Slashdot Mirror
DoS Attacks on Estonia Were Launched by Student
As_I_Please alerts us to the fact that a 20-year-old Estonian student has been fined for participating in DoS attacks against various Estonian political and governmental websites last May. The situation was notable because it escalated tensions between Estonia and Russia when the latter was accused of initiating the 'cyber-attack'. Quoting:
"The fact that a single student was able to trigger such events is particularly ominous when you consider just how many potential flashpoints exist between various countries all over the world. The DoS attack against Estonia is an excellent example of how a cyberattack carried out by a 20-year-old student in response to real-life events further exacerbated an existing problem between two nations."
Computers launch students... into space like great hero cosmonauts!
WTF? A DDOS is a flash mob?
There are shills on slashdot. Apparently, I'm one of them.
it was found that the recent DoS attempt against arstechnica was launched by slashdot users everywhere
The DoS attack against Estonia is an excellent example of how a cyberattack carried out by a 20-year-old student in response to real-life events further exacerbated an existing problem between two nations.
Eh. How about the _only_ example?
Who wants to bet that this guy was a Nashi member?
So on what basis did Estonia accuse Russia of staging those attacks? This story was picked up all over the world and nobody bothered to check if they actually had anything resembling a proof?
While they may not have found evidence of any other people involved, it's unlikely that a single person could establish a botnet large enough to overwhelm anything on his own. The only answer I can think of is education - botnets exist because the owners of the zombie PCs simply don't recognize that it's a zombie. There is certainly an overall lack of regulation, too. As a domain owner, I see lots of abusive traffic and have absolutely no legal recourse to punish a perpetrator. Responsible network owners often help, but there's so few networks that are responsible that I usually assume they're not, forcing me to do what little I can at my own site to prevent further abuse.
For the student's part, he was only fined (I couldn't find how much in TFA). Not much deterrent to prevent him from doing it again. No leverage to find out who he was working with. The lack of clear laws in any country makes prosecution of such actions impossible. As a domain owner, I'd like to see civilized countries show some direction toward making prosecution of such activities a reality. Until then, it's "you hack me, I hack you" which is completely counterproductive.
"Please describe the scientific nature of the 'whammy'" - Agent Scully
Is it just me or have there been a lot of stories about "cyber wars", "cyber-attack"... lately (especially on slashdot). Is this going to become the next big thing, "The War on Cyber-Warfare" with new laws contently coming in place to help protect everyone from evil "hacker" teenagers bent on destroying the world, which no doubt will take away even more of the dwindling freedoms the american people still have left?
"In Soviet America, Passport Stamps You!"
You know I read this story and am reminded of Ronald Reagan's off the cuff but not off the air comment on an imminent nuclear strike on Russia. Sometimes a butterfly can cause a typhoon on the other side of the planet.
surely 'wargames' has been translated by now
Free kevin
the 10 word in the quote was changed
In Soviet Russia, you attack Estonia!
What do you guys got?
If I mod you up, it doesn't necessarily mean I agree with what you've said, sorry.
How was it that the United States got involved in Iraq, exactly?
He was using a TR(A)S(H)-80 from Radio Shack, IIRC. Probably a 1200 baud modem (not even Hayes compatible!), 64K of RAM and a CLI... He was probably a Real Programmer. Sadly I was born in '84, so I don't really remember it happening.
If I mod you up, it doesn't necessarily mean I agree with what you've said, sorry.
http://www.cnn.com/2008/POLITICS/01/10/paul.newsletters/
Are racists all illiterate?? I thought that was just a myth...
Remakes of Hackers and The Net, anyone?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I still have the freedom to call T-bone a noodle head. What am I missing?
Also annoyed kids, maybe? There are a lot more Chinese than Estonians. Maybe it all originates in one little shit-hole village. I don't know.
http://politics.slashdot.org/article.pl?sid=07/02/17/1936236
And even if not, maybe national security information doesn't belong on public networks, including the Internet. Just a thought.
All 19 hijackers were known terrorists 09-10-2001. Lack of FBI intelligence does not justify warrantless wiretaps..
Not to knock on anyone for being frugal, but they should really upgrade to something more secure than DOS.
Tsunami -- You can't bring a good wave down!
Do stories like this make any "Nobody cares what happens on the Internet" skeptics of Anonymous's recent communique change their minds?
in Estonia, students hack you!
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Then, following a pre-agreed signal, they all simultaneously open their trench coats and show everybody a confusing web GUI full of rounded corners and running on top of a proprietary plug-in.
Well, considering that it would be rater difficult to get Windows to do it...
Only one kid DDOS'ed goverment and news sites and created that mayhem? Right. So nobody bothers to mention that the student who was arrested had a Russian name - Dmitri Galushkevich ? Sure he may have the citizenship but he's not really Estonian. Just offspring of an immigrant. And he wasn't the only kid around here who helped to DDOS.
