-
Is Cyber a new warfare? Debate (catch all)
marct, you are correct. This was DDoS (Distributed Denial of Service) attack. If I remember correctly couple months ago there was info that US military established some kind of cyberroom protection command. I hope that NATO transformation command will keep eye on this issue. I thought yesterday morning that it's just internet that is not working, my gsm is ok. Then I remebered that 1 or 2 years ago there was mobile phone virus attack during Helsinki sports competition. 1 criminal just launched signal that spred like virus among people that had internet connection in their phones. This is the way we are going now. You don't have to bomb your enemy's infrastructure to influence his will. Maybe I'm underestimateing people and in the end we all like to live like Tyler dremt in "Fight Club", we all need just pair of leather pants to walk in this life :)
PS. Estonian ambassador left Moscow. This was just postive move by Estonia to help Russian elite to save their face after EU and NATO told them back off. You just can't tell kids, "Hey, this is enough. Go home!" Instead they said "Good job. You accomplished your mission!" Interesting is also this that Russian Duma delegation that visited Estonia were satisfied wiht things they saw in Estonia (statue was ok, police acted according to law etc). They couldn't say this after arriving to Moscow on Tuesday. Thay said this only after Kremlin told youth movements "Go home." on Thursday afternoon.
Here is BBC story about Nashi with Surkov's comment.
Quote:
"But of course we contact and support those who support us."
http://news.bbc.co.uk/2/hi/europe/6624549.stm
-
Thanks for the detailed post, Kaur !
Quote:
A good case in point is the script kiddies cyber attack - am I right in assuming it was a Denial Of Service (DOS) attack? If so, the scripts for that type of attack are readily available to any 10 year old - you don't even have to go to the dark net to get them . The question now is how are the service providers (and government) responding? What sort of IO campaign is Estonia going to put together for the international community? What sort of help are they asking for from NATO and the EU?
Hi Marc ! I translated the questionable link from last night and pasted it on the post. Sorry 'bout that ! You know, there are approx. 15,000 Estonians in Canada. Would it be fair to say you don't know any of them ? :eek:
Anyway, my 2 cents:
The Ministry gurus and some local providers commented that DDoS attacks are very easy to employ, but not that easy to nail down. The perpetrators often find links to regenerate disruptions and these are taken out or blocked one at a time. Most of our Ministry servers have merely created blanket blocking of outside connections until such time as they can get a handle on the disruptions. Last night, I couldn't get the SWJ site back, but most of the Estonian sites came up quickly.
We would all like to think that recent US and NATO grievances were key to halting disturbances in front of Estonia's Embassy in Moscow and I think Kaur hit it on the head, we can't simply slap them without a means of saving face. Sounds very African or tribal, but that always seems to be the case. Ambassador Kaljulaid's departure allowed them that face saving and gave them a way out. Well, that's what they say :wry:
The Rossiya Molodaya (Young Russia) youth movement said the departure of the Estonian ambassador from Moscow was a "significant victory."
Quote:
The only hint of a positive development in recent days came on May 3 when the pro-Kremlin youth groups, whose members had been blockading the Estonian embassy in Moscow, ended their seige, citing the reason that Estonian ambassador Marina Kaljulaid had left the country.
With the exception of the Prime Minister calling on the EU to speak, I don't know that Estonia openly asked for much assistance. The calls from NATO and the USA to Estonia's President and Prime Minister expressing support were key. The other former east bloc countries certainly played a role, but they don't have the 'bang' like NATO, the US Senate and Canada's Parliament.
Regards, Stan
-
Estonia holds suspect over 'cyber-attacks'
An inside man no less. Can't the Kremlin surf Google anymore ?
Quote:
Police arrested Saturday a 19-year-old Tallinn resident who is suspected of involvement in a wave of attacks against Estonian computer servers.
"The criminal police have detained the first person who stands accused in involvement in the recent cyber-attacks against Estonian servers," Kristiina Herodes, spokeswoman for the Estonian prosecutor's office, told AFP.
"Dmitri was posting on Internet forums calls to organise mass attacks against Estonian servers, called the DdoS attacks," Herodes said.
"He collected addresses of crucial Internet sites in Estonia and passed them in various Internet forums, instructing users to attack servers in Estonia," she said.
"Dmitri is the first person detained, but the investigation continues, as many of the attacks came from abroad, including from Russia," she said.
Many government web sites in Estonia have been forced to shut down during the past week because of the attacks.
-
First cyber attacker arrested
Well, Dmitri was not so innocent afterall :wry:
Quote:
Dmitri, a 19-year old resident of Tallinn and a student of higher technical education, was taken into custody today by the Central Criminal Police in connection with the recent cyber attacks against Estonia.
Dmitri is suspected of computer sabotage and of damaging connections to the computer network (Penal Code §206 and § 207). He actively participated on various Internet forums helping to organise cyber attacks, announced the spokesperson of the Public Prosecutor’s Office.
Dmitri independently volunteered and supervised other forum users in organizing the so-called DDoS attacks against several Estonian servers. As an Estonian resident, Dmitri had a good overview of the local Internet landscape and had the know-how for choosing targets. He instigated attacks against the web pages of local authorities as well as various political parties.
-
More on Dmitri?
