Tag Archives: Estonia

Estonian Government Releases Cyber Strategy Paper

Posted on by

The Estonian Government has released a strategy paperon enhancing cyber security.  This is an interesting read as we can all learn from the lessons of the cyber attacks against Estonia last year.  The report makes for interesting reading and yet it is still sad to see that governments and many organisations only take computer security seriously after they have suffered a major attack.

Do you think this paper would have seen the light of day had Estonia not been a victim to a major Distributed Denial of Service attack last year?  I also wonder how many government officials here in Ireland are working on a similar paper to defend the Irish Internet space?

CyberWar Part of Georgian and Russian Conflict

Posted on by

Last year Estonia suffered a series of severe Distributed Denial of Service attacks which crippled its Internet infrastructure and made many government and press websites unavailable.  Estonia initially claimed that Russia was behind these attacks and they were subsequently dubbed as “the first Cyberwar”.  Later these accusations were retracted as there was no real evidence to prove Russian government involvement in the attacks.

The recent conflict between Georgia and Russia has also seen a number of parallel online attacks.  Apparently any sites within the .ru domain space are unavailable from within Georgia as are a number of well known pro-Russian sites.  Access to Russian TV channels are also blocked.

For its part Georgia claims that Russia has attacked a number of its websites including those of Georgian news sites, the Georgian Ministry of Defence and the Ministry of Foreign Affairs as well as the The National Bank of Georgia.  The Georgian ambassador to the UK, Giorgi Badrize, has accused Russia of being behind these attacked.   US Presidential candidate, Senator Barack Obama,  has also called on Russiato end these cyberattacks.

However, similar to the attacks against Estonia last year, it will be difficult to get hard evidence to support this claim.  As the attacks on both sides may be from sympathisers to either side.

Wikipedia has a good overview of the conflict which includes coverage of the cyberattacks affecting both sides.

These attacks are interesting in that they not only demonstrate the power of botnets and the impact they can have, but if they are being used as part of an overall offensive then we are seeing a new frontier in international conflicts.

Given the nature of the Internet it is also possible that unknown to you machines on your network may be part of the botnets that are attacking these sites.   If the online conflict should spread to other sites there may be collateral damage to sites that share the same hosting and networking environments as your sites do.

So I suggest you make sure all your machines are patched with up to date software and anti-virus signatures, that you are monitoring for any unusual traffic from your network to unusual destinations and that you review your DR plan in the event that your site suffers from online collateral damage.

A Tale from the Estonian CyberWar

Posted on by

Last year Estonia fell foul to a major DDOS attack that crippled many of that countries Internet infrastructure impacting on online banking, government and media websites.  I posted about this particular attack in the post “Botnets – Digital Weapons of Mass Destruction?”  Gadi Evron, who was involved in helping Estonia defend against these attacks has published an article on the attacks.  Entitled “Battling Botnets and Online Mobs – Estonia’s Defense Efforts during the Internet War” the article gives a good background into why the attacks happened, the impact they had on Estonia and also how Estonia defended against the attacks. 

The Estonian CERT comes into focus a lot as their efforts ensured the attacks were dealt with as effectively as possible.  The key to their success was the ability to work with other CERTs, such as those in Germany, Finland and Slovenia. 

Reading the article I could not help wonder how would we as a country fare if we were to be victims of a mass cyber attack on the scale that happened against Estonia?  We do not have a CERT team to help coordinate any responses either nationally or internationally.  I have spoken on this issue many times in the past and feel quite strongly that a CERT is fast becoming a necessity for us to have in order to ensure our growth as a knowledge economy and to protect our Internet infrastructure.

Gadi’s article makes for an interesting non-technical read.  While reading it though think how would Ireland cope with a similar attack and let me know how you think we would fare.