A year after Russian troops invaded the former Soviet state of Georgia, a report has concluded that the accompanying cyberattacks were carried out by organized crime and civilians with the aid of the Russian military.
The report, released by the U.S. Cyber Consequences Unit, is the result of an analysis of data collected during and after the attacks, which took place between August 7 and August 16, 2008. The US-CCU is a nonprofit research institute that focuses on analyzing cyber events and advising the U.S. government.
The attacks against Georgia initially targeted news media and government websites, making it hard for Georgians and the outside world to follow the events, the report states. Once the Russian military had established its presence inside Georgia, the list of targets expanded to include financial institutions and other businesses, universities, and more news media and government sites.
“These cyberattacks were designed to make it difficult to organize an effective response to the Russian presence,” the report says. “Many of them were intended to interrupt normal business operations. Others were intended to make the Georgian population uncertain about what to expect and what they should do.”
While the Russian military obviously benefited from the attacks, the US-CCU argues that the evidence indicates only civilians were involved.
“Although, it would, in principle, have been possible for the Russian military to have carried out some of these cyberattacks, disguising their involvement convincingly would have been very difficult and expensive,” the report states.
However, the US-CCU report concludes that the Russian military most likely gave the attackers a list of targets and, potentially the tools to conduct the attacks. Considering that the attacks happened at nearly the same time as the invasion of Georgia–and that there was no reconnaissance done prior to the attacks–the denial-of-service floods were probably preplanned, the report argues. The attacks also involved the cooperation of Russian organized crime, as many of the attacking computers also had software installed for other cybercriminal activities, according to the report.
In defending against the attacks, the Georgian government tapped groups of cybersecurity experts and initially filtered the Russian IP address space. However, the attackers soon used proxies and compromised computers in other nation’s address spaces, making the attacks harder to block.
The Georgians also apparently planted a counterattack tool, disguising it as another script to attack its own computers. Russian sympathizers who downloaded and used the program would instead attack 19 websites in Russia.
“No evidence of damage caused by this attack script came to the US-CCU’s attention, which suggests that any harm it caused was not extensive,” says the report.
Embracing CX in the metaverse
More than just meeting customers where they are, the metaverse offers opportunities to transform customer experience.
Identity protection is key to metaverse innovation
As immersive experiences in the metaverse become more sophisticated, so does the threat landscape.
The modern enterprise imaging and data value chain
For both patients and providers, intelligent, interoperable, and open workflow solutions will make all the difference.
Scientists have created synthetic mouse embryos with developed brains
The stem-cell-derived embryos could shed new light on the earliest stages of human pregnancy.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.