Hi Stan,
Okay, I'll bite - can we get more information on him? Seriously, this is ringing off all sorts of pattern recognition bells in my mind. In particular, what forums was he posting on and who else goes there. Is this a parallel to how AQ recruits?
Marc
-
Cyber Wars ? "You are owned, Monkeys !
Hmmm, anyone wondering what Putin woke up to this morning on his server :cool:
The Estonian National Anthem has reportedly been 'cybered into' several Russian servers. Upon launching the site (I just tried it here), the Estonian's famous sinimustvalge begins :eek:
Along with the nice music pops the Estonian flag with this underneath:
Quote:
Estonia forever!
маскальским и сибирским л0хам превед из Таллина!
Unfortunately, Estonia's IT experts feel the three sites are the work of the Russian youth and not patriotic Estonians. The links have been up too long and the Windows version used is Russian.
-
More on Dmitri - Just for you Marc !
Quote:
Originally Posted by
marct
Hi Stan,
Okay, I'll bite - can we get more information on him? Seriously, this is ringing off all sorts of pattern recognition bells in my mind. In particular, what forums was he posting on and who else goes there. Is this a parallel to how AQ recruits?
Marc
I have no idea if this is how the AQ recruits. Estonian LE are calling him a criminal and little more. This is about all I could find from various info sources and the translations were 'quick and dirty' :D
Quote:
Summation:
The attacks entailed a broad array of techniques, which started with mere spamming posts to later well-coordinated DDoS attacks against the government’s IT systems. The cyber attacks were coordinated in Russian over the internet from computer networks and servers in Russia. Detailed instructions on how to act included topics about the nature and execution of attacks, as well as information about potential targets and attack timing.
Very basic instructions were disseminated on websites, in forums, and in chat spaces, precluding the user’s need for any knowledge or skills. The first attack took place on 27 April following the first night of rioting and was fairly simple. The portrait of the Prime Minister was defaced on the home page of the Reform Party (the PM with Hitler’s mustache) and initial DDoS attacks against Estonian government organizations. Some were successful, but normal operations were quickly restored.
Dmitri’s Role:
On the 28th however, serious attacks were being urged to forum members living in Estonia against Estonian web pages from addresses
http://2ch.ru and
http://forum.xaker.ru. Discussions were also taking place about how to finance the rental of server farms and botnets for a massive attack - A Trojan Horse application - needed to hijack computers. More than 1,500 users logged onto their chat lines and awaited instructions from the botnet. It is widely believed that, a Russian criminal gang rented the botnet in order to launch these attacks against Estonia.
Simultaneous orders to attack were being disseminated via the internet. Although the vast majority were primitive, they were effective for the purposes of creating chaos and confusion. The attacks were also discussed and coordinated in IRC environments. Consequently, there was a large incremental increase in spontaneous attacks carried out by individuals. On the 30th a number of very complex and sophisticated attacks were launched.
The attackers were able to dedicate substantial resources indicative of a well organized and financed enemy. By this time, the Estonian authorities had blocked the majority of internet traffic from ‘dot RU’ IP address extensions, as well as from many other foreign IPs. Somewhat later in the day the brunt of the attack shifted to the DNS system. Now seemingly human-friendly website names were utilized with the obvious intent of putting the entire DNS system out of commission, and cripple Estonia’s internet.
During the first week of May, some of these attacks were able to achieve temporary success against telecommunications companies providing internet services and Estonian media publications. The attackers covered their tracks by using global bot networks (not all located in Russia), proxy servers in third countries, and by distorting their IP addresses.
At least they're seeking help !
Estonia to discuss cyber-attacks with NATO, EU
Quote:
Estonia is to raise the issue of how to handle cyber-attacks against state computer systems in meetings with partner member states of the NATO military alliance and European Union, officials said Friday.
"If the ports of a NATO member country are under attack, it is considered an attack against the whole of NATO, and the military alliance comes to help," Defence Minister Jaak Aaviksoo said.
Regards, Stan
-
Security incidents in Estonia's Internet domain
"Last Friday, we hoped it was all over but the new massive attack against one of the biggest banks on Tuesday showed we were too optimistic.
"Cyber-attacks also have been launched against banks, newspapers, schools and many other institutions".
Estonia's second-biggest bank, Swedish-owned SEB Eesti Uhispank, was forced Tuesday to block access from abroad to its online banking service after it came under "massive cyber-attack".
-
Estonia, Nato and cyber warfare
Quote:
Nato has dispatched some of its top cyber-terrorism experts to Tallinn to investigate and to help the Estonians beef up their electronic defences.
"This is an operational security issue, something we're taking very seriously," said an official at Nato headquarters in Brussels. "It goes to the heart of the alliance's modus operandi."
http://www.guardian.co.uk/russia/art...081438,00.html
-
Hi Kaur,
Excellent article, thanks for the link.
Based on what has been posted in this thread so far, I wold hazard a guess that this started as an opportunistic attack with the political-symbolic environment being manipulated by the Russians. The Russian State gets plausible deniability and, at the same time, the types of attacks they want - i.e. "non-warfare".
There are some things I want to think through on how this operates but, my current thinking is that this is a form of symbolic warfare that will bite the Russians later one.
Marc
-
Quote:
Originally Posted by
marct
Hi Kaur,
Excellent article, thanks for the link.
Based on what has been posted in this thread so far, I wold hazard a guess that this started as an opportunistic attack with the political-symbolic environment being manipulated by the Russians. The Russian State gets plausible deniability and, at the same time, the types of attacks they want - i.e. "non-warfare".
There are some things I want to think through on how this operates but, my current thinking is that this is a form of symbolic warfare that will bite the Russians later one.
Marc
Hi Marc !
I'll let Kaur answer from his own perspective, but what the Estonian Govt. and LE are saying, this was well planned, executed and financed.
Dmitri is not talking, but based on his 'student' status and relative lack of money, he was living extremely well.
Quote:
Experts from Nato member states and from the alliance's NCSA unit - "Nato's first line of defence against cyber-terrorism", set up five years ago - were meeting in Seattle in the US when the crisis erupted. A couple of them were rushed to Tallinn.
Another Nato official familiar with the experts' work said it was easy for them, with other organisations and internet providers, to track, trace, and identify the attackers.
That said, NATO may be a touch concerned. Me Thinks !
-
Is cyber attack a new form of warfare?
BBC's 'Have Your Say' wants to know :confused:
Quote:
Are you in Estonia? Do you think that Russia is responsible for the attacks? How well protected are state websites against this form of harassment?
-
I'd like to use word virtual swarming to describe the activity of opponents that are attacking Estonian servers. At first it looked like volunteer internet riot. Word was spread in internet forums to attack Estonian servers. For people without special knowledge, there were given special instructions how to do this. They did this as volunteers and binding force was the idea that there was huge insult against Russian soul by Estonian government. They attacked from every direction. The sites that were attacked were first not so important. At present they are useing same method, but calibre of their weapon is much bigger (number of hijacked computers is very big). How have they acquired this, it is interesting to know. It is hard to belive that the number of volunteers has grown because it seems that situation is at least here is calm (Estonian ambassador is also back in Russia again and Russian media is quiet) and momentum is gone. Who has such capacity to attack so intensely? Now they are targeting important targets, Estonian banks. e-banking is very popular here, so people are really pissed off.
Here is BBC story "Estonia hit by 'Moscow cyber war'
http://news.bbc.co.uk/2/hi/europe/6665145.stm
It seems that opponent has red this book http://en.wikipedia.org/wiki/Unrestricted_Warfare
-
Denial it is then
"A Kremlin spokesman on May 17 refuted allegations of Moscow's involvement in the recent large-scale cyber attacks on Estonia’s government and private-sector websites that have been continuing since late April.
Deputy press secretary of the Russian president Dmitry Peskov said Russia can in no way be involved in cyber-terrorism and all claims to the contrary are an absolute lie, BBC Russian Service reported.
The official website of the Russian president is the target of hundreds of attacks every day, Peskov countered, and IP addresses of the computers from which they come implicate many countries in all parts of the world."
Meanwhile, Estonia’s national security police have said that the nation’s Constitution Party, which ran but did not win any seats in the March parliamentary elections, is managed and financed by the Russian authorities
-
Cyber Assaults on Estonia Typify a New Battle Tactic
19 May Washington Times - Cyber Assaults on Estonia Typify a New Battle Tactic by Peter Finn.
Quote:
This small Baltic country, one of the most wired societies in Europe, has been subject in recent weeks to massive and coordinated cyber attacks on Web sites of the government, banks, telecommunications companies, Internet service providers and news organizations, according to Estonian and foreign officials here.
Computer security specialists here call it an unprecedented assault on the public and private electronic infrastructure of a state. They say it is originating in Russia, which is angry over Estonia's recent relocation of a Soviet war memorial. Russian officials deny any government involvement
The NATO alliance and the European Union have rushed information technology specialists to Estonia to observe and assist during the attacks, which have disrupted government e-mail and led financial institutions to shut down online banking...
-
Estonian embassy's attackers' modus operandi.
Quote:
Some 15,000 volunteers donned red jackets, with putin's communicators emblazoned on the back, and spread out across Moscow distributing brochures and 10,000 specially made SIM cards for mobile phones. The cards allowed users to send text messages to the Kremlin—to be answered promptly by Nashi volunteers. Recipients were also instructed to use the cards to report any signs of an incipient Orange revolution. In that event, the cards would instantly relay text-message instructions on what to do and where to rally. "We explained to Muscovites that we should all be prepared for the pro-Western revolution, funded by America," says Nashi activist Tatyana Matiash, 22. "People must know what to do to save their motherland in case their radio and TV stop working."
I'd like to speculate that this is the way to disperse cyber attach methods against enemy via internet among memebers and symphatizers.
Quote:
Not to be outdone by Nashi, the Chelyabinsk chapter of the Young Guards recently staged a training session in how to combat a possible Orange revolution in their city. A hundred volunteers with orange bandannas pretended to storm the local television station; Young Guards mobilized to defend it. The day ended with Guards wielding baseball bats to smash up an "Orange" tent camp, much like that erected on Maidan Square in Kiev two years ago.
Quote:
They are lectured by top bureaucrats and politicians, including Deputy Defense Minister Yury Baluyevsky and the thuggish Chechen President Ramzan Kadyrov—honored as a "Young Politician of the Year" at last year's Nashi congress.
http://www.msnbc.msn.com/id/18753946...wsweek/page/2/
-
Cyber Estonia EU's front line
The recent attacks on Estonia's internet infrastructure have led to speculation that Estonia may become NATO's cyber warfare test bench. A Defense Ministry IT expert said plans for establishing a NATO cyber defense center in Estonia had existed for over a year and suggested that recent attacks should be considered cyber terrorism. "They should be clearly designated as such because they were instigated by political propaganda which is how terrorist groups find new members." There are plans to begin training Estonian cyber sleuths by the end of 2007.
-
For Estonia and NATO, A New Kind of War
22 May Washington Post commentary - For Estonia and NATO, A New Kind of War by Anne Applebaum.
Quote:
And now for a quick quiz: A European country -- a member in good standing of NATO and the European Union -- has recently suffered multiple attacks on its institutions. Can you (a) name the country, (b) describe the attacks and (c) explain what NATO is doing in response?
If you can't, don't worry: NATO itself doesn't quite know what it is doing about the attacks, despite the alliance's treaty, which declares that an armed attack on one of its members is "an attack against them all." The country is Estonia -- a very small, very recent member of NATO; the attacks are taking place in cyberspace; and while the perpetrators aren't exactly unknown, their identities can't be proved either...
-
The Moscow Times
"Web Sites Under Attack in a Murky War"
Quote:
Estonia has created a stir with its accusations that Kremlin-based hackers targeted government web sites. But it is not alone in grappling with cyber attacks.
Hackers in recent months have targeted outspoken pro-Kremlin youth groups, opposition forces, ultranationalist organizations and media outlets, crashing their web sites with what is known as Distributed Denial of Service, or DDoS, attacks -- the same type of attack that Estonia says was launched against its sites.
http://www.themoscowtimes.com/storie...05/24/003.html
This article is accessible only today, 24.05.2007 :(
-
EU Commissioner supports Estonia
From yesterday's Postimees:
During a discussion of the forthcoming European Parliament resolution on Estonia, EU Commissioner for External Relations Benita Ferrero-Waldner expressed support for the country.
The EU Commissioner called the blockade of the Estonian embassy in Moscow and also the cyber-attacks on the servers of Estonia’s state institutions “unacceptable”, the EC’s press service said.
According to Ferrero-Waldner, there have been no violations of human rights in Tallinn. and the relocation of the Bronze Soldier statue was done with due consideration for all of Estonia’s obligations.
The EU Commissioner said she was aware that the relocation of the statue had become a “sore issue” for Estonia, adding that she regretted the protests in Tallinn had ended in the wrecking of shops and kiosks.
“People have a right to express their views, of course, but not by such means. For example, the blockade of the Estonian embassy in Moscow is unacceptable,” Ferrero-Waldner said.
“I’m concerned about the cyber-attacks on Estonia. We have voiced our concerns to Russia, and will do so in future,” the EU Commissioner added.
According to her, the EU will continue to follow what happens in the sphere of trade between Estonia and Russia.
On Thursday the European Parliament is planning to adopt a resolution on Estonia.
-
Column from last Economist "Cyberwarfare update."
Quote:
Called a “distributed denial of service” (DDOS) attack, this at its peak involved more than 1m computers, creating traffic equivalent to 5,000 clicks per second on some targets. Some parts were highly co-ordinated—stopping precisely at midnight, for example. Frank Cilluffo, an expert formerly at the White House, says that the attack's signature suggests that more than one group was at work, with small-time hackers following the initial huge sorties.
http://edwardlucas.blogspot.com/2007...re-update.html
-
Quote:
Originally Posted by
Tc2642
In addition, may I ask any of the other members of this board, but is this the first time such a massive cyber attack has been launched by a nation state against another state or are their other examples of this ilk?
Regards
TC2642
TC, My military buds in Norway remind us of the following:
-
In Estonia, War Fears Turn to Cyberspace
29 May NY Times - In Estonia, War Fears Turn to Cyberspace by Mark Lander and John Markoff.
Quote:
When Estonian authorities began removing a bronze statue of a World War II-era Soviet soldier from a park in this bustling Baltic seaport last month, they expected violent street protests by Estonians of Russian descent.
They also knew from experience that “if there are fights on the street, there are going to be fights on the Internet,” said Hillar Aarelaid, the director of Estonia’s Computer Emergency Response Team. After all, for people here the Internet is almost as vital as running water; it is used routinely to vote, file their taxes, and, with their cellphones, to shop or pay for parking.
What followed was what some here describe as the first war in cyberspace, a monthlong campaign that has forced Estonian authorities to defend their pint-size Baltic nation from a data flood that they say was set off by orders from Russia or ethnic Russian sources in retaliation for the removal of the statue...
-
I'm a cyber terrorist
Konstantin Goloskokov, Commisaar of the pro Kremilin youth movement and self described Cyber Terrorist said he and a few friends were responsible for one of the attacks against Estonia's internet infrastructure.
In an interview with a Russian newspaper (non-specific), Goloskokov said he had initiated one attack from the separatist Moldovan region of Transnistria and employed botneted computers high jacked in Germany, Hungary and South Korea.
Goloskokov said he could brag abpout his misdeeds because cyber terrorism will not be punished in Transnistria.
-
About cyber attacks
Quote:
To put this in perspective, the most crippling of the Estonian attacks had peak rates averaged over a 24 hour period of about 4 Mpps. 4 Mpps is a very large attack, and while less than 1% of the attacks we see exceed the Mpps mark, these attacks are nothing to ignore, pretty much regardless of who you are or what’s motivating an attacker.
http://asert.arbornetworks.com/2007/...-considerable/
http://asert.arbornetworks.com/2007/...mmary-to-date/
Here is 1 essay about nature of cyber war
http://www.schneier.com/blog/archive.../cyberwar.html
-
Estonia's Minister of Defence discusses cyber defence and Iraq with Polish MOD
On Tuesday evening, the Minister of Defence, Mr. Jaak Aaviksoo, met with his Polish counterpart, Mr. Aleksander Szczygło, in Warsaw. The ministers discussed international operations, air policing and cyber defence during a very friendly and open meeting.
Quote:
After the meeting, the Polish Defence Minister, who rendered unwavering support to Estonia during the disturbances in April and the subsequent cyber attacks, said, “Estonia is the first example of a situation where the threat was real, not imagined.” He continued by saying that, “ we cannot pretend nothing happened, and NATO must take it very seriously.”
Quote:
Both ministers were of the opinion that the withdrawal of forces from Iraq would be unacceptable in light of the current situation.
More here...
-
While it's important to recognize the importance of defending one's cyber-infrastructure, these attacks were basically anything a 15-year-old with a botnet could put together. From where did the 'state-sponsored' ball get rolling?
-
Quote:
Originally Posted by
AFlynn
While it's important to recognize the importance of defending one's cyber-infrastructure, these attacks were basically anything a 15-year-old with a botnet could put together. From where did the 'state-sponsored' ball get rolling?
Hi AFlynn,
This situation was far more than one expected (at least here). While most would agree that anyone with a botnet could put this together, the situation was much more than just a few teens with botnets.
This link in kaur's post above gets a tad technical, but does a good job of explaining what really took place and to what extent.
Quote:
Largest attacks we measured: 10 attacks measured at 90 Mbps, lasting upwards of 10 hours. All in all, someone is very, very deliberate in putting the hurt on Estonia, and this kind of thing is only going to get more severe in the coming years.
Links around the net to more information about the attacks:
* Russia accused of unleashing cyberwar to disable Estonia, The Guardian, May 17, 2007.
* Estonian and Russia: A cyber-riot, The Economist, May 10, 2007.
* Massive DDoS attacks target Estonia; Russia accused, Ars Technica, May 14, 2007.
* 9th of May on the F-Secure Weblog. Additional news from them: Update on the Estonian DDoS attacks on April 30, and Unrest in Estonia, published on April 28, 2007.
Quote:
We’ve seen 128 unique DDoS attacks on Estonian websites in the past two weeks through ATLAS. Of these, 115 were ICMP floods, 4 were TCP SYN floods, and 9 were generic traffic floods. Attacks were not distributed uniformly, with some sites seeing more attacks than others
-
More Defense for Estonia from Cyber Attacks
SECDEF Gates Urges NATO Ministers To Defend Against Cyber Attacks
Quote:
BRUSSELS -- At a meeting of allied defense ministers, U.S. Defense Secretary Robert Gates urged Western nations to begin planning how they would respond to a cyber attack, said a senior defense official. His call to action, issued to his colleagues at a session Thursday, followed an unprecedented cyber assault on Estonia that briefly shut down its electronic banking system earlier this spring.
-
We may never see a digital Pearl Harbor,
"but I am sure we will see many more digital skirmishes."
BH Consulting’s Security Watch Blog reports on Botnets - Digital Weapons of Mass Destruction?
Quote:
What is interesting to note in Estonia’s case is that the Internet itself is their critical infrastructure. Therefore the attackers did not need to target the traditional SCADA systems in order to create havoc to Estonia’s critical infrastructure and its economy.
Despite some claims that these attacks are
the first case of Cyber Warfare, this is not necessarily the case;
1. The United States has admitted to using Cyber Warfare in the Kosovo conflict
2. China has been accused of concerted attacks against US government systems, otherwise known as
Titan Rain
3. In 2005 the UK NISCC stated that
foreign powers are the main cyber threat to the UK’s critical network infrastructure.
4. Regional conflicts such as those between India and Pakistan and the Israeli-Palistinian conflict have also led to online attacks against each other.
Whether or not the attacks were state sponsored or the work of activists, they highlight that Botnets are moving up the food chain from being spam distribution agents and may now be considered Cyber Weapons of Mass Destruction. Will these Botnets become the equivalent of the nuclear deterrent from the Cold War?
Russia 'hired botnets' for Estonia cyber-war
Quote:
The Russian authorities have been accused of buying time on illegal botnets to launch a denial-of-service attack against Estonia.
The Asymmetric Threats Contingency Alliance (ATCA), which comprises arms groups and financial services companies, claims to have uncovered evidence of alleged collusion between Russia and the botnet owners.
ATCA said that the botnets were rented for only a short period to boost the number of attacking computers to over a million.
'In a sign of their financial resources, there is evidence that [Russia] rented time from trans-national criminal syndicates on botnets', it added.
-
Smoke and Mirrors for the Public Eye
With both eyes open, something else may be seen behind the veiled curtain, pretending to investigate NASHI and Young Guard.
