As cyberattacks against Estonia, Georgia, and Syria show, cyberwar is a clear and present danger in a world dependent on the Internet.
Well before Russian tanks rolled into Georgia in August, hackers were busy disabling the country’s Internet system, online banking, and telecom networks. Denial-of-service attacks overwhelmed government Web sites. Hackers posted pictures of Adolf Hitler on the Web site of President Mikhail Saakashvili. Shortly after, Russian armed forces routed Georgian forces in a few days of bitter fighting.
There was little Georgia could do internally to resist Russia’s military or electronic invasion. One measure was to transfer the Web sites of the Georgian president, prime minister, and the defense and foreign ministries to secure servers in the United States and Poland. Georgians, or their sympathizers, retaliated by trying to take down the South Ossetian government’s official Web site and launching virtual attacks against Russian news agency RIA Novosti.
Internet analysts are confident that the attacks originated in Russia. A type of server and software that are often used by Russian hackers were used to carry out several attacks on Georgian sites. But it is harder to pin the blame for them on the Russian government.
“While Georgia is obviously under [an Internet] attack, and it is political in nature, it doesn’t so far seem different than any other online [attack]. Political tensions are always followed by online attacks by sympathizers,” comments Israeli computer security expert Gadi Evron.
In May 2007, an assault on Estonia’s Internet system by hackers believed to be based in Russia caused major disruption in that highly wired Baltic state. But Georgia has few Internet users; a United Nations agency says only 8 percent of the population were users last year. Shallow Internet penetration limited the impact of the hacking attacks.
Israel may have become the first country to integrate an Internet attack as part of a physical offensive when it bombed a suspected nuclear site in Syria in 2007. Israeli technicians reportedly jammed Syrian telecommunications, Web traffic, and electronic defenses to enable jets to bomb the facility unopposed.
Cyberattacks are cheap, sometimes effective, and deniable, says Nate Hughes, a military analyst at Strategic Forecasting, Inc., a Virginia-based consultancy. He points out that it’s hard to prove that a cyberattack was ordered by a government official.
The direct military and economic impact of the cyberattack against Georgia was limited, but it may have had a psychological and propaganda value. There were troops on the ground, with accusations of ethnic cleansing, and Internet disruption undermined Georgia’s ability to communicate its perspective to the world, says Hughes.
The United States helped Georgia route its Internet connections away from Russia by laying a 875-mile fiber optic link under the Black Sea to Bulgaria, an EU member country. Estonia, home to a new NATO cyberdefense center, sent experts from its Computer Emergency Response Team to Georgia and provided online support during the crisis.
The Estonian and Israeli events vindicated military and intelligence planners who have been saying that cyberspace is a new strategic domain that countries must learn to control as closely as they defend their territory.
Last December, Jonathan Evans, director general of Britain’s MI5 domestic security service, wrote to the CEOs of 1,000 large U.K. corporations urging them to protect their computer systems more effectively against intrusions, particularly from China.
The 2008 Annual Threat Assessment by the U.S. intelligence community acknowledged for the first time publicly that cyberthreats from China are a significant issue. “We assess that nations, including Russia and China, have the technical capabilities to target and disrupt elements of the U.S. information infrastructure and for intelligence collection,” said the assessment.