Still Hacked Off
An executive summary of the report on the Russian cyber attack on Georgia is now available online. The summary provides additional detail about the preplanning of the attack, the coordination between the hackers and the Russian military and/or government, and the role of organized crime.
Some details. Regarding preplanning and coordination with the military:
Many of the cyber attacks were so close in time to the corresponding military operations that there had to be close cooperation between people in the Russian military and the civilian cyber hackers. . . . Given the speed of action, the signal to go ahead also had to have been sent before the the news media and the general public were aware of what was happening militarily.
Regarding the participation of Russian organized crime:
Some of the webservers and addresses used to control and coordinate the attacks were ones that had been previously used by Russian criminal organizations. . . . specific botnets employed in the cybercampaign were ones closely associated with Russian organized crime.
. . . .
The first wave of cyber attacks was carried out by botnets and command and control systems that were ready before the Russian invasion. These were the botnets and the command and control systems associated with Russian organized crime. They were the only botnets known to be utilized in the cyber campaign. [Emphasis added.]
This contradicts commentor S/O’s assertion on the original post that the big botnets came later, and the freelancer attacks came first. Rather, the big Russian mafia botnets came first, and then freelancers coordinating and communicating via social networking sites jumped on the bandwagon after the fact of the war became publicly known. It further supports the view that the Russian military explicitly cooperated with Russian organized crime as part of a full-spectrum military campaign against Georgia. It is an important piece of evidence that bolsters the already strong circumstantial case that the invasion of Georgia was anything but a response to a Georgian assault on Tskhinvali.
This is further supported by the report’s conclusion that “[t]he primary objective of the cyber campaign was to support the Russian invasion of Georgia, and the cyber attacks fit neatly into the invasion plan. . . . The cyber attacks significantly impeded the ability of the Georgian government to deal with the Russian invasion.”
And finally, it all comes down to energy. Doesn’t it always with this crowd?:
If the campaign is seen from a broader perspective, encompassing economic and cyber action, the real strategic focus seems to have been the Georgian oil and gas pipelines.
The attack was preplanned (indeed, the report documents that at least a portion of the attack had been prepared in 2006); it was launched almost simultaneously with the Russian military attack, and before news of the outbreak of fighting was publicly known; and it was designed to paralyze the Georgian government, military, and economy. Again, like other aspects of the campaign, it is virtually impossible to claim that it was a merely impromptu response to a reckless Georgian attack on Tskhinvali.
I say again. The Russo-Georgian War happened because Russia wanted it to happen. It was a war of choice.
Sorry Prof, the timing a full year later seems murky to me. And who produced this report anyway?
Comment by Steve J. Nelson — August 21, 2009 @ 1:27 pm
SJN. I see. Somebody is supposed to perform an analysis of a complicated cyber attack in what, a day? A week? And perhaps, the report was released now because attention is focused on the events of a year ago. Regardless, what difference does it make? If it’s right, it’s right. If it’s not, it’s not.
Relatedly, you are the King of Ad Hominem. FYI, go to the link, and you will find who wrote the report. Again, it’s irrelevant.
Prof, I commented on the report’s authors in the next thread. Sorry, I just don’t trust them.
Comment by Steve J. Nelson — August 22, 2009 @ 9:58 am
SJN–so go ahead, prove my ad hominem point. Thanks.