Security Officials Mull over Censorship on the Net
Quote:
Authorities must have a legal control over the Internet “to step efforts to fight with extremism,” Russian Deputy Prosecutor General Ivan Sydoruk said Thursday in yet another piece of criticism from the silovikis of slack oversight of the net. Human rights activities say that any state control over the Internet will create persecuted “cyberdissidents.” IT specialists argue that censorship in the Internet is next to impossible.
“The Internet is often a place for circulating extremist leaning information,” Ivan Sydoruk told a police conference in Rostov-on-Don on Thursday. “We need to work out an effective system to control the data released there in line with law.”
In another recent anti-Internet statement, Federal Security Service Director Nikolay Partushev called for strict control over the net. “There are currently 5,000 web-site run by extremist organizations and movements,” he said on June 5.
-
Bush Tells Estonian President He's Worried by Cyber Attacks
From the Moscow Times regarding Estonian President Ilves's visit with President Bush in Washington
Quote:
WASHINGTON -- U.S. President George W. Bush, acknowledging he could stand to "learn a lot" about cyber-security, expressed concern Monday over the high-tech hacking that crippled computer systems in Estonia.
Bush praised Estonia's president, Toomas Hendrik Ilves, for sharing information on how to deal with such security breaches.
Estonia suffered cyber attacks against its government and corporate web sites at the hands of Russian hackers last month, in what it says was retribution in a dispute with Moscow over the relocation of a Red Army statue in downtown Tallinn.
The Russian government has denied involvement.
Bush stayed away from the touchy matter, instead focusing on the lesson of vulnerability for the United States.
"Thank you for your clear understanding of the dangers that imposes not only on your country, but mine and others as well," Bush told Ilves after a meeting at the White House.
Bush praised Estonia for contributing troops to the U.S.-led wars in Iraq and Afghanistan. He briefly noted the latest suicide bombing in Baghdad on Monday, which killed at least 12 people, including a U.S.-allied tribal sheik.
"All the more reason, Mr. President, for us to remain firm and strong as we stand for this young democracy," Bush told Ilves.
Ilves thanked the United States for standing by his country's quest for independence "even in the darkest of times."
-
Mice, not men the key as Estonian army enters cyber age
A very interesting article regarding Estonia's cyber wars and potential to Establish a NATO center for excellence, recently approved by the POTUS and SECDEF Gates.
Quote:
Tallinn - For a top-secret military base, Estonia's centre for cyber-defence looks remarkably like a genteel university. Chairs stand in neat rows in the classrooms, facing blackboards covered in arcane symbols. Vast orange armchairs ring the common room, and in one corner a coffee machine splutters belligerently.
The scene is as far from any fictional secret bunker as could be imagined, but it is a battlefield nonetheless - and one where Estonia (population 1.34 million) punches well above its weight.
"Today, Estonia is an opinion leader. People are looking for answers to cyber threats, and they have started to ask for our advice; we now have to do a lot of work to move from being an opinion leader to being a leader in the field," Tammet said.
-
"Cyber Attacks Engulf Kremlin's Critics"
Quote:
A political battle is raging in Russian cyberspace. Opposition parties and independent media say murky forces have committed vast resources to hacking and crippling their Web sites in attacks similar to those that hit tech-savvy Estonia as the Baltic nation sparred with Russia over a Soviet war memorial.
http://www.washingtonpost.com/wp-dyn...070100009.html
-
Estonia calls for international convention to fight cyber crimes
From International Herald Tribune and AP:
Quote:
Estonia's government on Thursday called for an international convention on combatting computer-based attacks like those directed against the Baltic state in late April-early May.
Global ratification of the convention would establish "a strong legal basis to fight cyber crimes," the Economic Affairs Ministry said in a statement.
Signatory countries would cooperate in preventing computer-related crimes and tracking down organizers of cyber attacks.
The Estonian government also approved a number of measures to bolster the country's defenses against such cyber attacks in the future. In the words of Estonian ministers, future attacks "could be directed against the confidentiality of information systems and integrity of data."
The European Union and NATO, of which both Estonia is a member since 2004, expressed their concern about the cyber war waged against the Baltic country.
-
Hackers descend on Las Vegas for conventions
Apparently Estonia's recent bout with DDoS was a much larger problem than most thought.
Quote:
LAS VEGAS: The threat of online data theft is becoming worse as criminals grow increasingly sophisticated at pilfering information from companies, government agencies and consumers, a former White House security adviser said Wednesday.
Influencing much of the discussion at the Black Hat and Defcon conventions are two major computer attacks this year — a well-coordinated strike on the Baltic state of Estonia that crippled the Web sites of banks, media outlets and government agencies, and a data breach at the parent company of T.J. Maxx and Marshalls stores that exposed at least 45 million credit and debit cards to potential fraud.
-
On the cyberwar
Hi Kaur and Stan,
I'm working on a paper right now that is using the cyberwar in Estonia as a case study. I'm having some difficulty finding out which specific sites where attacked and what the exact timeline was. Any information you may have and would be willing to share would be appreciated.
