Categories: RegulationSecurity

International Body Needed To Tackle Political Hacking

When resentment against a pro-Georgian blogger boiled over into a distributed denial-of-service attack against social networking sites on 6 Aug, it seemed to echo the cyber-attacks that occurred when Russia invaded Georgia in August 2008. Experts say this type of hacktivism will likely continue to increase, leaving countries with the question of what to do in response to similar incidents happening in conjunction with military action.

A new report from the U.S. Cyber Consequences Unit, of which a summary was released on 17 Aug, focuses on the cyber-attacks that accompanied Russia’s military assault and calls for the creation of an international organisation to provide risk advisories when political, economic or military circumstances make a cyber-attack likely or when warning signs of such an attack are detected.

The report stated that, as many people have suspected, the organisers of the cyber-attacks were aware of Russia’s military plans. However, the attackers themselves are believed to have been civilians. Their targets included media, government and financial sites, according to the report.

“The first wave of cyber-attacks launched against Georgian media sites were in line with tactics used in military operations,” John Bumgarner, US-CCU’s research director for security technology, told eWEEK.

“There were several key command and control (C&C) servers used to coordinate the global botnet(s) used in the DDoS attacks,” Bumgarner continued. “The exact number of computers compromised globally is unknown, but probably numbered in the tens of thousands.”

Georgia’s initial technical response to the attack was to install filters to block Russian IP addresses and protocols used by the attackers, the report stated. Hacktivists circumvented this by using foreign servers to mask their IP addresses, and changing the protocols they used. They utilised software to spoof IP addresses as well.

Georgia’s second response—to shift the hosting of its Websites to other countries where attack traffic could more easily be filtered out—was more effective, according to the report.

In such a situation, the existence of an international cyber-response force could have prevented some of the disruption, the report contended.

“If Georgia had been able to call on this sort of apparatus, the interruptions in its online activities would probably have lasted only a few hours or even a few minutes, rather than several days,” the report stated. “In addition, a well-prepared international team could have collected forensic evidence, making it possible to answer the questions about the cyber-campaign that still remain open. One of these important unanswered questions is what spyware and other malicious code the attackers may have left behind.”

For all the confusion the attacks caused, there is actually a silver lining, according to Bumgarner.

“In traditional warfare these attack techniques would have been 1) aerial bombardments, which would have inflicted physical damage to the target or 2) electronic jamming, which would have disrupted the communication of these targets,” he said. “The [disruptive] cyber-techniques used in 2008 spared the Georgian targets from long-term physical damage.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

1 day ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

2 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

2 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

2 days ago