Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russia and Georgia Engaged In a Cyberwar

Posted by kdawson on from the who-shot-first dept.

doctorfaustus writes "I first picked this up in bits and pieces last week off Daily Rotation. A more in-depth story is available at ZDNet, which reports 'a week's worth of speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia's Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the US, with Georgia's Ministry of Foreign Affairs undertaking a desperate step in order to disseminate real-time information by moving to a Blogspot account.' There is a question whether the computer work is being done by the Russian military or others. ZDNet's story offers further analysis of the attacks themselves and their origins. Some pretty good reporting." And reader redbu11 contributes the news that Georgia seems to be censoring access to all Russian websites, as confirmed by a Georgian looking glass/nslookup tool. The access is blocked on DNS level (Italy censored the Pirate Bay in the same way). Here are a couple of screenshots (in a language other than English) as of Aug 12th 5:40 pm: www.linux.ru nslookup — FAIL, www.cnn.com nslookup — OK.

ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."

36 of 276 comments (clear)

  1. Poor Atlanta... by polyomninym · · Score: 5, Funny

    It was just too dang hot for them to see it coming.

  2. Propaganda? by PacketShaper · · Score: 4, Insightful

    I am all for freedom of the press... but these two countries are more or less at war right now (whether they should be or not is topic for another discussion).

    It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.

    1. Re:Propaganda? by PacketShaper · · Score: 5, Insightful

      I don't see why not (if there was actually a declaration of war, which we will not get into).

      But since we invaded them, I would say it is absolutely reasonable for them to block our sites from their citizens.

    2. Re:Propaganda? by gnick · · Score: 5, Interesting

      It seems to me that it depends on the situation. If the war's on our soil, blocking communication with the enemy seems fine. It also seems just fine to block our troops access to our enemies sites when they're on enemy soil. Also, if we're on their soil, blocking access to our sites seems fine. Basically, you want to interfere with orders being issued to a saboteur or similar and make sure that your citizens aren't subjected to foreign propaganda (only domestic propaganda).

      Note that that's a very different thing than launching DDoS attacks on servers that blocks your enemies from accessing their own servers or communicating internally. That may be fine too depending on the situation. If you're disrupting military communications, that's probably OK. If you're blocking civilian access to sites advising them on emergency procedures or preventing them from accessing medical assistance, that's pretty shady.

      --
      He's getting rather old, but he's a good mouse.
    3. Re:Propaganda? by TubeSteak · · Score: 5, Insightful

      It seems perfectly reasonable to me for one country at war with another to stop information flowing in from the enemy to the local populace.

      If one country (Georgia) moves their websites to some other country (the USA) and the aggressor (Russia) continues the cyber attack, is the aggressor committing an act of war against the "other country"?

      If it isn't an act of war, what should the "other country" do about the attack on their infrastructure/website.

      --
      [Fuck Beta]
      o0t!
    4. Re:Propaganda? by gnick · · Score: 4, Interesting

      Sorry for the self-reply, but TFS just got more interesting with the computerworld thing.

      Assuming that Russia cyber-bombing Georgia's sites is a valid war-time maneuver, is it also OK for them to do the same thing to the servers in Poland and Estonia that are now hosting the offending sites? If those sites are dangerous enough to be considered targets, can hosting those sites be viewed in the same way as supplying weapons to Russia's enemies? Methinks that we'll see some ugly traffic between Russia and these Estonian and Polish servers (that Russia will of course disavow all knowledge of).

      Of course, the US is hosting too. Surely none of our Communist comrades would ever be brazen enough to launch attacks on servers hosted here? ;o)

      --
      He's getting rather old, but he's a good mouse.
    5. Re:Propaganda? by Machtyn · · Score: 3, Insightful

      Something about an errant bomb, a Chinese embassy, and during the wag-the-dog 90's era, seems to put a chill in me. Thank you for reminding me :-/

  3. Well, that's a relief by eln · · Score: 4, Funny

    I heard all this talk about a war between Russia and Georgia and got kind of anxious, but itturns out it's just a cyberwar. The media really should stop sensationalizing these things like that.

    1. Re:Well, that's a relief by MightyYar · · Score: 4, Insightful

      This was not started by Russia.

      Rather than getting into the "he did this, oh yeah, well he did this first" thing that will have us talking about Attila the Hun in short order... I'd just like to point out that Russia's latest response was pretty over-the-top.

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    2. Re:Well, that's a relief by MightyYar · · Score: 4, Insightful

      Though to be fair, if you go and kick a big, tough, strongman in the shins, you can't complain that he reacted disproportionally, and you're now in hospital.

      Oh, no question there. Georgia was definitely reckless here.

      but then they side with the Georgians against the mainly Russian South Ossestia.

