0 Members and 1 Guest are viewing this topic.


  • Guest
Looking back at the cyberwar against Estonia
August 21, 2007

It began in mid-April, when the Estonian government ruled to remove a monument dedicated to Soviet soldiers who died in WWII as Estonia was being liberated from one of Tallinn's central squares.1

Unveiled in 1947 by the returning Soviet occupiers, who had been kicked out by the Nazis, the Bronze Soldier was met with mixed feelings by ethnic Estonians, who were then subjected to half a century of Russian rule, under which a tenth of the population was deported to the gulag.4

Many ethnic Estonians hated the Soviets then, hate Russia now and are not particularly grateful to the Red Army, which departed in 1994 only.5

This decision by Estonia to remove the monument was met with great protest from Russia and led to an exacerbation of the political ties between the two countries.1

With a tiny population of 1.4 million, Estonia is almost entirely run on computers. The land that helped develop the free VOIP and instant messenger program Skype hosts wireless zones not just on cafe-lined streets, but in gas stations and remote national parks. Estonians bank, vote and pay their taxes online through digital identity cards that are scanned by easy insertion into slots in their laptops, devices that the country's "paperless" government uses to conduct cabinet meetings and draft legislation. Indeed, so proud was Estonia of its commitment to broadband efficiency—and the web's concomitant freedom of information—that its parliament passed a law in 2000 declaring Internet access a basic human right.4

On April 27, immediately after the Estonian police broke up a demonstration in Tallinn that had gathered in protest at the removal of the monument, the Estonian websites of the president, the prime minister, the Estonian parliament, police, and a number of ministries were overloaded with an enormous number of requests from thousands of computers located around the world.1

According to studies conducted by the experts at Finland-based F-Secure, the following websites were completely inaccessible on April 28:
* (Website of the prime minister): unreachable
* (Ministry of Economic Affairs and Communications): unreachable
* (Ministry of Internal Affairs): unreachable
* (Ministry of Foreign Affairs): unreachable
* (Estonian Government): unreachable
* (Estonian Parliament): unreachable1

The first attack lasted roughly until May 4. During this DDoS attack, over ten Estonian sites took a lashing. In the course of two weeks, they recorded 128 individual DDoS attacks, of which 115 utilized a typical ICMP-flood, 4 used SYN, and the remaining 9 were different variants of attacks meant to increase traffic.1 Botnets flooded Estonian addresses with traffic anywhere from 100 to 1000 times ordinary levels.3

The method and organization of the attacks suggest that the perpetrators had national paralysis in mind. 4

How did the Estonian authorities respond? Estonian politicians broke an unspoken rule when they accused the Russian special service of orchestrating the attacks - and for the first time, the word "cyberwar" was used at this level. This was the first time in history that one government accused another of launching a cyber attack. This never happened during the conflict between India and Pakistan, when the hackers of these two countries engaged in a virtual battle with one another on the Internet in the late nineties.1

The computer community is now playing with the words "cyberwar" and "cyber terrorism" and labeling Russia as the first country to use the "digital bomb".1

The Estonians, and much of the world press, initially characterized this as the first true information war. Fingers were pointed towards the Russian government, largely on the basis of IP addresses (probably spoofed) traced to government facilities. For their part, Russian officials hotly denied any involvement.3 INSERT:  Like Bin Laden truthfully denied 9/11.

In Russia's defense, while it is true that the "zombies," or infiltrated computers used to clog Estonian websites were traced to places like Canada, Brazil and Vietnam, a number also led straight into the offices of Kremlin and other Russian agencies—not easy silicon curtains to penetrate, even for the most enterprising hacker. Russian officials refused to comply with early requests to help trace IP addresses of any cyber-blitzers who might have been piggybacking off Russian servers.4

Later, Yaak Aaviksoo, the Estonian Minister of Defense, proposed declaring that the cyber attacks were a form of military action. "At present, NATO does not view cyber attacks as military action. That means that the NATO countries which have fallen victim to these attacks are automatically not included under the fifth article of the NATO agreement on military protection. None of the NATO Ministers of Defense today would recognize a cyber attack as military action. This issue must be resolved soon."1

