The Russia Georgia cyberwar

Disabling an enemy’s ability to communicate is one of the most basic – and ancient – tactics of warfare. In the case of the current Russian incursion in to Georgia that also means the Internet. There is no clear indication at this point who is directly to blame for the DDoS attacks against Georgia but there is no doubt that it is happening.

A report on the Renesys security blog noted that there are some 309 networks that geo-locate to Georgia with 60 percent of them being unstable (and under some form of attack).

Jose Nazario of security firm Arbor networks reported some interested stats on the attacks this week. According to Arbor’s data:

Average peak bits per second per attack

211.66 Mbps

Largest attack, peak bits per second

814.33 Mbps

Average attack duration

2 hours 15 minutes

Longest attack duration

6 hour

The reality though, is that the Internet itself is very resilient (it was built by the US military to withstand attack after all) and websites in Georgia are still accessible. Things like moving the hosting servers (to the US or elsewhere) as well as distributing loads can minimize the full impact of DDoS.

Whether or not it is actually the Russian government or not that is behind the attacks is still a matter of speculation. Security researchers Gadi Evron wrote:

While Georgia is obviously under a DDoS attacks and it is political in
nature, it doesn’t so far seem different than any other online
after-math by fans. Political tensions are always followed by online
attacks by sympathizers.

Regardless of who is to blame and what the impact is, it’s important to remember that this is all about people and innocent people are being killed in this conflict. Let’s all hope that the Internet will also be used as a tool for getting information out that will end this conflict.

News Around the Web