Information Warfare: CyberBully


February 1, 2009: For the third time in two years, Russian computer hackers (and cyber crime gangs) have shut down Internet service in a neighboring country that had offended the Russian government. Back in 2007, it was Estonia. Last year it was Georgia (whose leader had regularly insulted Russian leader Vladimir Putin, often in a very personal way.) This year it's Kyrgyzstan, which is resisting Russian attempts to control world access to Kyrgyzstan's oil and natural gas fields.

Last year, NATO established a Cyber Defense Center in Estonia, in response Russian Cyber War attacks that shut down much of Estonia's Internet access in 2007. Russia was accused of causing great financial harm to Estonia via its Cyber War attacks, and Estonia wants this sort of thing declared terrorism, and dealt with. NATO agreed to discuss the issue, but never took any action against Russia. The Cyber Defense Center is one tangible result of the 2007 Cyber War attacks. The Center will study Cyber War techniques and incidents, and attempt to coordinate efforts by other NATO members to create Cyber War defenses, and offensive weapons.

Cyber Wars have been going on for over a decade now, and they are getting worse. It started in the 1990s, as individuals attacked the web sites in other nations because of diplomatic disputes. This was usually stirred up by some international incident. India and Pakistan went at it several times, and Arabs and Israelis have been trashing each others web sites for years. The Arabs have backed off somewhat, mainly because the Israeli hackers are much more effective. Chinese and Taiwanese hackers go at each other periodically, and in 2001, Chinese and American hackers clashed because of a collision off the Chinese coast between an American reconnaissance aircraft and a Chinese fighter.

In the last four years, these Cyber Wars have escalated from web site defacing and shutting down sites with massive amounts of junk traffic (DDOS attacks), to elaborate espionage efforts against American military networks.  

The Russian attacks against Estonia were the result of Estonia moving a statue, honoring Russian World War II soldiers, from the center of the capital, to a military cemetery. The Estonians always saw the statue as a reminder of half a century of Russian occupation and oppression. Russia saw the statue move as an insult to the efforts of Russian soldiers to liberate Estonia, and enable the Russians to occupy the place for half a century. The basic problem here is that most Russians don't see their Soviet era ancestors as evil people, despite the millions of Russians and non-Russians killed by the Soviet secret police. The Russians are very proud of their defeat of Nazi Germany in World War II, ignoring the fact that the Soviet government was just biding its time before it launched its own invasion of Germany and Europe in general.

While many Russians would have backed a military attack on Estonia, to retaliate for the insult by an ungrateful neighbor, this approach was seen as imprudent. Estonia is now part of NATO, and an attack on one NATO member is considered an attack on all. It's because of this Russian threat that Estonia was so eager to get into NATO. The Russians, however, believed that massive Cyber War attacks would not trigger a NATO response. Russian language message boards were soon full of useful information on how to join the holy war against evil Estonia. There's no indication that any Russians are afraid of a visit from the Russian cyber-police for any damage they might do to Estonia. And the damage has been significant, amounting to millions of dollars.

Estonia concluded that the weeks of Cyber War attacks it endured two years ago were not an act of war. Or, rather, the attacks were not carried out by the Russian government, but at the behest of the government by Russian hackers angry at Estonia. Some Internet security researchers believe that the attacks were the result of efforts by a small number of hackers, who had access to thousands of captive (or "zombie") PCs. Some of the zombies were located in Russian government offices. But that's not unusual, as government PCs worldwide tend to be less well protected than those in large corporations. It is believed that other governments are behind similar attacks that temporarily shut down politically embarrassing web sites. This is becoming very common, and often the attacks are ones where only a particular government would benefit.

Russia used the same technique last year against Georgia, although this time the DDOS attacks were preceded by a well planned Information War campaign against Georgia (and in favor of Russia.) The Georgia Internet operations were accompanied by Russian troops invading as well. This more of a raid, than an actual march of conquest. Both the Russian CyberWarriors, and combat troops, did a lot of damage in Georgia, and then withdrew.

The current operations in Kyrgyzstan are apparently meant to intimidate, and persuade the Kyrgyz to do an oil deal that is favorable to Russia. So far, this CyberBullying tactic seems to be working.





Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close