One of the current issues for decision-makers in NATO countries is whether to respond to such attacks with "cyber retaliation," or with retaliatory actions in the physical world (i.e. military force), or both. 7

NATO eventually rushed a cyber-warfare team to the country to assist the Estonian government, and the nation's justice minister requested that the European Union classify the attacks as acts of terrorism.2

But nothing could be established by the NATO experts. Basically, the accusations that the Russian government was involved were based on the single, isolated fact that the Estonian president’s website had been visited from an IP address that "belongs to an employee of the Russian presidential administration."1

Experts from around the world poured into Estonia - from the US, Europe and Israel. Some came to help counter the threat, while others arrived to gain invaluable experience by observing the conflict and learning from it so that they might contribute to the security of their own countries.1

"I don’t think it was Russia, but how do you prove that?" asked Gadi Evron, an IT security expert from Israel. Evron traveled to Tallinn for 4 days and conducted, so to speak, a post-mortem examination of the Estonian system. "The Internet is ideally suited for plausibly refuting anything, really."1

After the attacks against Estonia stopped, experts have returned to their home countries, manufacturers of network equipment have entered into numerous new contracts, journalists have written dozens of articles about what happened, and in the end the statue was put in a new place, and the remains of Soviet soldiers were reburied.1

One positive result of the attacks against Estonia has been greater global attention to the cyber-warfare threat. Dr. Linton Wells II, a former principal deputy to the assistant secretary of defense for networks and information integration, has suggested that the Estonia attacks "may well turn out to be a watershed in terms of widespread awareness of the vulnerability of modern society."2

So who was ultimately behind the attacks? Portions of the attacks looked suspiciously like there was some central coordination happening; but it's as yet impossible to trace anything back to the government. 3

Russian speaking bloggers urged people to attack Estonian web sites. They provided URLs and instructions on how to ping the sites over and over by repeatedly striking keys, creating an online mob. "It's brilliant," Evron said. "You get other people to do your work for you." 6

The irony is that nations like the United States and its NATO Allies, that have the capacity to excel in cyber war as an adjunct to military operations - and can achieve information dominance over the battlefield - are also those most vulnerable to unrestricted cyber war.7

In a 2003 Military Review article addressing the proliferation of cyber attacks—particularly as it has been waged in the past between Israeli and Palestinian hackers—authors Patrick D. Allen and Chris C. Demchak shrewdly compared the phenomenon to the Spanish Civil War. In both instances, far-flung civilian volunteers were called into action—or "horizontally escalated"—through the use of targeted propaganda (as mentioned, Russian language instructions explaining how and when to infiltrate Estonian systems were posted all over the web in the days leading up to the first sortie.) State sponsorship was plausibly deniable: If the Comintern could control the Abraham Lincoln Brigade, what's to stop a government from either openly or covertly corralling citizen "hacktivists" to do its dirty work? Most ominous of all, the event may be taken as a prelude to a later and more devastating assault, involving a greater number of players.4

Modern network attacks almost always favours the aggressor. 7

The threshold necessary for small groups to conduct warfare has finally been breached, and we are only starting to feel its effects. Nonstate actors in the form of terrorists, crime syndicates, gangs and networked tribes are stepping into the breach to lay claim to areas once in the sole control of states.5

Traditional lines between war and peace are becoming blurred. This development was presaged by the Cold War, but is even more obvious in the war against terrorism in the wake of the 11 September attacks on the World Trade Center and the Pentagon. It suggests that the computerised information systems of NATO member states are likely to be the continuing target of attacks by a non-traditional enemy, whose main goal is physical destruction and disruption and who is likely to exploit vulnerabilities wherever they are to be found.7

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #1 on: October 11, 2009, 02:09:41 pm »
Estonia under cyber-attack
Nato mobilises to deal with online threat
Iain Thomson
17 May 2007

Nato is sending information warfare specialists to Estonia after the country suffered a major online attack.

