In Georgia, a Parallel War Rages Online

Cyberattacks took down Georgian websites even before the bombs fell, but damage so far is short term.

By SHARE

Even before Russian tanks rolled across the Georgian border, the country was already under assault in cyberspace. The attacks, which involved sabotaging specific Georgian websites, began days before Russian warplanes launched.

These kinds of online assaults are notoriously difficult to trace, remarkably easy to mount, and increasingly common, particularly during times of conflict. Indeed, military planners now assume that cyberattacks—perhaps targeting critical infrastructure like power plants or communications networks—will most likely be part of future wars.

While the attacks in Georgia are Internet-based, they are far from the cataclysmic damage that military planners fear could become a regular part of 21st-century warfare. NATO, which has been watching the war in Georgia with alarm, has been examining cyberwarfare since 2002 and, in January, issued its first official policy doctrine on the issue.

The Air Force, meanwhile, in October is expected to debut its own cybercommand, a unit that will be responsible for deterring and, according to news reports, launching attacks. And the Bush administration has allocated some $6 billion for strengthening government networks against attacks.

Perhaps more troubling, however, is that cyberattacks like the ones being seen in Georgia may not even be linked directly to the Russian government, computer security experts warn. Instead, they could be the work of citizen hackers who are eager to help Moscow's war effort against its Black Sea neighbor.

The computer attacks, which continue against various Georgian websites, are called "denial of service" strikes. By infecting hundreds of thousands of private PCs with malicious computer code, hackers can mobilize a virtual army of zombie machines that simultaneously visit a given website in a deluge of artificial traffic.

When properly coordinated, the simultaneous actions of these zombie machines, called botnets, will overload computer servers, taking Web pages offline. The attacks are so easy to mount that hacker networks, particularly Russian organized-crime syndicates, rent their botnet armies for a few hundred dollars an hour—about the cost of a single AK-47. And that's if those who attacked Georgian sites had to pay at all.

Around the world, there are thousands of these types of botnet armies, which are frequently used for mischief. "We see attacks of this type all the time," says Andre Di Mino, director of Shadowserver, a nonprofit Internet security watchdog organization. "This one is particularly high profile but not particularly sophisticated."

Denial of service attacks, while pesky, are rarely all that damaging compared with other potential computer-based attacks, which could, for example, target an air traffic control system, a national railway, or power grid. Rebooting the servers, the computers where the websites are based, usually corrects the problem once the deluge of zombie website visitors has ended.

In fact, many of the sites under attack in Georgia were able to shift servers in a matter of hours and get back online in various capacities. "If a bomb falls, it can take years to rebuild, or someone might get killed. Once these attacks are over, you might have to restart the server. That's about all the damage they cause," says Jose Nazario, a computer security expert who tracks worldwide threats for the network security company Arbor Networks.

The sites targeted appear to be news websites and pages for the national parliament, the Ministry of Foreign Affairs, and that of the country's president, Mikheil Saakashvili. As the attacks continued late last week, the sites under attack shifted to new hosts, including an emergency blog created at blogger.com. "A cyberwarfare campaign by Russia is seriously disrupting many Georgian websites, including that of the Ministry of Foreign Affairs," read a message from the Ministry of Foreign Affairs of Georgia. "If you cannot access official Georgian government websites, please go to the following sites for the latest official government of Georgia news." The ministry was also posting dispatches on the site of Poland's president.


Corrected on : Corrected on 8/14/08: An earlier version of this story should have stated that Georgia is Russia’s neighbor on the Black Sea.