Did your family help launch a cyber attack that paralyzed the entire country? No, really, don't laugh. In April 2007, communications in the Baltic States of Estonia were severely damaged, relying on the computers of millions of innocent users around the world, just like you and your relatives. The strike is eye-catching in fully demonstrating how cyber warfare turns from an idea to a reality. It all started with the movement of a soldier.
The bronze warrior is a two-meter-high statue originally located in a small square in Tallinn, Estonia, above the burial site of Soviet soldiers lost in the Second World War. The memorial has long divided the country's population, and the Estonians have seen it as a symbol of Soviet [formerly Nazi] occupation, and a large number of ethnic minorities [about 25% of the total] of Russian immigrants see it as a symbol of the Soviet Union. Conquer the claims of the Nazis and Russia against Estonia. When the country's newly appointed Ansep government launched a plan to relocate statues and remains as part of the 2007 election campaign, the move sparked the worst riots the country had ever seen – and the astonishing Network attacks.
On April 27, the two-day riots shocked the entire country, and the Estonian embassy in Moscow was trapped in a siege. Large-scale distributed denial of service [DDoS] attacks overwhelmed most of Estonia's Internet infrastructure, causing online activity to almost stagnant. Not before. The goal is not a military website, but a civilian website belonging to organizations such as banks, newspapers, Internet service providers [ISPs] and even home users. Most of the attacks came from hackers using ISP addresses in Russia, but the most damaging factor in the attack was the botnet, which added millions of previously infected computers worldwide to combat Estonia's infrastructure.
Analysis of cyber attacks
The botnet deceived Estonian network routers, continually resending unwanted packets to each other, quickly overwhelming the infrastructure used to carry out all online business in the country. The attacks are mainly concentrated on small sites that are easy to eliminate, but they are destructively effective. The bank's website was inaccessible, leaving most of Estonia's financial activities paralyzed. News sites have also been attacked, trying to disable news sources. Internet service providers are overwhelmed and provide Internet access to most people.
Although the Estonian government is expected to have a strong online opposition to its decision to move the statue, it is completely unprepared to deal with the scale of cyber attacks. The Minister of Defence of Estonia recorded the "national security situation" of the attack and added that "it can be effectively compared with when your port is closed." [1]
Once it was clear that most of the country's online business infrastructure was affected, the Estonian Computer Emergency Response Team [CERT-EE] sent requests for help to IT security experts around the world and formed a temporary digital rescue team, including from my own company, Beyond Security. People. We spent a few days understanding the threats and starting to set up front-line defenses, mainly involving implementing BCP 38 network ingress filtering on the affected routers to prevent source addresses from spoofing Internet traffic. Once we start taking defensive measures, the attack will quickly diminish. But in those days when the attack was fought, the country could lose billions of euros due to falling productivity and business downtime.
Cyber war in the Middle East
The Estonian incident will go down in history as the first major [and hopefully the largest] example of a comprehensive cyber war. However, there is a cyber war on the planet that has become part of everyday online landscapes - and it continues.
In the Middle East, the Arab-Israeli conflict has important online factors, with thousands of attacks and counterattacks every year. This is the situation since the breakdown of the peace talks in the region, which was preceded by a spontaneous large-scale cyber war between Arab and Israeli hackers in 1999 and 2000. Arab sympathizers from many countries are involved. In the past six years or so, a group of Moroccan hackers have been smashing Israeli websites. Recently, Israeli military radio stations were infiltrated by an Iraqi hacker.
Unlike the blizzard-like strike in Estonia, this protracted war is not an important function for the enemy, but to weaken morale, consume resources and hinder economic development. These goals are often unresolved in Internet terminology: small transactions, information, and even plain websites are vulnerable to security. Taking over and destroying these sites is a way to intimidate the opposition - creating a feeling of "if they are here, where might they be?" - And caused a significant loss of data, profits and trust for the website owner.
Cyber war spread
If the examples in Estonia and the Middle East are our only cyber warfare experience, then categorizing them as local factors can be tempting and therefore does not attract the attention of the broader security community. However, unfortunately, these situations are only part of a larger trend that has caused disruptions in digital communication platforms. For example, in January of this year, two of the four Internet service providers in Kyrgyzstan were defeated by a major DDoS attack, and the authors are still unknown. [2] Although the details are very rough, it is said that the attack has caused 80% of all Internet traffic to be banned between the former Soviet republic and the West.
The strikes seem to have originated in the Russian network, which in the past was thought to be related to criminal activity, and the only fact that prevented widespread disruption in this case is that Kyrgyzstan's online services are different from Estonia's online services, the best time. This is obviously not the first such attack in the country. [3] It is alleged that there was a politically motivated DDoS in the country's 2005 presidential election, allegedly attributed to the Kyrgyz journalist who sympathized with the opposition party.
In recent years, China has also participated in cyber warfare, albeit on a smaller scale. It is said that domestic hackers have infiltrated the US Secretary of Defense, the sensitive French network, the US and German government computers, the New Zealand network as well as the Taiwan police, defense, election and central bank computer systems for laptops.
In a similar way, in 2003, Internet pests invaded the official website of the British Labor Party and posted a picture of President George Bush carrying his dog - the head of British Prime Minister Tony Blair was superimposed on [4] the event Attention is drawn to the loyalty of the government website to security, although it has been reported in this particular incident that hackers have exploited the fact that the monitoring devices used by web hosting companies are not working properly. As early as 2001, animal rights activists began to use hacking to protest the fur trade and smashed images of slaughtered animals on the luxury brand Chanel's website. [5]
Defense
What do all these events mean for global decision makers? The experiences of Estonia and the Middle East clearly show that cyber warfare has become a reality, and the former has shown its devastating potential. To be fair, Estonia is to some extent the perfect target for a network strike. In the early 1990s, Russia had less traditional communications infrastructure, freeing itself from the development of Western European countries and building a solid economy based on online services such as banking, commerce and e-government. At the same time, the country's small size - one of the least populous countries in the EU - means that most of its websites are also secondary and can be easily overwhelmed in the event of an attack. Last but not least, during the events in Estonia, things of a similar scale have not been experienced before.
It is safe to say that other countries are not so easy to be caught now. In fact, if anything, what happens in Estonia will prove to the rest of the world that cyber weapons can be very effective and should therefore be considered a priority for military and defense planning.
What might make cyber warfare a tactical choice for militant countries? There are at least five good reasons. The first is that it is "clean." It can destroy the entire economy of the target country without damaging any underlying infrastructure.
Second, for the aggressor, this is an almost completely painless way of fighting: you can launch an attack without a single soldier with the push of a button.
The third reason is cost-effectiveness. A 21,000 machine botnet can be obtained "only a few thousand dollars", which is only a small part of the cost of traditional weapons, but it is easy to cause hundreds of times of damage and destruction. [6]
Fourth, it is particularly difficult for the state administration to monitor and protect its online boundaries. DDoS attacks can be prevented by installing a better firewall around the site [for example], but no country currently has the right to tell its ISPs, telecom companies and other online businesses that they should do so, which has led to a full-scale network strike in the country.
The last but not least reason is the reasonable denial. So far, no cyber war attack has been able to link strikes to government authorities, and it is virtually impossible to do so. For example, in the case of Chinese hacking, the authorities have...
Orignal From: Cyber warfare in Estonia and the Middle East
No comments:
Post a Comment