Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Real Impact of the Estonian Cyberattack

Posted by Zonk on from the mad-world-it's-a-mad-world dept.

An anonymous reader writes "News.com offers up an interview with Arbor Networks' senior security researcher Jose Nazario. He takes stock of the denial-of-service attack against the Baltic nation of Estonia, and considers the somewhat disturbing wider implications from the event. 'You look around the globe, and there's basically no limit to the amount of skirmishes between well-connected countries that could get incredibly emotional for the population at large. In this case, it has disrupted the Estonian government's ability to work online, it has disrupted a lot of its resources and attention. In that respect, it's been effective. It hasn't brought the government to a crippling halt, but has essentially been effective as a protest tool. People will probably look at this and say, That works. I think we're going to continue to do this kind of thing. Depending on the target within the government, it could be very visible, or it could not be very visible.'"

2 of 172 comments (clear)

  1. Re:Implementation Failure by 99BottlesOfBeerInMyF · · Score: 3, Informative

    That a whole country could be DOS'd is evidence of someone doing a bad network install. The network should never be down.

    This is a DDoS attack. The first "D" stands for "Distributed." When you have thousands of remote machines located in different places sending traffic to your network, preventing an outage relies upon being able to figure out which traffic is legitimate and which is illegitimate, and then filter the illegitimate. Having more diverse pipes does not really make a huge difference. Either legitimate and illegitimate traffic can come in over a pipe or they can't. If it can, the attack is blocking things. If it can't you just DoS'd yourself.

    The real trick here is the availability of clean or protected access from ISPs with the capability of detecting illegitimate traffic and filtering it, without stopping legitimate traffic. Many ISPs have this capability to one degree or another and a few have formally brought it to market as a differentiator for their service. I'm guessing the big ISPs in Estonia might be a bit behind in that regard, and are thus working with more capable peers to try and filter the attack further away in the cloud.

  2. Re:Implementation Failure by Anonymous Coward · · Score: 3, Informative

    Did you check some facts?

    Estonia: population 1,324,333 (less than 1,5 mio.) http://en.wikipedia.org/wiki/Estonia

    I would like to see some municipalities in USA of the size of Estonia to withstanding such cyber-attack.

    Do you realize that the number of adult inhabitants in Estonia is less than a number of employees at the biggest employer of USA? (http://www.usatoday.com/money/industries/retail/2 003-11-10-walmart_x.htm)
    Estonia is like New Hampshire or Maine or Idaho population wise. And than cyber-attacks are lounched from IPs of Russia government institutions.

    Russia once again showed who they are.

    And by the way: those Soviet soldiers buried near "Bronze soldier" ware killed 3 days after Nazi army left Estonia during WWII. Hint needed? They were killed in fights with local Estonians who wanted reinstate independence. So no "liberators from Nazis" only occupation power.

    The sad think EU depend so much on Russian gas and oil that little is done or said about all this.