2007 cyberattacks on Estonia: Difference between revisions

Content deleted Content added

Inline

Revision as of 15:14, 6 July 2007

Cyberattacks on Estonia (a.k.a Estonian Cyberwar) refers to a series of cyber attacks that began April 27, 2007 that swamped Estonian websites of Estonian parliament, banks, ministries, newspapers and broadcasters, amid that country's row with Russia about moving a Soviet-era war memorial.^[1]

By nature attacks that had any influence on general public were generally distributed denial of service attacks ranging from single individuals using various low-tech methods like ping floods to expensive rentals of botnets usually used for spam distribution. Spamming of bigger news portals commentaries and defacement and posting of a fake press release of the ruling Reform parties website also occurred.

The case is studied intensively by many countries and military planners as, at the time it occurred, it may have been the second-largest instance of state-sponsored cyberwarfare, following Titan Rain.^[2]

Some observers reckoned that the onslaught on Estonia was of a sophistication not seen before. Linnar Viik, Estonia's internet guru, said “Particular 'ports' of particular mission-critical computers in, for example, the telephone exchanges were targeted. Packet 'bombs' of hundreds of megabytes in size would be sent first to one address, then another.” Although the hackers behind the cyberwarfare haven't been unveiled, some believed that such efforts exceed the skills of individual activists or even organised crime; they require the co-operation of a state and a large telecoms firm.^[2]

Opinions of experts in network security

Contrary to claims of Estonian government officials regarding involvement of Russia in cyber attacks^[3], most independent experts in the field of network security conclude that this was likely work of independent hackers.

The attacks were crude so-called distributed denial of service, or DDoS, attacks, utilizing global networks, or botnets, of compromised computers, known as slaves, or zombies, often owned by careless individuals, "including some in the United States,"

Mike Witt, deputy director of the U.S. Cyber Emergency Response Team. The team, known by the acronym U.S.-CERT, is the element within the Department of Homeland Security that "coordinates defense against and responses to cyber attacks across the nation," according to its Web site.^[4]

We don't have directly visible info about sources so we can't confirm or deny that the attacks are coming from the Russian government,

Jose Nazario, software and security engineer at Arbor Networks, told internetnews.com. ^[5]

Professor James Hendler, former chief scientist at the Pentagon's Defense Advanced Research Projects Agency, described the attacks as "more like a cyber riot than a military attack."

Such politically motivated attacks by organized hacker networks -- known to specialists as "hactivism" -- were also seen against Danish Web sites after the publications of cartoons of the Prophet Mohammed in a magazine there.

"The size of the cyber attack, while it was certainly significant to the Estonian government, from a technical standpoint is not something we would consider significant in scale," said Witt, adding he believed the United States would be able to defend itself easily against attacks on a similar scale. ^[6]

Legalities

On May 2, 2007, a criminal investigation was opened into the attacks under a section of the Estonian Penal Code criminalising computer sabotage and interference with the working of a computer network, felonies punishable by imprisonment of up to three years. As a number of attackers turned out to be within the jurisdiction of the Russian Federation, on May 10, 2007, Estonian State Procurature made a formal investigation assistance request to the Russian Federation's Supreme Procurature under a MLAT existing between Estonia and Russia. On June 28, Russian Supreme Procurature refused assistance.^[7] Interestingly, a Russian State Duma delegation visiting Estonia in early May in regards the situation surrounding the Bronze Soldier of Tallinn had promised that Russia would aid such investigation in every way available.

This Internet-related article is a stub. You can help Wikipedia by expanding it.

References

^ Ian Traynor, 'Russia accused of unleashing cyberwar to disable Estonia", The Guardian, May 17, 2007
^ ^a ^b Cyberwarfare:'Newly nasty, May 24th 2007, The Economist
^ Times Online: Urmas Paet, the Estonian Foreign Minister, accused the Kremlin of direct involvement
^ World Peace Herald: Crude attack unlikely to be state-sponsored
^ Internetnews.com: Estonia Under Russian Cyber Attack?
^ United Press International: Analysis: Who cyber smacked Estonia?
^ Postimees July 6, 2007: Venemaa jätab Eesti küberrünnakute uurimisel õigusabita

@@ Line 6: / Line 6: @@
 Some observers reckoned that the onslaught on Estonia was of a sophistication not seen before. [[Linnar Viik]], Estonia's internet guru, said “Particular 'ports' of particular mission-critical computers in, for example, the telephone exchanges were targeted. Packet 'bombs' of hundreds of [[megabytes]] in size would be sent first to one address, then another.” Although the [[hackers]] behind the cyberwarfare haven't been unveiled, some believed that such efforts exceed the skills of individual activists or even [[organised crime]]; they require the [[co-operation]] of a state and a large [[telecoms]] firm.<ref name="economist"/>
+=== Opinions of experts in network security ===
+Contrary to claims of Estonian government officials regarding involvement of Russia in cyber attacks<ref name="londontimes">Times Online: [http://www.timesonline.co.uk/tol/news/world/europe/article1802959.ece Urmas Paet, the Estonian Foreign Minister, accused the Kremlin of direct involvement]</ref>, most independent experts in the field of network security conclude that this was likely work of independent hackers.
+:''The attacks were crude so-called distributed denial of service, or DDoS, attacks, utilizing global networks, or botnets, of compromised computers, known as slaves, or zombies, often owned by careless individuals, "including some in the United States,"''
+Mike Witt, deputy director of the U.S. Cyber Emergency Response Team. The team, known by the acronym U.S.-CERT, is the element within the Department of Homeland Security that "coordinates defense against and responses to cyber attacks across the nation," according to its Web site.<ref name="wpherald"> World Peace Herald: [http://wpherald.com/articles/5127/1/Analysis-Who-was-behind-Estonias-cyber-attack/Crude-attack-unlikely-to-be-state-sponsored.html Crude attack unlikely to be state-sponsored]</ref>
+:''We don't have directly visible info about sources so we can't confirm or deny that the attacks are coming from the Russian government,''
+Jose Nazario, software and security engineer at Arbor Networks, told internetnews.com. <ref name="internetnews">Internetnews.com: [http://www.internetnews.com/security/article.php/3678606 Estonia Under Russian Cyber Attack?]</ref>
+Professor James Hendler, former chief scientist at the Pentagon's Defense Advanced Research Projects Agency, described the attacks as "more like a cyber riot than a military attack."
+Such politically motivated attacks by organized hacker networks -- known to specialists as "hactivism" -- were also seen against Danish Web sites after the publications of cartoons of the Prophet Mohammed in a magazine there.
+'''"The size of the cyber attack, while it was certainly significant to the Estonian government, from a technical standpoint is not something we would consider significant in scale,"''' said Witt, adding he believed the United States would be able to defend itself easily against attacks on a similar scale. <ref name="UPI">United Press International: [http://www.upi.com/Security_Terrorism/Analysis/2007/06/11/analysis_who_cyber_smacked_estonia/2683/print_view/ Analysis: Who cyber smacked Estonia?]</ref>
 === Legalities ===

Revision as of 15:14, 6 July 2007

Opinions of experts in network security

Legalities

References

See also