Targets of the denial of service attacks include the websites of the Estonian presidency and its parliament, almost all of the country's government ministries, political parties, three of the country's six big news organisations, two of the biggest banks, and firms specialising in communications.

"This is an operational security issue, something we are taking very seriously," an official at Nato headquarters in Brussels told The Guardian. "It goes to the heart of the alliance's modus operandi."

At this time there is no confirmation of the source of the attacks but there are strong indications that Russian hackers are responsible.

The attacks came shortly after the Estonian government removed the Bronze Soldier Soviet war memorial in the capital on Tallinn, a move which sparked protests at which one person died.

"The cyber-attacks are from Russia. There is no question. It is political," said Merit Kopli, editor of Postimees, one of the two main newspapers in Estonia which has been targeted and has been inaccessible to international visitors for a week. It was still unavailable last night.

The Russians have denied any involvement in the attacks. "If you are implying [that the attacks] came from Russia or the Russian government, it is a serious allegation that has to be substantiated. Cyber-space is everywhere," said Russia's ambassador in Brussels, Vladimir Chizhov.

"I do not support such behaviour, but one has to look at where [the attacks] came from and why."

Estonia was annexed by Russia in 1940 as part of the Molotov-Ribbentrop Pact with Nazi Germany. It regained its independence in 1991.

A Nato official said: "I will not point fingers. But these were not things done by a few individuals.

"This clearly bore the hallmarks of something concerted. The Estonians are not alone with this problem. It really is a serious issue for the alliance as a whole."

So far the Estonians have tried to mitigate the attacks by banning all IP addresses from outside the country to support services for domestic users.
And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #2 on: October 11, 2009, 02:11:22 pm »
Thursday, May 10, 2007
Estonia under cyber-attack
Estonia and Russia
A cyber-riot
May 10th 2007
From The Economist print edition

Estonia has faced down Russian rioters. But its websites are still under attack

FOR a small, high-tech country such as Estonia, the internet is vital. But for the past two weeks Estonia's state websites (and some private ones) have been hit by denial of service attacks, in which a target site is bombarded with so many bogus requests for information that it crashes.

The internet warfare broke out on April 27th, amid a furious row between Estonia and Russia over the removal of a Soviet war monument from the centre of the capital, Tallinn, to a military cemetery (pictured below). The move sparked rioting and looting by several thousand protesters from Estonia's large population of ethnic Russians, who tend to see the statue as a cherished memorial to wartime sacrifice. Estonians mostly see it rather as a symbol of a hated foreign occupation.

The unrest, Estonia says, was orchestrated by Russia, which termed the relocation blasphemy and called for the government's resignation. In Moscow, a Kremlin-run youth movement sealed off and attacked Estonia's embassy, prompting protests from America, NATO and the European Union. Perhaps taken aback by the belated but firm Western support for Estonia, Russia has backpedalled. Following a deal brokered by Germany, Estonia's ambassador left for a holiday and the blockade ended as abruptly as it began.

But the internet attacks have continued. Some have involved defacing Estonian websites, replacing the pages with Russian propaganda or bogus apologies. Most have concentrated on shutting them down. The attacks are intensifying. The number on May 9ththe day when Russia and its allies commemorate Hitler's defeat in Europewas the biggest yet, says Hillar Aarelaid, who runs Estonia's cyber-warfare defences. At least six sites were all but inaccessible, including those of the foreign and justice ministries. Such stunts happen at the murkier end of internet commerce: for instance, to extort money from an online casino. But no country has experienced anything on this scale.

The alarm is sounding well beyond Estonia. NATO has been paying special attention. If a member state's communications centre is attacked with a missile, you call it an act of war. So what do you call it if the same installation is disabled with a cyber-attack? asks a senior official in Brussels. Estonia's defence ministry goes further: a spokesman compares the attacks to those launched against America on September 11th 2001. Two of NATO's top specialists in internet warfare, plus an American colleague, have hurried to Tallinn to observe the onslaught. But international law is of little help, complains Rein Lang, Estonia's justice minister.

