- Case Studies – 1 Estonia 2007 :
The Estonian government had, almost completely, a web-based infrastructure.
A statue of a Soviet soldier in the capital, Tallinn, was moved from the city center to a war cemetery.
The reaction from the Russian population (both in Russia and of Russian heritage living in Estonia) was a large-scale denial of service attack against most of the day to day government services, news sites, banking, and e-commerce.
A sovereign state was prevented from conducting its functions for two weeks. Estonia is part of NATO and called for support to fight off this attack.
NATO Cooperative Cyber Defence Centre of Excellence was formally established in May 2008 in Tallinn, Estonia, to enhance NATO’s Cyber defense capability. The international effort includes Estonia, Latvia, Lithuania, Germany, Hungary, Italy, Poland, Slovakia, Spain, and USA as Sponsoring Nations.
Published a paper on the subject in November 2008 entitled “Cyber Attacks Against Georgia: Legal lessons Identified.” discussing possible applicability of the Law of Armed Conflict (LOAC) to the cyber attacks that occurred in August 2008.
LOAC is also known as the International Humanitarian Law, relies on two primary rule groups : jus ad bellum (justice to war) and jus ad bello (justice in war), rules for how a country proceeds to a state of war and, for it conducts its war effort.
- Case Studies – 2 Georgia 2008 :
South Ossetia became de facto independent from Georgia in 1991 but remained part of Georgia, with peacekeeping force of Russian and Georgian forces.
In August 2008 Georgia moved forces into South Ossetia to suppress separatist activities. Russia counterattacked to protect South Ossetia citizens.
Before they attacked, Georgian networks were attacked :
- Web page defacements
- Denial of services attacks against government systems,
- Specific malware launched and
- Spamming email flood attacks.
Problems with traffic getting out of Georgia (communication pipes running through the enemy’s territory).
A well-coordinated effort run by a group out of Russia.
No clear evidence of state direction or sponsorship .
- Case Studies – 3 Georgia 2009 :
In 2009, one year after the invasion of Georgia by Russian troops, the Georgian blogger Cyxymu became the focal point of a series of DDoS attacks that would end up taking Twitter offline and hampering Facebook access, inconveniencing millions of users.
The DDoS attack consisted of a combination of email spam, a TCP-Syn
attack, and a HTTP-query DDoS attack:
- Email spam (called a “joe-job”) was sent by a 300-node botnet normally affiliated with sending out online casino spam.
- The TCP-Syn attack was sent by a 3,000-node botnet.
- An HTTP-query DDoS eats up a server’s resources by sending more hits than it can process to its website.
To date, none of the individuals responsible has been identified, There was a definite lack of chatter on Russian hacker forums about this incident unlike the Russia-Georgia cyber war of 2008—implying that this was more likely to be a locally orchestrated small group of individuals rather than the call to cyber arms that was seen previously.
– Another Example of a CyberWarfare what happened between Google and China –>
- Case Studies – 4 Google 2009 :
Google announced they had been attacked by China (for information on dissidents and proprietary). Known as Operation Aurora.
Google threatened to pull out of China and stopped censoring search results .
Google shared information with the NSA and made it a national security matter
China, called by US Secretary of State, denied involvement.
It was a crime, but it heightened tensions between the two countries .
- Cyber War ?
So, has there been a cyber war ?
No country has declared a war or has openly stated they have come under a hostile act of war.
Some day, these acts may be considered acts of war
not everybody agrees that there is such a thing
Peter Eskandar's Blog 