NEW WAR PARADIGM.
Three months after May's "information warfare" attacks on Estonia, computer security experts continue to scrutinize the event for clues to the future of digital conflicts.
Israeli security expert Gadi Evron, who helped the Estonians with their response, argued here at Chaos Communication Camp, following similar speeches at other recent gatherings, that the attacks were far more akin to a "cyber-riot" than to actual warfare.
The May events followed the Estonian decision to dismantle and move a symbolically significant Russian war memorial in their capital city of Tallinn (Estonia was an unwilling part of the USSR from the end of World War II to the Soviet dissolution). Riots of the local Russian-speaking population resulted, and calls for retaliation quickly spread to Russian blogs.
Many of the early attacks that subsequently overwhelmed Estonia's Web servers, banks, and government email systems were rudimentary, with instructions widely posted on these blogs telling people how to send manual pings to the country's servers. But more sophisticated tools soon were used, with botnets flooding Estonian addresses with traffic anywhere from 100 to 1000 times ordinary levels.Leninmissile2
The Estonians, and much of the world press, initially characterized this as the first true information war. Fingers were pointed towards the Russian government, largely on the basis of IP addresses (probably spoofed) traced to government facilities. For their part, Russian officials hotly denied any involvement.
Evron doesn't downplay the seriousness of the situation – it effectively hamstrung facilities for days in a country far more deeply reliant on Internet infrastructure than is the United States. But he points to the way activity and action spread through the blog community as evidence that this was something very different than a conventional military operation.
"Fighting is not necessarily warfare," he says. "The whole idea of the blogosphere, of online mob psychology, is taking psychological warfare and putting it on the offensive."
Defenders against this kind of attack, which spreads meme-like through an easily inflamed, but not necessarily coordinated online community, need to think more in terms of policing metaphors than military, he says. Crowds without centers need to be controlled and subdued, rather than attacked. Damage must be mitigated, with a focus on defense rather than offense.
So who was ultimately behind the attacks? Evron says portions of the attacks looked suspiciously like there was some central coordination happening; but it's as yet impossible to trace anything back to the government.
More important is the lesson that in future events, cyber-conflicts may best resemble guerrilla battles, or even spontaneous riots, in which the general opponents are known, but the immediate attackers are not.
As for Americans still trying to adapt to asymmetric warfare tactics in Iraq, these lessons may take time to sink in. But it seems certain that Estonia will remain a case study for years to come.
http://blog.wired.com/27bstroke6/
http://tinyurl.com/2p5yro
Israeli security expert Gadi Evron, who helped the Estonians with their response, argued here at Chaos Communication Camp, following similar speeches at other recent gatherings, that the attacks were far more akin to a "cyber-riot" than to actual warfare.
The May events followed the Estonian decision to dismantle and move a symbolically significant Russian war memorial in their capital city of Tallinn (Estonia was an unwilling part of the USSR from the end of World War II to the Soviet dissolution). Riots of the local Russian-speaking population resulted, and calls for retaliation quickly spread to Russian blogs.
Many of the early attacks that subsequently overwhelmed Estonia's Web servers, banks, and government email systems were rudimentary, with instructions widely posted on these blogs telling people how to send manual pings to the country's servers. But more sophisticated tools soon were used, with botnets flooding Estonian addresses with traffic anywhere from 100 to 1000 times ordinary levels.Leninmissile2
The Estonians, and much of the world press, initially characterized this as the first true information war. Fingers were pointed towards the Russian government, largely on the basis of IP addresses (probably spoofed) traced to government facilities. For their part, Russian officials hotly denied any involvement.
Evron doesn't downplay the seriousness of the situation – it effectively hamstrung facilities for days in a country far more deeply reliant on Internet infrastructure than is the United States. But he points to the way activity and action spread through the blog community as evidence that this was something very different than a conventional military operation.
"Fighting is not necessarily warfare," he says. "The whole idea of the blogosphere, of online mob psychology, is taking psychological warfare and putting it on the offensive."
Defenders against this kind of attack, which spreads meme-like through an easily inflamed, but not necessarily coordinated online community, need to think more in terms of policing metaphors than military, he says. Crowds without centers need to be controlled and subdued, rather than attacked. Damage must be mitigated, with a focus on defense rather than offense.
So who was ultimately behind the attacks? Evron says portions of the attacks looked suspiciously like there was some central coordination happening; but it's as yet impossible to trace anything back to the government.
More important is the lesson that in future events, cyber-conflicts may best resemble guerrilla battles, or even spontaneous riots, in which the general opponents are known, but the immediate attackers are not.
As for Americans still trying to adapt to asymmetric warfare tactics in Iraq, these lessons may take time to sink in. But it seems certain that Estonia will remain a case study for years to come.
http://blog.wired.com/27bstroke6/
http://tinyurl.com/2p5yro
Labels: cyberwarfare, paradigm, shift
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home