There has been a lot of hysteria and accusations thrown around in the idea that Russia is engaging in cyber warfare currently with Georgia. There are a lot of reasons to think that cyber warfare is actually occurring. It is in the interest of a nation state to interrupt the command and control of an adversary. 
The telecommunications, data systems, power infrastructure, all are components of the command, control and communications systems. Whether kinetic means were used or exploitation through other means achieved the same objective the symptoms would be the same.
Jonathan Richards writing for the Times Online reports that:
“There was confusion as to the extent of the attacks, however, with at least two independent internet monitoring companies saying they had seen no evidence of large scale attacks on Georgian government infrastructure.”
The rapidly escalating violence and bombing campaign likely has resulted in power interruptions and destruction of communications infrastructure. The end result being the same but due to a much less salacious cause. It would be expected confusion would reign in the “fog of war” and many of the reports are going to be more emotional than verifiable. Richards further reports that:
“Two web monitoring companies contacted by The Times said, however, that they had not seen evidence of any significant attack on Georgian government infrastructure of the sort that affected Estonia’s computer systems in May last year.”
This is an interesting development. For the last decade cyber warfare as a stand alone attack vector has been largely ignored. Even in this case companies are not actually reporting a cyber attack. A simple bibliometric search shows that on average historically cyber warfare rises as a concept and is then devolved, redefined, and muddled by jargonistic malfeasance. The attacks in Estonia brought to light some of the capabilities between nation states and it has been said by some that only a nation state has the capability to injure substantially another nation state.
Reporting on the ramp up in the propaganda discussion aspects of cyber warfare include Krzys Wasilewski discussing in NewsBlaze talking about the history of cyber warfare and suggests currently:
“Far from the battlefield, at their computers in Moscow, another type of soldier was fighting the enemy. In the early hours of Saturday, news websites registered on Georgian servers either stopped working or presented false information. Although no one was caught red-handed, there was no doubt that the operation was orchestrated by the Kremlin.”
I’m not sure how Mr. Wasilewski knows what is happening in the Kremlin, but under pressure of an air campaign and tanks rolling into the Georgia it would surprising if the data network even partially continued to work. The primary threat to any data network is interruption/destruction of the physical elements. That is not to discount the idea that a distributed denial of service campaign might be occurring. There is just more than one answer to the question than uber-elite Russian hackers skulking through Georgian servers.
Mr. Wasilewski though makes an interesting charge in that he says Georgia has been engaged in cyber warfare against the break away regions:
“Georgia, too, has experimented with cyber warfare. On August 5 – three days before the military operation in South Ossetia – the secessionist republic’s two news online services were reportedly hacked. This time, both websites started to feature the logo and material of a rival company financed by the Georgian government.”
This charge is supported by Kate Tabatadze writing for FinChannel.com who states that:
“The front page of the website of Russian backed news agency, OSinform – osinform.ru – which is run by the breakaway region’s state radio and television station IR – retained the agency’s header and logo, but otherwize the entire page was featuring Alania TV’s website content, including its news and images.”
This may show that the information portion of the campaign is in swing including elements of propaganda and psychological operations supported by computer network attack. The question though is this state sponsored and is Georgia engaging cyber warfare or are aligned non-state actors taking up and engaging in cyber-insurgency instead.
No less than ZDNet with Dancho Danchev reporting on the possibility that the Russian Business Network (RBN) is acting as a sanctioned or state sponsored entity. If that is the case to all of those people out there I’ve told about “letters or marquis” as a way around the rules of war in state sponsored cyber warfare “I told you so!”. Danchev though states that:
“After defacing Mikheil Saakashvili’s web site and integrating a slideshow portraying Saakashvili as Hitler next to coming up with identical images of both Saakashvili and Hitler’s public appearances, the site remains under a sustained DDoS attack. It’s also interesting to point out that the an average script kiddie wouldn’t bother, or wouldn’t even understand the PSYOPs effect of coming up with identical gestures of both parties and integrating them within the defaced sites.”
This understanding of the hybrid uses of cyber warfare to wage computer network attacks leading to psychological operations is a key to the operational art. The case though does not make it past the sniff test. A good psychological operations team is going to work at a much higher level than pictures of Hitler. I would suggest that the Russian nation would not use Hitler but a subtler entity. They further would want the message to be spread not deny their hard work from being promogulated. Though I’ve been told that Russians wage war like a sledge hammer makes a sandwich.
The most interesting reporting and case ascribed to cyber warfare is Victor Phillip Ortiz reporting for PC Magazine . Mr. Ortiz discussing the CNN interview between Wolf Blitzer and Mikhail Saakashvili says that the cyber attack against the Georgian VOIP phone system was to blame for interruptions. Mr. Ortiz reports:
“Shortly after noon east coast time in the United States, CNN’s Wolf Blitzer attempted to interview Georgian President Mikhail Saakashvili by phone on his live news program. The first attempt was unsuccessful and the second attempted about ten minutes later was able to successfully connect President Saakashvili. President Saakashvili apologized for the missed connection earlier blaming the problem on a “cyber attack” against the Georgian VoIP phone system.”
This would be a classic attack vector for interrupting the communications for command and control. The ability to disrupt a telephone system that is supposedly better and more resilient to interruption than the plain old telephone system suggests the technology is weaker than expected. Think back to the American West and the Indian tribes cutting the telegraph lines thereby interrupting the communication path. Not such a big deal when trains could see each other, but when trying to coordinate high speed ordinance and direct fire missions on the same systems civilians uses it is nearly catastrophic.
Mr. Ortiz further states:
“The ability to disrupt an advisory’s communications has always been a military tactic and that is what makes the Internet a prime target. “This is a sign of things to come” said Steve Idelman – CEO of Solutionary a leading security firm. Cyber warfare strategies, tactics and weapons are relatively new. One thing is certain, given the increased number and sophistication of the tactics used in cyber attacks, cyber warfare capabilities are at the top of military wish lists of an estimated 140 countries. Cyber war is now a part of modern warfare.”
Unfortunately Mr. Idelman is incorrect. The techniques of cyber attack are as old as conflict. The interruption of the commanders decision cycle and the decreasing of communication between entities on the battle field can be a distributed denial of service attack or a well place smoke screen. The strategies and techniques of cyber warfare are old, but only just being realized by the leaders who make war today. The maturity in thought about how computer network attack and exploitation are realized on the modern battlefield is just now being attempted by the United States Military this generation. Looking back through history it is about time again to cover the same ground with a new group of military leaders just like a decade ago.
Cyber warfare though in the case of Georgia Russian conflict appears to be no different than previous conflicts. What would make it different and what are will I be looking for in the near future? Signs of kinetic effect through the use of the data and SCADA networks. Generators blowing up or dams releasing water because they have been seriously attacked through the networks. I would just like to say thank you again to all the reporters listed in this post. Finding out any information in a zone of conflict is going to be difficult at best.
6 comments for “Cyber warfare: Russian and Georgian conflict”