Georgia Is Still Searching For Its Cyber-Attacker

By Michael Todd
13:41, August 14th 2008

The confrontations between Russia and Georgia have been set on more than one dimension, as before the actual armed attack, an Internet-based assault managed to cause major problems for the Georgian servers.

Apparently, the servers are still down, making it hard for the country’s officials to get their messages across the territory and inform the general public on some rather important updates. The Georgian government blames Russia for these Web offensives, being sure that it was part of its strategy to weaken its system. "A cyber warfare campaign by Russia is seriously disrupting many Georgian websites, including that of the Ministry of Foreign Affairs," the Georgian Foreign Ministry said in a recent blog post.

Russia strongly denies any implication in the matter and the debates and quarrels are sure to last a lot longer.

The attacks on Georgia’s Internet network, generally known as ‘denial of service,’ began about two months ago. The way these attacks worked is simple: the computers simultaneously received millions of requests, which led to a server overload that demanded an immediate shutdown, causing significant troubles for the government.

These big-scale cyberattacks, which up until now were mostly theoretical, proved to be extremely efficient and the possibility that they could indeed ruin a country’s system must be considered at all times by all governments. Suck an attack can be set up without too many headaches, demanding only several computers and a few good hackers. The extremely low costs might lead to new military tactics, and as Ben Edelman, assistant professor at Harvard Business School, explained, cyberwar "seems like the kind of thing that a sophisticated military would want to experiment with." He also added: "Imagine how devastating it would be to a military commander to lose access to a server that tells him where his troops are stationed and where he has resources."

At this point, all efforts are focused on finding the location from which the attacks were orchestrated and also the people responsible. Unfortunately, this might turn out to be quite a challenge taking into consideration the fact that the attackers are skilled and experienced hackers who know how to cover their tracks. The complex routing methods and the multitude of connection exchanges make it extremely hard to lock on a certain address, and even if they do, it might end up being only a decoy.

Georgia’s troubles linked to the attacks and mentioned above, cannot be considered critical, as the country, still in heavy development, is not as dependent on the Internet as others. Still, not being able to communicate with its citizens and different divisions can certainly lead to a lot of complications.

The attacks have surely shown the need for a rapid Web security update, not only for the Georgian government but for other countries which do not put sufficient emphasis on the issue. As the saying goes, it is way better, cheaper and easier to prevent than to repair and over the next few months or even weeks, such security updates will be in high demand.