      I'm new to this as well and am still catching up on history. But I think that the Russians are more interested in control than they are in the welfare of 70,000 people in South Ossetia. They stuck their nose into a civil war, and then complain when their "peacekeepers" (who actually seem to run the government) get killed in the process. And then granting South Ossetians Russian citizenship when they are still part of Georgia? Well, that's pretty brazen. Even more brazen is claiming that now "Russians" are being killed in South Ossetia. They have effectively annexed South Ossetia... and now are grabbing even more of Georgia to "protect" it.

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    3. Re:Well, that's a relief by Smauler · · Score: 3, Insightful

      Georgia never gave any Russians permission to act as "peacekeepers" in South Ossetia. If there were any armed Russian "peacekeepers" in South Ossetia they were operating illegally within another country's borders.

      Georgia is _entirely_ within its rights to police any province within its borders. None of the allegations of genocide etc have even remotely been substantiated. Russia invaded Georgian territory, that's all there is to it.

      South Ossetia is basically a tiny place, ie nowhere near the size of Kosova. If my town (Colchester, which has about the same population as South Ossetia) had a referendum, we might vote for independence from the UK. We wouldn't get it though.

  4. Re:let it loose! by Darkness404 · · Score: 5, Informative
    Wouldn't it be grey hat hacking?

    A grey hat, in the hacking community, refers to a skilled hacker who sometimes acts legally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

    A black hat hacker would hack the firewall in order to get credit card numbers.

    --
    Taxation is legalized theft, no more, no less.
  5. Re:You know what's great about Soviet Georgia? by baldass_newbie · · Score: 5, Funny

    Not as many white supremacists morons, either.

    I don't know, dude. This is the Caucasus we're talking about. Lots of Caucasians there.

    --
    The opposite of progress is congress
  6. Re:How much more of this until browsers adapt? by 42forty-two42 · · Score: 3, Interesting

    That's a terrible idea - the phishers would be all over that. Anyone who needs to override DNS should know how to do so themselves - and a IP-based address is useless for long-term use, so you wouldn't be able to use them in stable links either.

  7. Re:You know what's great about Soviet Georgia? by eln · · Score: 3, Funny

    I don't know, dude. This is the Caucasus [wikipedia.org] we're talking about. Lots of Caucasians there.

    Yah, but they're mostly self-loathing caucasians, as opposed to white supremacists.

  8. a Language other than English by seyyah · · Score: 3, Funny
    That's crack reporting there:

    Here are a couple of screenshots (in a language other than English)

    It's Georgian. In language and alphabet.

  9. Without country by Statecraftsman · · Score: 4, Interesting

    Cyberwar is global. What's to stop widespread vigilante justice against either side? What's to stop US or Chinese hackers from joining in independently to fight on the side they choose? When does blogspot or the Estonian site become the target?

  10. NOT CYBER WAR, It's something else... by davidsyes · · Score: 5, Informative

    I've listened to NPR yesterday about this, and the best experts have been able to say so far is that it is cyber VANDALISM. No major infrastructure has been crashed. Hospitals and such have not been imploded.

    There is even speculation that Georgians themselves crashed/trashed their OWN systems to exploit the current bad image Putin (yes, PUTIN is calling the shots, not Medvedev. Moreover, and ironically, a US-based outfit in, guess where... GEORGIA (yes, the state) offered and took on the hosting for the Georgian President's web site. Guess what? It wasn't working out. It was still being crashed/taken down. So, another party (seems to be Estonia) is helping out.

    I really fracking wish some of these sensationalistic headers on Slash would get slashed.

    http://www.npr.org/blogs/talk/2008/08/august_12th_show.html

    Now, given that Putin/Medvedev claim Russian advances are immediately ceasing (purportedly) there really isn't "cyber warfare" going on, isn't there? If things continue, or escalate, THEN it might truly eclipse the bounds into "warfare".

    --
    Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
  11. Re:How much more of this until browsers adapt? by Mr.+Slippery · · Score: 3, Informative

    Just like we can specify a URL like "http://username:password@www.somewhere.com/" can we come up with a way to specify a given virtualhostname at an IP address (say... "http://www.somesite.com>192.168.1.5/")?

    Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.

    --
    Tom Swiss | the infamous tms | my blog
    You cannot wash away blood with blood
  12. Re:let it loose! by Opportunist · · Score: 5, Insightful

    Define "legally" in a war...

    Seriously, black hat, white hat, grey hat or technicolor hat, it kinda loses meaning when legality itself isn't really applicable anymore.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  13. Re:How much more of this until browsers adapt? by SanityInAnarchy · · Score: 5, Informative

    Just put "192.168.1.5 www.somesite.com" in /etc/hosts, or whatever the Windows equivalent is.