The crudest attacks come with the culprit's electronic fingerprints. The Estonians say that some of the earliest salvoes came from computers linked to the Russian government. But most of them come from many thousands of ordinary computers, all over the world. Some of these are run by private citizens angry with Estonia. Anonymously posted instructions on how to launch denial-of-service attacks have been sprouting on Russian-language internet sites. Many others come from botnetschains of computers that have been hijacked by viruses to take part in such raids without their owners knowing. Such botnets can be created, or simply rented from cyber-criminals.

To remain open to local users, Estonia has had to cut access to its sites from abroad. That is potentially more damaging to the country's economy than the limited Russian sanctions announced so far, such as cutting passenger rail services between Tallinn and St Petersburg. It certainly hampers Estonia's efforts to counter Russian propaganda that portrays the country as a fascist hellhole. We are back to the stone age, telling the world what is going on with phone and fax, says an Estonian internet expert. Mikko Hyppnen of F-Secure, a Finnish internet security company that has been monitoring the attacks, says the best defence is to have strong networks of servers in many countries. That is not yet NATO's job. But it may be soon.

Posted by Edward Lucas at 9:14 PM 

And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #3 on: October 11, 2009, 02:13:06 pm »
June 25, 2007, 3:40 PM ET
Estonia Presses Bush for Cyber-Attack Research Center

ohn D. McKinnon reports on Bushs meeting with Estonias Ilves.

President Bush and Estonian leader Toomas Hendrik Ilves talked over the possibility of a new NATO research center in Estonia to focus on cyber attacks like the one that crippled the Baltic republic in April.

As many as 1 million computers, mostly hijacked, were involved in the attacks against Estonias highly developed Internet infrastructure, including government, financial, media and other sites.

It is a serious issue if your most important computer systems go down in a country like mine, where 97% of bank transactions are done on the Internet, Ilves said after his Oval Office meeting with Bush. When you are a highly interneted country like we are, then these kinds of attacks can do very serious damage. And I do think its the wave of the future not that its a good wave, but it is something that we have to deal with more and more.

Estonian officials said they suspect the attack came from Russia, and could have been prompted by a controversy over their plans to relocate a Soviet-era war memorial from a prominent spot in downtown Tallinn, the capital. In fact, instructions to hackers were found on Russian Web sites. But experts have differed over whether it really was a government-run attack. While many Western nations have signed treaties on cyber crime, Russia hasnt as yet, and its widely thought to be home to many types of fraud schemes.

Bush termed the issue of cyber attacks interesting and one that I can learn a lot about. He thanked Ilves for his idea for a NATO center to be located in Estonia that would study the issue. NATO sent an observer to Estonia to monitor its attack, but NATO was designed to counter physical threats and hasnt yet developed detailed plans for cyber warfare.
And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #4 on: October 11, 2009, 02:15:37 pm »
Man Convicted In Estonia Cyber Attack
By Mike Sachoff - Thu, 01/24/2008 - 17:48

Russians Deny Involvement

An Estonian court has fined a man tied to hacking official Web sites during last year's riots over the moving of a Soviet war memorial.

The court of Harju district, whose jurisdiction includes the capital Tallinn, said it had fined the 20-year-old 17,500 kroons ($1,635) for bringing down the server Web site of the ruling- coalition- leading Reform Party.

"There was only one suspect and he received the court's verdict yesterday, but investigations are continuing (into other hacking offenses)," said Gerrit Maesalu, spokesman of the Northern District's prosecutor's office.

Dmitri Galushkevich used his home computer to carry out the cyber attack Maesalu said. Galushkevich is the only person to be convicted of the attack. The cyber attacks occurred around the time of two nights of riots by mainly ethnic Russian Estonians after the removal of the Soviet war memorial from the center of Tallinn to a military cemetery.

"He [Galushkevich] wanted to show that he was against the removal of this bronze statue," Maesalu. "At the moment, we don't have any other suspects."

Accusations have been made that some of the attacks originated on servers linked to Russian authorities. Russia has denied any involvement in the attacks.

