Justus For All

None Sine Causa

Cyber Attack?

8:38 am on Monday, May 21, 2007

washingtonpost.com (via Instapundit)

This small Baltic country, one of the most wired societies in Europe, has been subject in recent weeks to massive and coordinated cyber attacks on Web sites of the government, banks, telecommunications companies, Internet service providers and news organizations, according to Estonian and foreign officials here.

Computer security specialists here call it an unprecedented assault on the public and private electronic infrastructure of a state. They say it is originating in Russia, which is angry over Estonia’s recent relocation of a Soviet war memorial. Russian officials deny any government involvement.

Cyber warfare has long been a staple of science fiction, but nothing that could be compared in scale to war has been seen in the real world before this as far as I know. Sure, there have been isolated attacks (one could compare them to terror attacks in keeping the warfare analogy) but this seems to be a new thing. I am sure a lot of people are watching this closely, some with the perspective of how to prevent such a thing, others looking to learn how to do it.

6 Comments »

Comment by Aric

May 22, 2007 @ 3:39 pm

I deny all responsibility.

Comment by probligo

May 23, 2007 @ 10:31 am

The “how” is a series of IT industry standard routines.

The problem is that the primary network software is from one source.

That is exacerbated by the fact that the software is not the most reliable.

Having said that, there is a need for some level of standardisation and that introduces the risks associated with the likes of html.

Of greater importance though must surely be the development of specialised protocols for strategic (and I mean here non-military such as financial and commercial traffic) functions.

FWIW…

Comment by Dave Justus

May 23, 2007 @ 10:46 am

If the ‘problem’ is that all the network software is from a single source (which is plausible but probably not the case) wouldn’t greater standardisation make the problem worse, not better?

Obviously means of defense need to be found, and I expect that many many people are working on that, and many others are working on ways to overcome that defense.

Comment by probligo

May 26, 2007 @ 12:54 pm

Language in question Dave is HTTP.

It is not just the interface translation that is at fault (Firefox or iMax vs Explorer proves that).

The problem is the ability for HTTP itself to be abused and the functions it contains to be used for more nefarious purposes.

Comment by Aric

May 27, 2007 @ 1:28 am

Any distributed computing system risks a cyber attack. Protocols make little difference; only physical isolation can completely protect from remote intrusion.

TCP/IP serves as the backbone of current computer networks. The reason for this is that it is simple, efficient, and flexible. Like any computer system, the methods it uses are subject to exploitation. Over the course of the last 20 years, as security issues have been raised, counters to electronic attack have been developed: Packet Encryption, Jails, Firewalls, Tar Pits, and a host of others. The evolution of such tools will go hand in hand with the development of methods to circumvent them. IPv6, which was to replace IPv4 with a more secure, reliable and flexible method of data delivery was recently discovered to have a very serious security flaw. This only goes to show that any new “secure” system will always be at risk because the people who design it are human, and will make mistakes.

Comment by probligo

May 29, 2007 @ 12:49 pm

I had in mind the recent experience in Estonia where telephone, financial, and emergency systems were all closed down by a concerted attack through the internet.

Look, for example, at what happened to Estonia last week. Ever since the government of the Baltic state decided (rather tactlessly it must be said) to remove a war memorial to the Red Army from a square in the capital, Tallinn, Russian outrage has ensued.

This took the form of demonstrations and even riots. But then something extraordinary happened: quickly, and wholly without warning, the whole country was subjected to a barrage of cyber-warfare, disabling the websites of government ministries, political parties, banks and newspapers.

Techniques normally employed by cybercriminals, such as huge remotely-controlled networks of hijacked computers, were used to cripple vital public services.

Nato has sent its top cyber-terrorism experts to Tallinn, with western democracies caught on the hop over the implications of such an attack.

The Estonian defence ministry said: “We’ve been lucky to survive this. If an airport, bank or state infrastructure is attacked by a missile, it’s clear war. But if the same result is done by computers, then what do you call it? Is it a state of war? These questions must be addressed.”

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 
  • info on cialis
  • buy viagra online
  • ultram doses