Information Warfare and Terrorism

Warfare & Terrorism The proliferation of cyberattacks -- aptly referred to as cyberterrorism -- carried out by criminal miscreants with grudges, shadowy techies with political motives, and other anti-social individuals, represent the new digital wars that threatened personal and state security worldwide. This is not a problem that will go away any time soon, and cyber security officials it seems will always be one or two steps behind the offenders causing the digital carnage.

The cyberattacks that are reviewed in this paper include: Russia's denial-of-service attacks on Estonia in 2007 and Georgia in 2008, and the cyberattacks against U.S. State Department computers in 2006. Denial of service refers to strategies that "…block access of legitimate users" through the "…relentless transmission of irrelevant information" -- called "flood attacks" -- which restrains computer servers (Richards, 2010). Russia's cyberterrorism against Estonia -- 2007 An article in the International Affairs Review indicates that the victim in this 2007 cyberterrorism was clearly Estonia and the aggressors were obviously hackers in Russia.

It involved a "…three-week wave of distributed denial-of-service attacks" and what it disrupted was the infrastructure of Estonia's information-based technologies (Richards, 2010, 5). The attacks began on April 26, 2007, at 10:00 P.M., focusing first on the Estonian prime minister's "Reform Party website" and soon after other government and political websites, including the official website for Estonia's parliament were part of the attack (Richards, 6). After a full week of denial-of-service attacks on these sites, they had been "knocked…completely offline," Richards explains on page 6.

In the second week of cyberterrorism against Estonia the Russians were able to knock news websites offline. And when officials realized the attacks were coming from outside Estonia, they blocked all incoming information from outside the country, which created an irony because these news organizations could not report the terrorism to the world, Richards continues on page 7. The worst of the attacks arrived May 10, 2007, when the Internet capabilities of the largest bank in Estonia, the Hansabank, were shut down.

This was a major disruption in the Estonian economy because "…97% of all banking transactions occurred online" and moreover, the ATMs in Estonia were also shut down (Richards, 7). How did the hackers launch this cyberterrorism? They used "…weblogs, web journals, and Russian-language chat rooms" to advise hackers as to what time to launch attacks and what Estonian sites were most vulnerable, Richards continues (7).

The flood attacks (using botnets which are computers that have been stolen from unsuspecting personal users) contained from 1,000 packets per hour early in the event (April 26) up to 4 million "incoming packets of information per second at hundreds of targeted websites" by May 9 (Richards, 7). What did Estonia do in response to prevent similar attacks? First NATO sent cyberterrorism "experts" to assess what happened, why it happened, and helped to patch the vulnerable spots that allowed the attacks to be conducted.

Cyberterrorism response strategies have subsequently been produced, and according to a peer-reviewed article in the Baltic Security & Defense Review, Estonia has fine-tuned its preventative measures against cyberterrorism to the point that they are now "…heralded as a leader in technological security" (Ashmore, 2009). In fact within a year after those attacks, Estonia adopted a "…comprehensive national cyber security strategy" and has been recognized for the quality of its defenses against future attacks (Ashmore, 9).

Russia's cyberterrorism against Georgia In the peer-reviewed journal Communications of the AMC, the Russian military invasion into Georgia in 2008 was accompanied by a cyber attack that Georgia was not ready to, or competent to deal with. According to Ross Stapleton-Gray and William Woodcock, unlike Estonia, Georgia did not have extensive international links, and George did not have IXPs (Internet exchange points, a technological infrastructure that allows internet service providers -- ISPs -- to have an exchange of traffic between their networks).

In other words, Georgia had a "limited infrastructure" which was "easily overwhelmed" by the Russian cyberattacks (Stapleton-Gray, et al., 2011). On August 7, 2008, Russia launched numerous cyberattacks against government websites in Georgia, which was, according to Eneken Tikk, writing in the Cooperative Cyber Defence Centre of Excellence (CCDCOE), in Tallinn, Estonia, the first time that a military offensive had been accompanied simultaneously by cyberterrorism (the Russian military aggression began on August 8).

The cyber assaults were not as debilitating to Georgia citizens as they were to Estonians because at that time there were only 7 Internet users per 100 Georgians while there were 57 Internet users per 100 in Estonia at the time they were attacked (Tikk).

What kind of cyberattacks were launched against Georgia? Tikk reports that there were "Distributed Denial of Service (DDoS)" attacks and "defacement" of the president's website (Mikheil Saakashvili) (www.president.gov.ge), the website of the National Bank of Georgia (www.nbg.gov.ge), and the Ministry of Foreign Affairs in Georgia (www.mfa.gov.ge) (Tikk). On the president's website, hackers posted pictures of the president and Adolf Hitler; on the national bank's site, a galley of "…20th century dictators" was posted on the home page.

Numerous other sites were attacked, including about thirteen media sites and financial institutions as well. The attackers also launched spam to email addresses of media people and government officials. What was done in response to the attacks? Some of the sites changed IP addresses, some moved their portals to "Tulip Systems" in Atlanta, Georgia, and others opened up blogger accounts to keep information flowing (Tikk). Basically the attacks prevented officials in Georgia from "making its voice heard" around the word, Tikk reports.

The attacks were far more serious in Georgia than they were in Estonia, where banking services were interrupted; in Georgia, their inability to communicate the war that was launched against them was far more serious than what happened to Estonia. Subsequent to the cyberterrorism launched against it, Georgia has tightened up its preventative technologies with the help of IT professionals from Europe (including Estonia) and the United States. U.S. State Department computers were compromised in 2006 In the summer of 2006, the U.S.

State Department (State) was hit with "…large-scale computer break-ins worldwide" that resulted in the theft of "…sensitive information and passwords," a far more serious intrusion than the first two mentioned in this paper (Associated Press). The hackers -- who were able to hide malicious code in a seemingly innocent Word document, resulting in a Trojan horse being installed in the agency's computer network -- focused on American offices that are in or deal with Asia.

This was a substantial blow to security because daily State processes about 750,000 emails and instant messages from more than 40,000 employees and contractors in 100 domestic and 260 foreign locations (Reid, 2007). The.