Plausible Deniability
In other words, there is no meaningful "first", unless you want to go back around 10,000 years. Almost everything that happened after that point was in direct retribution to what had happened before. That's one reason it will take a lot of effort to calm the region down - ten thousand years is a long time to build up grdudges and resentments -- and don't think a single one of them has been forgotten.
Getting back to the main topic, just as an aside, this is why societies can't survive for very long on a diet of paranoia, fear and resentment. Sooner or later, you'll get people who hate each other less than they hate some imagined collective enemy, and the shit will hit the fan at a speed approaching mach 2. I'm surprised that this sort of thing doesn't happen more often - students get an even rawer deal than most, even at the best of times, naturally form into groups, and generally have significant combined intellect and skills. This is probably the worst group to infuriate and should really be the first group to focus on getting support from.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Someone should create a mockumentary where a couple of hackers destroy worldwide economy and bring about the end of civilized life. They should do so using only tools that any hacker would know to be completely inadequate to do the job. Use vim, show screenshots of obfuscated perl scripts (especially variants of "Hello, world!"), and explain the dangerous uses behind commands like `kill|killall`, `dos2unix` (= denial of service 2 US networks integrating x86), mogrify and crash (because they sound menacing), and of course `php` (preferred hacking protocol). Make the whole thing extremely serious, demand that governments do something to protect citizens against these vulnerabilities, and see how much chaos you can cause.
You've got a job at my company.
Please contact me at my IP address through whichever exposed port is most convenient for you and we can set up a meeting.
Who here agrees that this is probably either a) A Putin-backed operation to get the blame off of Russia, or b) A joint effort of factions in the Estonian and Russian governments trying to "put that incident in the past". And/or bribes. I'm sorry, this whole thing is just a little too convenient, considering we're talking about an ex KGB guy who doesn't seem to have ever moved beyond plotting and assassinations.
That 'Estonian student' is Russian by nationality (surname is Russian).
For americans - in CEE countries citizenship and nationality are two different issues.
What I understand from the article (and the article isn't good journalism at all) prosecutors NOW have only one suspect (others are not identified - for comparison - how many spammers go to court in US comapred to all the spammers in a wild)
BTW a number of Russians in Baltic states (especially in Latvia and Estonia), even when they have local citizenship, they are not loyal to local governments, they are true "fifth column" (http://en.wikipedia.org/wiki/Fifth_column).
Cudos to Estonian ciber police for nailing down at least one of the crooks.
Just as I said when original discussion happened, Russian government was not responsible. Now, is Pentagon still ready to bomb cyberattackers? If yes, then next student with a grudge will finish off a country or two before we have a chance of intelligent machines or human-made bacteria to kill us all.
Hyperom.com
Quote: "The fact that a single student was able to trigger such events is particularly ominous when you consider just how many potential flashpoints exist between various countries..."
What nonsense. If governments put important messages on such "secure" places as roadside billboards, for example, then they should expect "hacks" like moustaches drawn on them, etc.
Others are not to blame if the government is clueless. The fact that it was so easy to do is a great indication that the government was in fact clueless. If they want to put something important somewhere and keep it "secure", then they are responsible for taking at least minimal measures to make sure that it is, in fact, secure.
They are just looking for someone to blame for their own incompetence.
Now they are trying to back out of an international embarrassment by blaming the geek. Classic...
Seven Days with Ubuntu Unity
Well, considering that a breeder would have rater too little time on his hands to do it... with his wife and all his kids.
Is USA a real country?
THis is what they want us to believe.
Sacrifice one student to the great god of world peace.
Once, the damage that young men could cause was limited because weapons were limited. Mind you, a machete is a pretty hazardous weapon. But give them RPGs or botnets, and the ability to cause a lot of damage escalates.
At the end of WW2, a lot of allied soldiers were traumatized because they had to shoot adolescent males. This is because they were equipped with weapons like fausts, and were totally irresponsible. They were simply emotionally and intellectually unequipped to understand what they were doing. They would surrender and then try to kill people. If they were treated kindly, they would take it as a sign of weakness and attack again. (I'm not suggesting that only adolescent males do malicious things on the Internet, but at least professional criminals want as few people as possible to know what they are up to, and are unlikely to cause public mayhem.)
The long term consequences of this could yet be that the irresponsible behaviour of the few will affect the many, when societies decide to block access to most of the Internet to all except an approved few. I don't have a clue what the right answer is, but if the IT community cannot come up with a means of regulation, governments may yet take its toys away.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Writing was not discovered, it was invented.
The saddest poem
I wonder how this will affect the Litvinenko case? Just the same pile of bullshit unfounded accusations against Kremlin!
The life of the Baltic states would not have been better regardless of which army occupied it. As a result these states have been occupied by the USSR for 50 years.
Let's not forget that Russia did not exactly bring freedom to Baltic States. They were independent before the war, but not after it. And many people died deported to Siberia, including infants most of whom died on the way there. Those are the facts.
.. where you can hack your way out just by playing games!