And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #5 on: October 11, 2009, 02:19:24 pm »
Cyber Assaults on Estonia Typify a New Battle Tactic
By Peter Finn
Washington Post Foreign Service
Saturday, May 19, 2007

TALLINN, Estonia, May 18 -- This small Baltic country, one of the most wired societies in Europe, has been subject in recent weeks to massive and coordinated cyber attacks on Web sites of the government, banks, telecommunications companies, Internet service providers and news organizations, according to Estonian and foreign officials here.

Computer security specialists here call it an unprecedented assault on the public and private electronic infrastructure of a state. They say it is originating in Russia, which is angry over Estonia's recent relocation of a Soviet war memorial. Russian officials deny any government involvement.

The NATO alliance and the European Union have rushed information technology specialists to Estonia to observe and assist during the attacks, which have disrupted government e-mail and led financial institutions to shut down online banking.

As societies become increasingly dependent on computer networks that cross national borders, security experts worry that in wartime, enemies will attempt to cripple those networks with electronic attacks. The Department of Homeland Security has warned that U.S. networks should be secured against al-Qaeda hackers. Estonia's experience provides a rare chance to observe how such assaults proceed.

"These attacks were massive, well targeted and well organized," Jaak Aaviksoo, Estonia's minister of defense, said in an interview. They can't be viewed, he said, "as the spontaneous response of public discontent worldwide with the actions of the Estonian authorities" concerning the memorial. "Rather, we have to speak of organized attacks on basic modern infrastructures."

The Estonian government stops short of accusing the Russian government of orchestrating the assaults, but alleges that authorities in Moscow have shown no interest in helping to end them or investigating evidence that Russian state employees have taken part. One Estonian citizen has been arrested, and officials here say they also have identified Russians involved in the attacks.

"They won't even pick up the phone," Rein Lang, Estonia's minister of justice, said in an interview.

Estonian officials said they traced some attackers to Internet protocol (IP) addresses that belong to the Russian presidential administration and other state agencies in Russia.

"There are strong indications of Russian state involvement," said Silver Meikar, a member of Parliament in the governing coalition who follows information technology issues in Estonia. "I can say that based on a wide range of conversations with people in the security agencies."

Russian officials deny that claim. In a recent interview, Kremlin spokesman Dmitri Peskov called it "out of the question." Reached Friday at a Russia-E.U. summit, he reiterated the denial, saying there was nothing to add.

A Russian official who the Estonians say took part in the attacks said in an interview Friday that the assertion was groundless. "We know about the allegations, of course, and we checked our IP addresses," said Andrei Sosov, who works at the agency that handles information technology for the Russian government. His IP address was identified by the Estonians as having participated, according to documents obtained by The Washington Post.

"Our names and contact numbers are open resources. I am just saying that professional hackers could easily have used our IP addresses to spoil relations between Estonia and Russia."

Estonia has a large number of potential targets. The economic success of the tiny former Soviet republic is built largely on its status as an "e-society," with paperless government and electronic voting. Many common transactions, including the signing of legal documents, can be done via the Internet.

The attacks began on April 27, a Friday, within hours of the war memorial's relocation. On Russian-language Internet forums, Estonian officials say, instructions were posted on how to disable government Web sites by overwhelming them with traffic, a tactic known as a denial of service attack.

The Web sites of the Estonian president, the prime minister, Parliament and government ministries were quickly swamped with traffic, shutting them down. Hackers defaced other sites, putting, for instance, a Hitler mustache on the picture of Prime Minister Andrus Ansip on his political party's Web site.

The assault continued through the weekend. "It was like an Internet riot," said Hillar Aarelaid, a lead specialist on Estonia's Computer Emergency Response Team, which headed the government's defense.

The Estonian government began blocking Internet traffic from Russia on April 30 by filtering out all Web addresses that ended in .ru.

By April 30, Aarelaid said, security experts noticed an increasing level of sophistication. Government Web sites and new targets, including media Web sites, came under attack from electronic cudgels known as botnets. Bots are computers that can be remotely commanded to participate in an attack. They can be business or home computers, and are known as zombie computers.

