Is There Also A Russian Cyber War Against Georgia

By Larry Seltzer  |  Posted 2008-08-11 Print this article Print

Real people are dying at Russian hands in Georgia, but the reports of a cyber-war are not as clear.

There's no doubt that Georgia is being militarily attacked by Russia. Russia is dropping actual bombs deep inside the country, and it's not clear, at the moment, how far the attack will go.

There are also reports that cyber-warfare attacks are under way, and here the picture is less clear. Jart Armin's RBN Blog, which follows the infamous Russian Business Network, has been reporting that "RBN (Russian Business Network) now nationalized, invades Georgia Cyber Space." Armin has been directly relaying reports from the Georgian government in that entry and others.

These reports show government sites and critical infrastructure blocked by DDOS attacks. RBN Blog calls it "a full cyber siege of Georgia's cyber space" and an effective one: On Aug. 9, Armin wrote: "At this time all Georgia government web sites are unobtainable from US, UK, FR, and DE cyber space, as examples."

But there are other reports challenging some of these claims, and they have some merit. The first issue I'll point out has to do with the Georgian Ministry of Foreign Affairs, which has opened up a blog on Google's Blogger after stating, through the RBN Blog, that their official site had been taken down. Yet on Aug. 11, I got to the official Ministry of Foreign Affairs of Georgia Web site with no problem. The RBN Blog specifically warns that some sites claiming to be an official Georgian source may be fraudulent, but the site certainly seems to be holding the same positions as those coming through the RBN Blog.

Much of the analysis of the cyber aspects of the war focus on network maps and how Georgian Internet access connects to the rest of the world. The RBN Blog has some analysis of this, but its map is a bowl of spaghetti and impossible to follow. Much better is the analysis on the renesys blog, which also touches on the issue of oil pipelines, surprisingly relevant to the cyber-warfare issues.

The renesys analysis shows that there are certainly significant outages: "... up to 35% of the prefixes disappeared from the Internet, sometimes for long periods of time, and up to 60% of them were unstable." Yet they also say that none of these outages seemed to be permanent, surprisingly so for a war zone.

Gadi Evron, who was deeply involved in the resolution of the Russian cyber-war against Estonia, also argues that current events in Georgia don't seem to rise to the level of cyber-warfare: "While Georgia is obviously under a DDoS attack and it is political in nature, it doesn't so far seem different than any other online after-math by fans. Political tensions are always followed by online attacks by sympathizers."

What persuades Evron, and persuades me, is the knowledge that if Russia really wanted to take down Georgia's electronic infrastructure, and really had command of the RBN to do it, they could do it much more convincingly than what seems to be case right now. Things would be firmly shut down. What we have now appears to be the efforts of relative amateurs.

I hope nobody mistakes my sympathies in this case. Even if Russia were conducting full-scale cyber-warfare against Georgia, it would be small potatoes compared with the crimes it is committing with conventional war, in which we have been treated to pictures of bombed apartment buildings and dead civilians on the side of the road. Even if, as the Washington Post reported Aug. 11, Russian President Dmitri Medvedev is saying that military operations in Georgia are almost complete, the infamy of their actions will last.

But if Russia could have launched a cyber-war and didn't, why didn't it? That's the interesting question.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

For insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzer's blog Cheap Hack.


Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel