The recent war between Russia and Georgia is being fought in cyberspace as well as with more traditional weapons such as bombs and guns. While the Russians have DDoS’ed the websites of the Georgian government, the Georgians themselves have retaliated and attacked South Ossetian news outlets and stopgeorgia.ru, the main site coordinating the Russian DDoS campaign.
The cyber warfare surrounding the recent Russia-Georgia conflict is of particular interest to computer security researchers due to its unique nature. During this conflict, ordinary citizens could download a point-and-click DoS tool from www.stopgeorgia.ru (which interestingly enough is itself a pirated version of a commercial DoS tool. Is there no honor among criminals?) and join the coordinated effort to DoS a continually updated list of Georgian government websites.
These like-minded individuals form what amounts to a volunteer botnet, with potentially considerable bandwidth. Whereas in times past politically motivated attacks were the domain of dedicated hacktivists, the citizen-DDoS-army is a recent phenomenon, but one that has played a large part in recent DDoS attacks. Such attacks include the Chinese DDoS on CNN, the Russian DDoS on Estonian websites, and now the Russia-Georgia conflict.
With few potential repercussions (What government would want to prosecute its most ardent supporters?), the great ease of joining (don’t have to leave your seat), and real effects (the enemy government goes offline) such attacks are very attractive to angry civilians. I expect that future conflicts will continue to have a larger cyber warfare component, with ordinary citizens — and their bandwidth — becoming an increasingly utilized weapon.
- Artem Dinaburg, Damballa Researcher