When bots were turned loose on Estonia, Aaviksoo said, roughly 1 million unwitting computers worldwide were employed. Officials said they traced bots to countries as dissimilar as the United States, China, Vietnam, Egypt and Peru.

By May 1, Estonian Internet service providers had come under sustained attack. System administrators were forced to disconnect all customers for 20 seconds to reboot their networks.

Newspapers in Estonia responded by closing access to their Web sites to everyone outside the country, as did the government. The sites of universities and nongovernmental organizations were overwhelmed. Parliament's e-mail service was shut for 12 hours because of the strain on servers.

Foreign governments began to take notice. NATO, the United States and the E.U. sent information technology experts. "It was a concerted, well-organized attack, and that's why Estonia has taken it so seriously and so have we," said Robert Pszczel, a NATO spokesman. Estonia is a new member of NATO and the E.U.

The FBI also provided assistance, according to Estonian officials. The bureau referred a reporter's calls to the U.S. Embassy in Estonia, which said there was no one available to discuss American assistance to the Baltic State.

On May 9, the day Russia celebrates victory in World War II, a new wave of attacks began at midnight Moscow time.

"It was the Big Bang," Aarelaid said. By his account, 4 million packets of data per second, every second for 24 hours, bombarded a host of targets that day.

"Everyone from 10-year-old boys to very experienced professionals was attacking," he said. "It was like a forest fire. It kept spreading."

By May 10, bots were probing for weaknesses in Estonian banks. They forced Estonia's largest bank to shut down online services for all customers for an hour and a half. Online banking remains closed to all customers outside the Baltic States and Scandinavia, according to Jaan Priisalu, head of the IT risk management group at Hansabank, a major Baltic bank.

"The nature of the latest attacks is very different," said Linnar Viik, a government IT consultant, "and it's no longer a bunch of zombie computers, but things you can't buy from the black market," he said. "This is something that will be very deeply analyzed, because it's a new level of risk. In the 21st century, the understanding of a state is no longer only its territory and its airspace, but it's also its electronic infrastructure.

"This is not some virtual world," Viik added. "This is part of our independence. And these attacks were an attempt to take one country back to the cave, back to the Stone Age."

And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #6 on: October 11, 2009, 02:21:49 pm »
Russian youth confesses to cyber-attack on Estonia
Posted on 13 Mar 2009 at 08:08

An activist with a pro-Kremlin youth group claims he and his friends were behind a cyber-attack on Estonia two years ago that paralysed the country's internet network.

Ex-Soviet Estonia blamed the Russian Government for the attack at the time, though Moscow denied involvement. The incident prompted the NATO military alliance to review its readiness to defend against "cyber-warfare."

Konstantin Goloskokov, an activist with Russia's Nashi youth group and aide to a pro-Kremlin member of parliament, says he organised a network of sympathisers who bombarded Estonian internet sites with requests, causing them to crash.

He claims the action was a protest against the dismantling in 2007 of a Soviet-era monument to the Red Army from a square in the centre of Estonia's capital Tallinn. The removal prompted two nights of rioting by mainly Russian-speaking protesters.

"I was not involved in any cyber-attack. What I did and what my friends did was no kind of attack, it was an act of civil disobedience, absolutely legal," the 22-year-old Goloskokov claims.

"Its aim was to express our protest against the policy of soft apartheid which has been conducted by the leadership of Estonia for many years and the climax of which was the dismantling of the... soldiers' (monument) in Tallinn."

"We made multiple requests to these sites," he says. "The fact that they could not withstand this is, strictly speaking, the fault of those people who from a technical point of view did not equip them properly."

He says the denial-of-service attack was his own initiative and he received no help either from Nashi or Russian officials.

Putin's brainchild

The creation of the youth group was masterminded by Kremlin officials and its activists have had audiences with former President Vladimir Putin, who is now prime minister. Nashi's former leader is now the head of a government agency.

Nashi stages regular protests outside the embassies of Western states with which the Kremlin has disagreements, and its activists picket meetings of opposition parties.

