Russian cybercrooks turn on Georgia

Infamous rent-a-bot krew gets political

By John Leyden • Get more from this author

Posted in Crime, 11th August 2008 13:26 GMT

Free whitepaper – The starter PKI program

Conflict between Georgia and Russia on the ground has been accompanied by the relaunch of cyber-attacks against Georgian government websites.

The Georgian presidential (www.president.gov.ge) and other government websites (such as www.parliament.ge) were left inaccessible by assaults over the weekend, in a repeat of attacks in late July before tensions over the breakaway region of South Ossetia spilled over into armed conflict.

The DDoS attack appears to be using a Russian malware variant from the Pinch family and a command and control server based in Turkey. Nationalist articles in Russian language papers are apparently inspiring Russia's digital underground to get involved in assaults on Georgia's web-facing systems.

Unconfirmed reports claim the notorious RBN (Russian Business Network) are behind the attacks and that Georgian internet servers were owned by foreign attackers on Thursday - the day before Russian tanks rolled into South Ossetia.

Interests in cyber-attacks as an adjunct to real-world conflict has increased since the denial of service attacks took out the internet infrastructure of Estonia in April last year. The attacks coincided with a dispute of the relocation of WWII-era monuments and affected Estonian parliament, bank, newspaper and government sites.

The assaults were blamed on Russian nationalists. Estonian Foreign Minister Urmas Paet suggested that the Kremlin may have had a hand in the attacks but no hard evidence has emerged to substantiate this accusation. Only one person - a locally-resident ethnic Russian - was convicted over the attacks. ®

Free whitepaper – Server-gated cryptography