Critical. Authoritative. Strategic.


CBR is proudly produced & published
by Technews
Issue Date: June 2007

The cold cyberwar?

1 June 2007

The month of May saw an interesting IT security event happening in the ex-Soviet empire. Estonia, now a democratic country that has on more than one occasion thumbed its nose at its old Soviet masters, was hit by a series of distributed denial of service (DDoS) attacks.
Although no official word as to the perpetrators of the attacks has been released, few commentators have any doubt it was a Russian game. Apparently the Estonians and Russians are having a tiff because the former removed a memorial to Russian victory in the Second World War that was standing in Tallinn (the capital of Estonia).
According to a Computergram report, the DDoS attack targeted the websites of Estonian government agencies as well as its parliament, big banks and the two largest newspapers. Ultimately, the only solution was to stop access to these sites from IP addresses outside the country.
Of course, the nature of a DDoS attack means there is not only one machine responsible for the strike. Apparently the IP addresses of some of the machines first involved in the attacks were in Russia, but with botnets the order of the day who knows who else was unwittingly a party to the attack. And who is going to own up anyway?
This is not the first attempt at cyberterror on such a large scale, but perhaps it is indicative of the lengths nations will have to go to to protect themselves. This especially applies to smaller nations with limited bandwidth in and out of the country (and slightly larger nations with an antiquated monopoly actively limiting the availability of bandwidth due to greed and/or incompetence, but in these cases the damage an attack would cause would already have been done by the monopoly).
Which brings us back to the issue of security. Your average antivirus package is useless against these attacks and even against your computer (or your firm's computers) being part of these botnets. As more spyware is designed not to disrupt your PC, but to add your system onto a network that can be sold to spammers or DDoS-friendly governments, the more vulnerable we all are, even at national level.
What makes this attack relevant is that Estonia is one of the more advanced countries with respect to e-government initiatives. Perhaps its size and history made its transition to online public administration simpler than it is for most other countries.
Some may think there is also a warning to South Africa in the Estonia incident as e-government initiatives are starting to be rolled out here. Fortunately, we do not have to worry about Russia or anyone else disrupting our government's IT systems as we have Tasima to do it for us - as eNatis proved.
Andrew Seldon

Others who read this also read these articles

Search Site

Search Directory

  • Search for:


Previous Issues