Kristina Potupchik, a spokeswoman for the organisation, claims it had nothing to do with jamming Estonian internet sites. "If anything did happen, it was the personal initiative of Konstantin Goloskokov," she says.

Russian officials allege that Estonia routinely discriminates against its Russian-speaking minority and accuse European institutions of turning a blind eye.

The decision to move the Red Army monument in Tallinn was seen in Moscow as a deliberate snub to the sacrifices the Soviet Union made to liberate eastern Europe from German occupation during World War Two.

But Estonians, like many eastern Europeans, say Nazi rule was replaced by decades of brutal Soviet repression which only ended with the fall of the Berlin Wall.

Estonia's Government denies discriminating against Russian-speakers. It says the presence of the Red Army monument in the centre of the capital was causing public order problems, and moved it instead to a military cemetery.

Author: Reuters
And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #7 on: October 11, 2009, 02:30:02 pm »
Cyber Attacks Explained
By James A. Lewis, Director, Technology and Public Policy Program
June 15, 2007

The small Baltic country of Estonia was the target of a series of cyber attacks in May 2007. These were denial of service attacks, where an attacker floods the target network with bogus messages, causing its servers (computers that serve as a hub in a network) to slow or shut down.

The attacks caused grave concern among NATO officials, in large part because, at first, Russia was blamed. This attribution was wrong, in the sense that the attacks were not launched from Russian government computers. Like many things in cyberspace, it was difficult to tell who was at the other end of the Internet. Attribution in the Estonia case was made even harder by the use of botnets. Botnetsshort for robot networksare the big new thing in cyber crime. A cyber criminal takes remote control of a computer by surreptitiously loading software on it. Most consumers dont know that their computers have been compromised. Some botnets are huge, using tens of thousands of computers around the world. Having these gigantic criminal networks simultaneously send thousands of messages every minute overburdened Estonian servers and caused them to crash.

Attacks, crashes, robotssounds like a warand many commentators saw this as the first cyber war. This was, of course, completely erroneous. Botnets are used all the timethey are the source of most spamand are nothing special for cyber crime. This was not the first time that a government had seen foreign protestors attack servers and Web sites with botnets, hacks, and graffiti. China, Israel, India, Pakistan, and the United States have seen similar attacks, albeit on a smaller scale.

Nor was the Russian government inept enough to leave a trail of e-mails leading back to the Kremlin. Though one Russian government computer was used in the attacks, that was because it had been captured and controlled in a botnet. This does not prove that the Russian government is innocent. ( Great example of 'guilty until proven innocent'!)

Russian government agents could have used chat rooms and e-mail to incite patriotic Russian hackers and cyber criminals to batter Estonian networks as punishment for daring to move a statue of a Soviet soldier.

Estonian police arrested one such hacker, an ethnic Russian and Estonian citizen. Again, this is standard stuffintelligence agents inciting a protest or riot. The attacks on Estonia are better seen as cyber protests than as war, like demonstrators lying down in a capitals streets to block traffic (only without the risk of being run over).

On the Estonian end, there was turmoil, but not collapse or terror. Since independence, Estonia has been a leader in e-government, or service using the Internet. This made them more vulnerable, but it also made them prepared to work in cyberspace. The Estonians responded calmly and were able to restore key services to minimal levels within a few days. Parliament, the presidents office, the police, and the foreign ministry were the primary targets, along with Estonias largest bank. Some took the simple response of blocking messages coming from other countriesthis reduced the attacks, although it kept Estonians on travel from accessing their bank accounts.

Denial of service is not the most dangerous form of attack. A serious attack would not have been as noisy but would have penetrated Estonian computers and databases and scrambled or erased the data. Making health records and bank accounts disappear would have been far more disruptive. The United States faces this kind of attack, and it is vulnerableU.S. government networks are routinely penetrated. We have many more networks than Estonia. Many are secure. Others are not. Unfortunately, we do not know which is which. All will be made clear when it is our turn to be attacked, but it might be better to find and fix our vulnerable systems before this occurs.