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Maybe they will think that all those kids learn their evil hacking ways playing too much MMPORG ...er..wait I still have an active account....
and will ban WoW,
It is also true that a lot of creativity comes from the young, especially in mathematics and the sciences. Middle aged people have children and big physical assets to manage, they don't have time to be as creative as someone who is still probably financially dependent on their parents, bursaries etc., though people who are ruthless enough manage to overcome that (Picasso, for instance.) I agree.
However, it is still true that adolescent males, through no fault of their own are more likely to have hormonal problems and a lack of knowledge of the world that makes them potentially more dangerous than other groups. If my original post is flamebait, then explain to me why insurance premiums for young male drivers are so high? It isn't old men forcing them to drive dangerously. And why do we use the term "script kiddies"?
The Estonian is not unique. We have just seen an IT guy (read the reports) in his twenties in a French Bank lose nearly 5 billion Euros after he, apparently, disabled the controls on the upper limit of his trading. Now tell me that events like this will not cause the (middle aged) bankers and politicians to start considering how this kind of downside risk can be minimised. Good for creativity and technical progress? No. Good for security? Apparently yes. Does the IT industry need to get its head out of the sand over botnets, Internet crime and general malice and find a fix before the politicians think they've found one? I think yes. And I would think you actually agree with me, except that anyone who thinks we have got this far just fine obviously doesn't read what's going on.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
During WW2, Estonia was annexed by the Soviet Union under the Molotov-Ribbintrop pact, which carved up eastern Europe between Stalin and Hitler. Hitler later reneged, and invaded the area assigned to Stalin, taking over the Baltic States (Estonia, Lativa and Lithuania). The Russians later retook Eastern Europe, and re-occupied the Baltics. They didn't leave until the early 90s. Many Russians resettled in Estonia during the occupation, mostly taking lower level jobs - the standard of living has always been better there than in Russia. They now form about 1/3 of the population.
In central Tallinn (the capital of Estonia) the Soviets set up a war memorial to the Soviet 'liberators' who died driving out the Nazis. To the Estonians, however, the 'Bronze Soldier' just commemorated a second occupation - one that went on for nearly 50 years. In 2007 the now-independent Estonian government decided to move the statue to a Soviet military cemetary in the edge of town. The ethnic Russian Estonians objected, as did Russia, and Putin personally called it a desecration. There were riots, and even one death in Tallinn.
The statue was moved, and it was at this point that the cyberattack was launched.
The kid accused is a Russian Estonian. It remains unclear who ordered the attack - Putin's gang could easily have provoked otherwise uninvolved hackers in the Russian diaspora to act.
The attack certainly served Russia's interests at the time, punishing a tiny, resented upstart for daring to act with sovereignty. That there is plausible deniability doesnt clear Putin and his ex-KGB cronies.
I remember all too well one of our apprentices who had what I can only describe as a remarkable car at the age of 21. How he afforded the insurance I have no idea. Then for some reason a remarkably attractive girl took a fancy to him. Six months later he was presented with an ultimatum, and a week later he turned up for work in a Renault Clio.
The power of love. And sex...from what I heard from the other apprentices, lots and lots of sex.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
For those of you who don't know, about 25% of the population of Estonia is ethnically Russian. These people do not see themselves as Estonian citizens, but as Russians who happen to live in Estonia. Russian is no longer an official language there. Note that the Russian population doesn't want to leave as life in the EU has a lot of advantages over life in Russia, but they hate the Estonian government. The Russians conveniently overlook the fact that their government forcibly incorporated Estonia into the USSR and the locals actually actively resisted with a guerilla movement into the early 1950's (look up Forest Brothers sometime at Wikipedia). The USSR resettled Russians and Ukrainians into Estonia to dilute the local nationalism and made Russian the official language. So it's no surprise that upon gaining independence that the Estonians dropped Russian as an official language. To become Estonian citizens, people had to take a test in Estonian, which kept a lot of Russians away from citizenship as they never bothered to learn Estonian in the USSR days. I would bet almost anything that the student involved is an ethnic Russian student. If you ever have a chance to talk to Russians from there, it's quite amazing what lengths they will go to to justify the USSR's barbaric policies against Estonia.
Even if this guy had no close conspirators, which isn't known at this point, it's been reported previously that there were a lot of participants that got riled up by some of the maybe more influential people. This article says that there were a bunch of script kiddies who took their cues from more experienced attackers. Dmitri Galushkevich probably did not mastermind all of that stuff. It's still unclear what exacly went on, as far as I can see.
This space reserved for administrative use.
The libertarian punchbowl has been polluted indefinitely by the Ron Paul turd. He did for Goldwater-style conservatism what Osama bin Laden did for Islam. Nobody's going to take those ideas seriously for quite a while, if ever.
I am very surprised about how the media shows this situation. It was not just a "Soviet era memorial". That was a tomb were soldiers who fought against Hitler were buried. The Estonians decided to take the bones and move them out of the city. Of course the Russians were upset, the graves were being violated.
It is worth noting that the soldiers were reburied in a cemetery and the Estonian prime minister put flowers on the new tomb, but still many people in Russia were angry.