Advertisement
Promo

Security threats Toolkit

Georgia accuses Russia of co-ordinated cyberattack

Tom Espiner ZDNet.co.uk

Published: 11 Aug 2008 13:51 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The Georgian embassy in the UK has accused forces within Russia of launching a co-ordinated cyberattack against Georgian websites, to coincide with military operations in the breakaway region of South Ossetia.

Speaking to ZDNet.co.uk on Monday, a Georgian embassy spokesperson said that websites had been unavailable over the weekend, claiming this was due to Russian denial-of-service attacks.

"All Georgian websites have been blocked," said the spokesperson. "Georgia is working on redirecting web traffic."

At the time of writing, the Ministry of Defence of Georgia website was unavailable for viewing from the UK. Both the Georgian presidential website and the Ministry of Foreign Affairs of Georgia website were available, but the spokesperson said this was due to Georgian redirection work.

"They are new [websites]," said the spokesperson. "It was impossible two days ago [to access them]."

However, the spokesperson admitted that, as yet, Georgia could not confirm that Russia had been responsible, as the causes were still "under investigation". "Who else might it be though?" asked the spokesperson.

The Russian embassy in London said it had no information regarding cyberattacks against Georgia, but insisted there had been no military attack against Georgia. "I'd like to draw attention to a misunderstanding," said a Russian embassy spokesperson. "There is no Russian [military] attack. There is peace enforcement in South Ossetia."

According to a post on the website of the president of Poland, Lech Kaczynski, the Russian government blocked Georgian websites to coincide with "military aggression".

"Along with military aggression, the Russian Federation is blocking Georgian internet portals," read a statement on the Polish presidential website. "On request of the president of Georgia, the president of the Republic of Poland has provided the website of the president of Poland for dissemination of information."

One of the statements made by the Georgian government on the Polish presidential website accused the Russians of bombing the port of Poti on the Black Sea, "far from South Ossetia", and of sending warships into the area.

Read this

Feature
Governments prepare for 'cyber cold war'

Analysis: Security experts have warned that governments are regularly monitoring and attacking the critical national infrastructures of other nations

Read more +

"[Poti] serves as a vital energy-transit route to Europe," read the statement. "Over the past 48 hours, Russian forces have killed over 100 Georgian civilians and soldiers, after targeting residential complexes in Georgia, as well as airports, bases, and other vital infrastructure."

The RBN website, which normally attempts to track the activities of the criminal Russia Business Network, kept a running commentary of technical developments over the weekend.

On Saturday, the RBN blog, which is run by security researcher Jart Armin, claimed there was a "full cyber-siege" of Georgia. The RBN blog post claimed that the Russia-based servers AS12389 Rostelecom, AS8342 Rtcomm and AS8359 Comstar were controlling all traffic to Georgia's key servers.

According to the blog, German hackers managed to route traffic directly to Georgia through Deutsche Telekom's AS3320 DTAG server for "a few hours" on Saturday, but this traffic was intercepted and rerouted through AS8359 Comstar, which is located in Moscow.

The RBN website also warned users not to trust any websites that appeared to be maintained by the Georgian government but did not have any statements about the weekend's hostilities, as these had likely been intercepted and altered.

Security organisation the Shadowserver Foundation reported in an update to an earlier blog post that it was also seeing cyberattacks directed against ".ge" sites, with the Georgian presidential and websites being hit with HTTP floods. Shadowserver reported that the command-and-control server being used to launch the attacks was located in Turkey.

In July, Shadowserver security volunteer Steven Adair reported that the president of Georgia's website had suffered a denial of service attack following a build-up of hostilities between Russia and Georgia over South Ossetia.

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
9 out of 9 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

C++/Java - C++ Software Engineers & Java Developers to65K - K3/MON23

Scientific Officers - Translational Cancer Research

Web Analytics Manager

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Met will not reopen phone hack investi...

The Metropolitan Police will not reopen its investigation into alleged phone hacking by the News of the World. In a press statement delivered outside Scotland Yard on Thursday, Assistant... More

Post a comment

FUD over ChromeOS's security already?

It hasn't taken long for the security vendors to wake to the potential of Google's new ChromeOS. The potential that is, to create FUD – fear uncertainty and doubt. In a release today,... More

Post a comment

Feds take DDoS in their stride

The US Department of Homeland Security has said that a series of distributed denial-of-service attacks began on US government networks on 4 July. However, Amy Kudwa, deputy press... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters