Last year Estonia fell foul to a major DDOS attack that crippled many of that countries Internet infrastructure impacting on online banking, government and media websites. I posted about this particular attack in the post “Botnets – Digital Weapons of Mass Destruction?” Gadi Evron, who was involved in helping Estonia defend against these attacks has published an article on the attacks. Entitled “Battling Botnets and Online Mobs – Estonia’s Defense Efforts during the Internet War” the article gives a good background into why the attacks happened, the impact they had on Estonia and also how Estonia defended against the attacks.
The Estonian CERT comes into focus a lot as their efforts ensured the attacks were dealt with as effectively as possible. The key to their success was the ability to work with other CERTs, such as those in Germany, Finland and Slovenia.
Reading the article I could not help wonder how would we as a country fare if we were to be victims of a mass cyber attack on the scale that happened against Estonia? We do not have a CERT team to help coordinate any responses either nationally or internationally. I have spoken on this issue many times in the past and feel quite strongly that a CERT is fast becoming a necessity for us to have in order to ensure our growth as a knowledge economy and to protect our Internet infrastructure.
Gadi’s article makes for an interesting non-technical read. While reading it though think how would Ireland cope with a similar attack and let me know how you think we would fare.