Thanks,
Marc
-
Quote:
Originally Posted by
marct
Hi Kaur and Stan,
I'm working on a paper right now that is using the cyberwar in Estonia as a case study. I'm having some difficulty finding out which specific sites where attacked and what the exact timeline was. Any information you may have and would be willing to share would be appreciated.
Thanks,
Marc
Hey Marc !
The only list I've seen to date is from Arbornetworks:
Later Estonia's major banks took hits:
www.hansa.ee
www.nordea.ee
www.seb.ee
If you need something more, let me know.
Regards, Stan
-
Cyber attacks not the work of the Kremlin
Computerworld's recent article from Black Hat: "Estonia attacks an example of online rioting. There are lessons for companies that must deal with large-scale Web attacks."
Quote:
A series of online attacks that seriously disrupted Web sites belonging to several banking and government organizations in Estonia earlier this year may have been perpetrated by a loosely organized, politically motivated online mob, a security researcher suggested today at the Black Hat 2007 conference.
The attacks hold several lessons about how large-scale Internet attacks can unfold and the responses that may be needed to deal with them, said Gadi Evron, security evangelist for Israel-based Beyond Security. "The use of the Internet to create an online mob has proven itself and will likely receive more attention in the future," following the Estonia attacks, said Evron, who wrote a postmortem report on the incident for the Estonian CERT.
Initial media reports suggested that the denial-of-service (DoS) attacks may have been organized by the Russian government in retaliation for Estonia's decision to move the statue. The reality, however, is that the attacks were carried on by an unknown number of Russian individuals with active support from security-savvy people in the Russian blogosphere, Evron said.
Many Russian-language blogs offered simple and detailed instructions to their readers on how to overload Estonian Web sites using "ping" commands, for instance, Evron said. The bloggers also kept updating their advice as Estonian incident responders started defending against the initial attacks.
-
Estonia issues arrest warrant for Russian citizen
TALLINN, Estonia: Estonia has issued a European arrest warrant for a Russian citizen accused of calling for the overthrow of the Baltic country's government via the Internet.
Quote:
A 23-year-old Moscow resident identified only as Aleksei was charged with "inciting the violent disruption of Estonian independence" in late April.
Estonian state prosecution spokeswoman Kristiina Herodes said prosecutors were forced to seek the European arrest warrant, after Russian authorities refused assistance in bringing Aleksei to trial in Estonia.
Authorities allege he spread Internet messages on April 28 calling ethnic Russians living in Estonia to join a violent coup d'etat — under the banner of the "Russian Resistance Army" — and topple Estonia's government.
A joint group of Estonian authorities, including security police and Internet experts, were able to track down the man with the help of IP addresses and his home Web page, Herodes said.
-
Malware from Russia with Love on Its Way to You
Not directly Estonian, but definitely related.
-
Actually, more than most think
Hey Marc,
In fact, what you posted is indeed Estonia related. I've lost count, but managed to capture some of the IPs for our IT wizards.
The F Secure and Norton anti-virus programs we use indicate the same Russian-based IPs nearly every day, even on my home PC.
Quote:
Security professionals and analysts said they were not surprised by the figures.
"Recent statistics indicate that one in every 10 Web sites is infected with malware," said Forrester Research analyst Chenxi Wang. "Therefore it is highly likely that an unsuspecting Web consumer—one that does not have adequate protection in place—would encounter a malware hosting Web site browsing the Internet."
-
-
A Virtual Embassy
TALLINN (AFP) — "Tech-savvy Baltic state Estonia is to open an embassy in the Internet fantasy world Second Life, joining the likes of Sweden and the Maldives, the foreign ministry said Friday."
Quote:
embassy will be located in the Second Life website, that has nearly 10 million registered users and already hosts a virtual site of Sweden," Marten Kokk, deputy chancellor at the ministry, told AFP.
Second Life is a commercial online virtual world in which people -- and animals -- are represented by animated avatars and can do everything from social activities to shopping.
It has pulled in more than 9.2 million users since it was set up in 2003 by San Francisco-based Linden Labs.
Second Life and other virtual worlds are drawing a growing number of shops and companies that use them as a marketing vehicle, and professionals such as architects.
"The virtual embassy will not offer services like visa granting via the Internet, it's technically too complicated," said Kokk.
"But we will include the links to the sites of the foreign ministry where all relevant info for visa applicants and other consular services will be located, as well as a vast list of info about political, economic and cultural life."
The virtual embassy will be launched on November 11, marking the anniversary of the foreign ministry's establishment in 1918 when Estonia became fully independent.
The creation of the embassy will cost around 6,000 euros (8,200 dollars) and the ministry has already purchased some virtual land on Second Life for the project.
Kokk said that despite being a virtual embassy, "very real diplomats behind their desks" would be involved.
With relatively limited resources for its 29 missions around the world, the ministry hopes the virtual embassy will provide information on Estonia to countries where it has no diplomatic representation.
"The virtual embassy of Estonia will also have rooms, where we will arrange press conferences, lectures and exhibitions," Kokk explained.
Estonia, which is among the smallest EU countries with a population of 1.3 million, has been a pioneer of new technologies since it regained its independence from the former Soviet Union in 1991.
In March, it held the world's first parliamentary election in which voters could cast ballots online.
-
Estonia gets tough on cyber crime
TALLINN - With 'cyber attacks' becoming an increasingly common phenomenon, Estonian lawmakers are considering amendments to the penal code that would put such online offenses on a par with terrorism.
