Join 3,367 readers in helping fund MetaFilter (Hide)


lsof
August 12, 2008 7:05 PM   Subscribe

Weeks before physical bombs started falling on Georgia, security researcher Jose Nazario of Arbor Networks in Lexington, Massachusetts was watching an attack against the country in cyberspace: a stream of data directed at Georgian government sites containing the message: win+love+in+Rusia.
posted by plexi (33 comments total) 3 users marked this as a favorite

 
The video isn't available in my country...
posted by maxpower at 7:15 PM on August 12, 2008


I'm getting "We're sorry, this video is no longer available".

Fascinating story nonetheless.
posted by Marisa Stole the Precious Thing at 7:25 PM on August 12, 2008


putin musta lodged a DMCA takedown notice.
posted by quonsar at 7:32 PM on August 12, 2008


This story is of interest because it shows how cyberwar precedes actual war as air raids in earlier wars softened up enemy position prior to an attack. However it makes it seem as though Russia carefully planned to invade with no indication as to what might have brought about that Russian invasion. Of course Georgia is now on "our side," and in fact a Georgian lobbyist is McCain adviser, and Russia, the bad guys. Didn't US intelligence realize that Georgia was going on the offensive against Ossetia? For an analysis of what was going on prior to the cyber stuff,

http://www.stratfor.com/weekly/russo_georgian_war_and_balance_power

clearly, Russia felt at ease about an American counter move since we are all tied up in Iraq and Afghanistan...the hundred years war.
posted by Postroad at 7:40 PM on August 12, 2008


As a note, the websites for the Georgian President and a prominent Georgian TV station were moved to a US host in Atlanta over the weekend, where Russian hackers are still waging massive DDOS attacks.
posted by thebestsophist at 7:44 PM on August 12, 2008


From Rusia win love?
posted by bicyclefish at 7:49 PM on August 12, 2008 [3 favorites]


For those who can't see it, the youtube video is about the 2007 DDOS attacks and riots in Estonia after the government decided to move a Soviet built statue commemorating the Russian "liberators" who died during WWII and helped bring Estonia into the stark, iron bosom of Mother Russia.
posted by stavrogin at 7:50 PM on August 12, 2008


Anyone have a guess as to what the “It costs about 4 cents per machine,” from the NYT article is referring to? Is that an estimate of the per capita cost of a botnet, for example?
posted by XMLicious at 7:56 PM on August 12, 2008


Not to derail, but the expression "cyberspace" seems like it's almost exclusively used by news outlets these days, especially when discussing inter-country hacking.

Anyway, do you think the NSA (or other agencies) has a model to predict the likelihood of physical conflict based on precursory internet attacking?
posted by Damn That Television at 8:01 PM on August 12, 2008


This is about the third story we've seen about botnet attacks being connected to serious problems between nations. Either there really is experimental cyberwarfare going on or else some US agency / company has interest in there being the appearance of that warfare.

I'm assuming the 4¢ per machine number is the cost of buying a botnet. Of course, it's not clear in a real military conflict that you could actually purchase that botnet from a third party. But maybe you could, who's to say?

PS: note to DOS attackers. If you're attacking with a search query, randomize the query per request. Otherwise it'll be cached.
posted by Nelson at 8:42 PM on August 12, 2008


so, hacking is the new PR war?
posted by mandal at 8:55 PM on August 12, 2008


So there was one DDOS attack against Saakashvili prior to the Georgian shelling of South Ossetia?

Curse those evil Russians.
posted by pompomtom at 9:10 PM on August 12, 2008


so, hacking is the new PR war?

It's all part of the propaganda machine.
posted by Blazecock Pileon at 9:15 PM on August 12, 2008


According to one report, hackers at one point replaced the image on the MFA website with one of President Saakashvili alongside Adolf Hitler.

Confirmed. This is what the Georgian staff of the PC came up against when they were trying to get information pre-relocation.
posted by piratebowling at 9:23 PM on August 12, 2008


U.S. Embassy in Russian Hackers' Crosshairs?
posted by homunculus at 9:27 PM on August 12, 2008


security researcher Jose Nazario of Arbor Networks in Lexington, Massachusetts was watching an attack against the country in cyberspace:

Heh.. WATCHING seems to be the only thing that we can do right now, in cyber- and in normal space. What's that thing called, when a guy watches his wife being fucked by some other dude? Cuckold, is it?
posted by c13 at 9:28 PM on August 12, 2008


The prototypes of the programs used to crack industrial banks were developed for Screaming Fist. For the assault on the Kirensk computer nexus. Basic module was a Nightwing microlight, a pilot, a matrix deck, a jockey. They ran a virus called Mole. The Mole series was the first generation of real intrusion programs.
posted by barnacles at 10:02 PM on August 12, 2008 [5 favorites]


Lessig has said on record that the US government is waiting for the internet version of 9-11 so they can enact sweeping laws that, (supposedly) like the PATRIOT act, have been sitting in the drawer waiting for such an opportunity.
posted by tomierna at 10:03 PM on August 12, 2008


I am wrong in feeling unsure as to which side triggered this conflict.
posted by Hypnotic Chick at 10:25 PM on August 12, 2008 [1 favorite]


I am wrong in feeling unsure as to which side triggered this conflict.