    It's actually /etc/hosts, believe it or not.

    Well, or something like C:\Windows\System32\etc\hosts. But the format is identical, save for maybe using \r\n instead of \n (and I'm not even sure about that).

    Must be all that BSD code in the Windows IP stack.

    --
    Don't thank God, thank a doctor!
  14. Haha, LOL, but not really! by ShieldVV0lf · · Score: 3, Funny

    Georgia: c2c?
    Russia: Yes, I would love to cyber
    Georgia: 2 late lol..just got 3 msgs
    Russia: Die
    Georgia: ?
    Russia: I winnuke you
    Georgia: OH *@#@)(! I am still running win95!

  15. Re:How much more of this until browsers adapt? by scalarscience · · Score: 5, Informative

    Actually it's Windows\System32\drivers\etc (the file is hosts without any extension). On Vista UAC may block your access to the file by default as well, the easiest way to get around this (aside from disabling UAC altogether) is to run your editor with elevated privileges.

  16. In Soviet Russia... by scubamage · · Score: 5, Funny

    ...service denies you!

  17. Censoring access? I think not. by arcade · · Score: 4, Interesting

    I think the claim that Georgia is censoring traffic is probably misleading.

    What's happening is that they've got incoming DoS-attacks, and have probably nullrouted quite a few russian IP-ranges. This probably includes quite a few DNS servers, making DNS lookups fail.

    I haven't taken the time to _check_ any of this, but if you nullroute the DNS servers, of course DNS lookups will fail. If you're under a DoS, of course you nullroute quite a lot.

    --
    "Rune Kristian Viken" - http://www.nwo.no - arca
  18. Re:Uh? People? by Bryansix · · Score: 3, Insightful

    Wow, people just don't understand. The Internet is not down there. The packets get routed. It's the web servers that are being vandalized. The actual servers that host the actual content the Internet delivers. Hence, Garbage in, Garbage out.

  19. Re:let it loose! by morgan_greywolf · · Score: 3, Insightful

    Define "legally" in a war...

    See Conventions, Geneva.

    --
    My blog
  20. Re:let it loose! by beckerist · · Score: 5, Funny

    hmm...Russia....RED hat hackers?!? ehh? ehhh?? get it?!

  21. Hear from the security team defending the website by unity100 · · Score: 4, Informative

    here : http://www.webhostingtalk.com/showthread.php?t=714632 these are the people working at that atlanta web host, hosting georgian president's site from russian bastardiness. they havent had enough sleep in the few days but they made a fight of principle out of it.

    --
    Read radical news here
  22. Re:let it loose! by Kozz · · Score: 3, Funny

    hmm...Russia....RED hat hackers?!? ehh? ehhh?? get it?!

    So... red hats... a bunch of old ladies?

    --
    I only post comments when someone on the internet is wrong.
  23. Re:let it loose! by Opportunist · · Score: 3, Insightful

    Isn't "causing harm" the idea behind a war? I mean, if I don't want to hurt you, your country, your economy, why bother going to war in the first place? So I can shoot people legally?

    So is the attacking hacker a "black hat" and the defending hacker a "white hat"? I guess Russia would disagree.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  24. Isn't this an act of war against the U.S? by bigattichouse · · Score: 4, Interesting

    A foreign power is using illegally obtained U.S. resources (compromised PCs) to attack another power. I believe that is a serious breach of international law. It would be no different t

    --
    meh
  25. Re:let it loose! by A+nonymous+Coward · · Score: 4, Funny

    We need a "hat colour" for a war hacker. This will become a lot more common in the information age.

    Any takes on a good colour?

    Digital Camo of course. Sheesh, what's your excuse? Your UID isn't THAT high.

    --
    Infuriate left and right
  26. CyberWar Weapon by rafaelolg · · Score: 4, Funny

    Why don't russian just link some Georgia's site in slashdot? The chances of service survival after a slashdot rampage are minimal.

  27. Re:You know what's great about Soviet Georgia? by mabhatter654 · · Score: 3, Insightful

    because the USSR spent 70 years building a large economy out of those little states, and they moved a lot of people around to keep the piece. Then the 1990's hit, the wall fell and the USSR was carved up into little ethnic groups while NATO held a gun to Russia's head. Now that the US is over-committed it's a good time for Putin to grab some home points and get some wayward "states" back.

  28. Re:Poor Georgia...living under the Russian boot... by shutdown+-p+now · · Score: 3, Informative

    Russian troops have since then retreated from Georgian controlled territory back into Ossetia and Abkhazia. It seems that we have a ceasefire in effect now, for some time at least.