If there is no risk and no penalty, countries will do it."
So far, the attacks have not been traced directly to the Russian government.
But Martin Libicki, a military and cyber expert at Rand Corp., cautioned against concluding that the cyber attacks are serious enough to be "a harbinger of 21st-century warfare."
Rather, "they are, perhaps, something to be concerned about," he said.