The incredibly abbreviated version as far as I understand it:

South Ossetia has been operating as a defacto independent republic for a little while now but nobody except a couple of former SSRs recognise it. Georgia finally had enough and went after their breakaway province by force. Russia has been providing citizenship and passports to the inhabitants of the South Ossetia province so the ruskis want to protect their "citizens" that are being threatened by Georgian aggression.

The west say that Russia are intervening into an internal conflict and are generally being a bunch of dicks, Russia says it wants to protect its "citizens" and that it was on when Georgia started shelling the shit out of Tskhinvali and Russian citizens.
posted by Talez at 10:50 PM on August 12, 2008


Hmm, I'm not getting the widespread assumption here that this was a deliberate effort by Putin. In fact, the site itself says "We have no reason to think the government is involved and can only speculate that it could be a grass root effort by the attackers." The fact that individual Russian hackers would do something like this is not itself surprising: tensions between Russia and Georgia have been mounting for a while, and many Russians have been whipped up into a nationalistic fervor against the Georgians. (Also not entirely deliberate, just a function of the way Russians identify with great-power nationalism).

And besides, do you really think Russian government hackers would be a) so stupid as to use readily-recognizable Russian IPs and b) so juvenile that they would put up pictures of Hitler? I mean, whatever else the Russians might suck at doing, at least they take their espionage/secret police pretty seriously.
posted by nasreddin at 10:54 PM on August 12, 2008


I am wrong in feeling unsure as to which side triggered this conflict.

You probably can't do much better than starting with Pastabagel's comment in a prior thread, which got favorited into the sidebar.
posted by dhartung at 11:26 PM on August 12, 2008


We have had the usual advisors in Georgia and have wanted them on our side. Their leader mistakenly thought he could act without repercussions. Russia knew the US was tied up in Iraq and Afghanistan and thus unable to do much more than say this is unacceptable." Russia acted; Georgia lost. While we (esp. McCain) spend time badmouthing Russia, they acted for their self interest in much the same way that we do, and our being tied up in Iraq has led to Iran becoming top banana in the region (Saddam was an offsetting force when in office) and now Russia has been able to do its will. Saying something is unacceptable means....? what? we will bomb Russia after bombing Iran?
posted by Postroad at 2:19 AM on August 13, 2008


And besides, do you really think Russian government hackers would be a) so stupid as to use readily-recognizable Russian IPs and b) so juvenile that they would put up pictures of Hitler? I mean, whatever else the Russians might suck at doing, at least they take their espionage/secret police pretty seriously.

I don't think Russian IPs and childish vandalism are signs that government hackers weren't involved. But the timing sure is.

That said, it's not like a DDoS attack is an incredibly sophisticated bit of technological warfare. You can spend 5 minutes on Google and find thegigaloaders and command prompts to bring down a site's server (especially one that, say, might not have terabytes of bandwidth at its disposal) provided you get enough people to join in the fun, such as by spamming instructions across multiple forums. I've seen DDoS attacks triggered in just that same way, all too many times.
posted by Marisa Stole the Precious Thing at 2:25 AM on August 13, 2008


You probably can't do much better than starting with Pastabagel's comment in a prior thread, which got favorited into the sidebar.

Yeah, you can. That comment is about the underlying strategic situation involving oil and gas; the question is about who started it. Georgia did, by stupidly invading a province that no longer wanted to be part of it and that was defended by the biggest power in the region. (Humorous sidenote: they didn't even bother bombing the tunnel that was Russia's only link to South Ossetia, apparently figuring 1) one Georgian is worth 100 damn Russkies, and 2) if they got into any trouble Uncle Sam would step in and bail them out.)
posted by languagehat at 6:17 AM on August 13, 2008


If Georgia wants to strike back, they should let the internets know that Russia has kidnapped longcat.
posted by ryoshu at 7:02 AM on August 13, 2008


This story is of interest because it shows how cyberwar precedes actual war as air raids in earlier wars softened up enemy position prior to an attack pubescent nimrods with net access are able to hose millions of gullible people who like to throw around stupid terms like 'cyberwar'.
posted by quonsar at 7:44 AM on August 13, 2008 [1 favorite]


I'm surprised no one else but me immediately sees all this for what it really is- an expertly executed viral ad campaign for the upcoming sequel to War Games.
posted by self at 9:50 AM on August 13, 2008


Update on China/Tibet cyberattacks (and Russia/Georgia), and call for testimonials.
posted by homunculus at 10:32 AM on August 13, 2008


Air Force Suspends Controversial Cyber Command
posted by homunculus at 2:15 PM on August 13, 2008


After the Revolution - Georgia (via smashing Telly)
posted by acro at 11:10 PM on August 13, 2008


Thanks, acro, that's an excellent documentary (20 mins, from May 2004; discusses South Ossetia in the latter part).
posted by languagehat at 1:40 PM on August 14, 2008


How I became a soldier in the Georgia-Russia cyberwar.
posted by homunculus at 4:24 PM on August 15, 2008 [2 favorites]


« Older Starting with Frank McCourt's "Angela's Ashes" and...  |  A group of three men claim the... Newer »


This thread has been archived and is closed to new comments