Slashdot Mirror

← Back to Stories (view on slashdot.org)

Expert Dissects Estonian Cyber-War

Posted by Soulskill on from the political-tube-cloggers dept.

Stony Stevenson points out an iTnews summary of a security researcher's account of the cyber-attacks on Estonia last year. The full report [PDF] is also available. We've discussed this internet-based conflict in the past. From the report: "In the days leading up to the attack, numerous clues pointed to a large-scale operation that was being planned online. Russian-language Internet discussion forums were abuzz with preparations for an online attack. Three days before the expected onslaught, Estonia planned to release the news of the coming strike in hopes that European media attention would oblige the EU to pressure the Kremlin to intervene, whether or not the attacks emanated from the Russian authorities."

1 of 172 comments (clear)

  1. Too bad. by cdrguru · · Score: 5, Interesting

    The Internet as it stands today is a consequences-free zone. Nations can't "do" anything about such attacks because there are no effective ways to conclusively track them back to individuals or even organizations. Even if there was, how much is some official going to do in China when handed a report of some kind of attack against some other country's computers?

    As continuously pointed out, an IP address does not identify an individual. Today, with today's laws, unless you leave clear tracks to other forms of identification just having an IP address does not connect a deed with an individual. You can threaten, harass, and, yes, DDoS, with impunity. I don't see this changing anytime soon.

    This pretty much means that any real online presence lives or dies by how much they draw attention to themselves and how motivated the attackers are. Estonia sounds like they were particularly vulnerable with little in the way of offline backup for basic services. This is not true in the US today, but it could easily be that way tomorrow. Could a group of disgruntled folks cripple government services in the US? Maybe. Given the current climate with laws, enforcement and international cooperation, there is no way that anyone outside the US would ever be prosecuted unless they bragged about what they did.