Quote:
A computer attack would become an act of terrorism when committed with the same aims as a conventional act of terrorism. Under existing law, crimes of terror are crimes whose goal is to seriously upset or destroy the country's political, constitutional, economic or social order.
Crimes of terrorism are punishable by between 5 years and life (25 years) in jail.
The Estonian Ministry of Justice began drafting the amendments after the cyber attacks that targeted Estonia's government agencies, major banks and newspapers in April and May. The current laws deal with computer crime as something that has personal or financial gain as the final aim, which was not the case with the spring attacks against Estonia's IT infrastructure.
Sentences for other computer-related crimes are already being extended. After the amendments take effect it will be possible to punish hackers with a maximum three years in jail instead of the present one year. For computer fraud and spreading computer viruses caught on a repeat offense or after causing extensive damage the maximum punishment will be five years.
The ministry wishes to add to the penal code an article dealing with the preparation to commit a cyber offense, which would deal with cases when hackers make, use or disseminate a computer network element, program, password or code for the purpose of committing a cyber offense.
The bill is based on the
Council of Europe convention against cyber crimes.
-
Estonian President Addresses the UN on Cyber Crimes
During his D.C.and NY visits, Estonian President Ilves addressed the UN emphasizing the need for a comprehensive cyberspace law.
From the U.N. News Centre
Quote:
“Cyber attacks are a clear example of contemporary asymmetrical threats to security,” he said at the annual high-level debate. “They make it possible to paralyze a society, with limited means, and at a distance. In the future, cyber attacks may in the hands of criminals or terrorists become a considerably more widespread and dangerous weapon than they are at present.”
The President said the threat posed by cyber attacks was often underestimated because they have so far not resulted in the loss of any lives and many attacks are not publicized for security reasons.
He called for cyber crimes to be defined internationally and generally condemned in the way that terrorism or human trafficking is denounced.
“Fighting against cyber warfare is in the interests of us all without exception,” Mr. Ilves said, calling on all countries to accede to the Convention on Cyber Crime of the Council of Europe. The pact is also open for accession to non-members of the Council of Europe.
The President welcomed the launch of the Global Cybersecurity Agenda of the International Telecommunication Union (ITU), and said the UN should serve as the “neutral and legitimate forum” for the eventual creation of a globally negotiated and comprehensive law of cyberspace.
-
Quote:
Countries must, however, do more than recognize cyberspace as a new battleground. They also need to know when and how they can deploy weapons. What are the rules of cyberwar?
For more than a century, nations have devised rules of international law, such as the Geneva Convention, which seek to avoid war or minimize human suffering when conflicts occur. And as new technologies emerge, nations have weighed whether to draft new rules, such as treaties restricting biological, chemical and laser weapons.
http://www.latimes.com/news/printedi...a-news-comment
-
Quote:
The first attacks coincided with the removal of a bronze statue of a World-War II era Soviet soldier from the town square in the capital city of Tallin. Estonia blamed the computer attacks on the Russian government.
Quote:
The “worldwide community helped to protect them” and contain the situation, Ritchey says. The Defense Department sent a team of officials from DHS, FBI and the Secret Service to assist, says Dixson. The team is still analyzing the vast amount of information and will “try to learn something from this.”
http://www.nationaldefensemagazine.o...berAttacks.htm
-
Estonia's CTO speaks out on Cyber Attacks
Speaking to ZDNet at the RSA Conference Europe 2007 in London, Mikhel Tammet, director of the Estonian communication and information technology department, said he believes forces within the Russian government may have initiated and sponsored attacks against his country's critical national infrastructure earlier this year.
Quote:
Tammet added that, while it was not possible to put a face to the attackers nor to prove any direct connection to the Russian authorities, all previous attacks with a political aim emanating from Russia had their roots in government action.
"It's been that way in Russia for centuries," said Tammet. "The attack was 50 percent emotions, 50 percent something else, but we can't define what that something is. There was an organisation behind it, but we can't [definitively] say if it's the government or criminals, or both."
-
USA to Contribute to Proposed NATO Cyber Defence Centre in Estonia
From Defense World and the Estonian Embassy in DC:
Quote:
The United States of America has expressed its intention to participate in the work of the proposed NATO Centre of Excellence on Cooperative Cyber Defence, to be established in Estonia.
The Deputy Undersecretary of the US Navy, Marshall Billingslea, informed the Ministry of Defence of the Republic of Estonia in a letter that the USA considers it important to work with Estonia on cyber issues. Marshall Billingslea's letter stated that the US Navy would send one of its top cyber defence experts to the NATO Centre of Excellence on Cooperative Cyber Defence in Estonia. Marshall Billingslea also mentioned that he was exceedingly pleased to tell that the Department of the Navy would like to work with Estonia on cyber issues.
In the view of the Minister of Defence of the Republic of Estonia, Mr. Jaak Aaviksoo, the only way to combat new security threats such as cyber attacks is through close co-operation. Together with Germany and Spain, which have joined Estonia with the NATO Centre of Excellence on Cooperative Cyber Defence, the support of the USA is not only proof of the strong alliance between our countries but also a crystal clear message of divided threat awareness.
Source: Estonian Ministry of Defence, 10/22/2007