Conflict between Russia and Georgia turns to cyber warfare

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Regular readers of the Sophos website will be no strangers to the rumours and accusations that have flown around for years, alleging that countries use the internet to engage in cyber warfare and espionage.

For instance, in September 2007, the Financial Times reported that the Chinese military were being blamed for a cyberattack which targeted a Pentagon computer system serving the office of US defense secretary Robert Gates. The FT reported that the People’s Liberation Army (PLA) had been named as the likely perpetrators of the attempted hack.

Earlier this year, we reported how the German foreign intelligence service had been accused of spying on a ministry in Afghanistan, and how the governments of Belgium and India had pointed the finger at China for attacks against official computer systems.

Sign up to our free newsletter.
Security news, advice, and tips.

Things have recently heated up, however, as anyone who keeps a close eye on the newspapers will know. Nobody can fail to be saddened by the news of how the long-running dispute over the Georgian breakaway region of South Ossetia, has escalated into a full-blown conflict involving Russian and Georgian forces.

There are plenty of places where you can read on the net about the latest news coming from the region. However, I thought it might be interesting to document how this modern war has also spilled into internet skirmishes. Although we have not yet seen specific malware or spam campaigns related to this ongoing news story, there is evidence of hackers using the internet to disrupt and deface the websites of the opposing forces.

Here is a timeline of what we have seen so far:

8 August 2008
According to the Russian press, the website of South Ossetian government was attacked with a distributed denial of service (DDoS) attack. This followed in the hours after Georgian forces fired artillery shells at South Ossetian villages.

9 August 2008
As reported by Georgian sources, the Georgian Ministry of Foreign Affairs website was defaced by hackers, who replaced it with a collage of photographs of Georgian president Mikheil Saakashvili and Adolf Hitler.


Some hacked websites were defaced with images of Georgian president Mikheil Saakashvili and Adolf Hitler.

Other Georgian websites which also suffered hacker attacks included the Ministry of Internal Affairs, the Ministry of Defense, and the website of the Ossetian Government in Exile. In addition, the National Bank of Georgia was defaced and Georgian news portals are also said to have been on receiving end of DDoS attacks.

11 August 2008
Media reports (in English and Russian) claim that Russian news agency RIA Novosti suffered a denial-of-service attack making it very slow to respond. Other sites are also believed to have been disrupted.

This blog isn’t the place to discuss who is right and wrong in the dispute, all we can hope is that the conflict does not broaden, and that there is a peaceful and swift resolution.

We’ll keep you informed if the current spate of defacements and DDoS attacks spill into a broader internet attack that could affect computer users in other countries.

Map credit: maps.live.com


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.