The Center for Strategic and International Studies (CSIS) is a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions; accordingly, all views, positions, and conclusions expressed in these publications should be understood to be solely those of the authors.

2007 by the Center for Strategic and International Studies.


False flag planning meeting prior to hacker attack:
"Ok, let's blame it on Patriots... now.. what can we use to 'incite' the attack... HEY - I've got it.. let's move that old soviet soldier statue..."

"Yeah.. they'll buy that..."

And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
« Reply #8 on: October 11, 2009, 02:40:02 pm »
Cybersecurity starts at home and in the office
  By LOLITA C. BALDOR, Associated Press Writer Lolita C. Baldor, Associated Press Writer    Sun Oct 4, 10:10 am ET

WASHINGTON When swine flu broke out, the government revved up a massive information campaign centered on three words: Wash your hands.

The Obama administration now wants to convey similarly clear and concise guidance about one of the biggest national security threats in your home and office the computer.

Think before you click. Know who's on the other side of that instant message. What you say or do in cyberspace stays in cyberspace for many to see, steal and use against you or your government.

The Internet, said former national intelligence director Michael McConnell, "is the soft underbelly" of the U.S. today. Speaking at a new cybersecurity exhibit at the International Spy Museum in Washington, McConnell said the Internet has "introduced a level of vulnerability that is unprecedented."

The Pentagon's computer systems are probed 360 million times a day, and one prominent power company has acknowledged that its networks see up to 70,000 scans a day, according to cybersecurity expert James Lewis.

For the most part, those probes of government and critical infrastructure networks are benign. Many, said McConnell, are a nuisance and some are crimes. But the most dangerous are probes aimed at espionage or tampering with or destroying data.

The attackers could be terrorists aiming at the U.S. culture and economy, or nation-states looking to insert malicious computer code into the electrical grid that could be activated weeks or years from now.

"We are the fat kid in the race," said Lewis. "We are the biggest target, we have the most to steal, and everybody wants to get us."

And if, for example, the U.S. gets into a conflict with China over Taiwan, "expect the lights to go out," he said.

The exhibit at the Spy Museum "Weapons of Mass Disruption" tries to bring that threat to life.

A network of neon lights zigzags across the ceiling. Along the walls computer screens light up with harrowing headlines outlining the country's digital dependence. Drinking water, sewer systems, phone lines, banks, air traffic, government systems, all depend on the electric grid, and losing them for weeks would plunge the country into the 1800s.

Suddenly, the lights go out and the room is plunged into silent darkness.

Seconds later as the sound system crackles, a video ticks off a pretend crisis: no food, no water, system shutdown.

That faux threat has become a prime concern for the government, but fully protecting the grid and other critical computer systems are problems still waiting a solution.

Federal agencies, including the Pentagon and the Department of Homeland Security, are pouring more money into hiring computer experts and protecting their networks.

But there are persistent questions about how to ensure that Internet traffic is safe without violating personal privacy.

One answer, experts said last week, is to begin a broader public dialogue about cybersecurity, making people more aware of the risks and how individuals can do their part at home and at work.

Some will find it easier than others.

Much of the younger generation has grown up online and are more likely to know about secure passwords, antivirus software and dangerous spam e-mails that look to steal identities, bank accounts and government secrets.

Older people moved into the digital universe as it began to evolve and most have not grown up thinking about how to protect themselves online.

"Detection and prevention are fast, but crime is still faster," said Phil Reitinger, director of the National Cybersecurity Center. The key, he said, "is to make sure that we're all getting the word out about not only the seriousness of the threat, but the fairly simple steps that people can take to help secure their systems and their lives and families from the threats that are out there."

In the computer world, "wash your hands" is less about tossing your keyboard into the dishwasher although some have tried and more about exercising caution.

Those steps include:

_using antivirus software, spam filters, parental controls and firewalls.

_regularly backing up important files to external computer drives.

_thinking twice before sending information over the Internet, particularly when using wireless or unsecured public networks.

And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Effie Trinket

  • member
  • Member
  • *
  • Posts: 2,292
« Reply #9 on: April 17, 2015, 07:11:22 am »