Feeds

Cyberwarriors on the Eastern Front: In the line of fire packet floods

Former senior Estonian defence official talks cyberwar

Build a business case: developing custom apps

Clueless spotters green-lit porn site for cyber carpet bombing

Just one person, an ethnic-Russian Estonian national, has been charged and convicted of the attack. Dmitri Galushkevich, 20, was fined the local equivalent of $1,200 after he was convicted of attacks against the Reform Party of Estonian Prime Minister Andrus Ansip.

"He was not accountable as an organiser but a schoolboy providing targets via chat forums," Almann explained, adding in some instances the attackers were misdirected by their spotters on the ground.

One wave of attacks, for example, took out an adult entertainment (porn) website instead of an Estonian state security site.

Estonia's analysis of the attacks reveals that small-scale ping attacks, used to carry out reconnaissance of targets, preceded the main assaults, which came in phases. "The main phase of the attack involved voluntary political botnets, predominately located in Russia, which Almann described as "easy to block", as well as assaults of growing sophistication from compromised machines around the world.

The attacks against Estonia, the first of their kind on a country-wide level, have been studied intensively by military planners since. In 2008, cyberattacks on Georgian websites and communication facilities accompanied a ground war between Russia and Georgia.

Estonia, along with Poland, stepped in to offer backup hosting of Georgian government website. Almann argues this process needs to be more organised. "We need pan-European backup hosting for critical websites," he said.

Rules of engagement

Almann reckons that rules for the investigation of cyberattacks need to be established by more countries signing up to the Council of Europe Convention on Cybercrime. Russia and China and several other key countries have not signed the treaty while some countries in Europe, including the UK, have signed but not ratified the regulations.

Russia might be encouraged to sign the treaty by making it a condition of World Trade Organisation negotiations, he suggested, adding the issue of cyberconflict ought to be on the agenda of G8 talks that include Russia and the world's seven biggest economies.

Some observers have suggested that a Geneva Convention for cyberwar might be needed, an idea Almann regards as a non-starter even though he's equally adamant that cyberwar is all too real.

"With applications such as Stuxnet attacks are growing more sophisticated," Almann said. "There are really serious capabilities out there."

"However banning the use of cyberweapons is not realistic. Cyberwar is out there and everybody is involved."

Offence is the best form of attack

Plenty of governments talk about boosting the capability of their cyber-defences but very few, at least publicly, talk about cyber-offensive capabilities. Cyber-offensive capabilities might involve attacking a particular botnet of compromised PCs or disrupting the communication channels an enemy is using to co-ordinate attacks. Almann reckons most countries are developing cyber-offensive capabilities. "Sovereign nations need the capability. It's unavoidable," he said.

However establishing rules to govern the use of such weapons is something else, in Almann's opinion.

"A Geneva Convention for cyberwar is not going to work," he said. "I'm a lawyer and I wouldn't know what to write. The field is so fast-developing that you are going to get it wrong.

"This is not burning issue and shouldn't divert attention from dealing with shortcomings of critical national infrastructure systems," he added.

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?