Security

Georgia Cyberwar Overblown

Last week Russian tanks rolled into South Ossetia while Russian bombers were taking out critical communications infrastructure. But even before the first tank rolled across the disputed borders, another war was brewing in cyberspace.

Armies of hackers started attacking critical cyberinfrastructure in Georgia. A counter-offense of Georgia hackers fought back to control major routing exchanges. Then a disturbing escalation: Georgian hackers were able to take control of Russian strategic launch capabilities. The Russian defense AI was defeated and forced to begin the launch sequence of ICBMs toward strategic targets everywhere. At the last moment, a Russian teenager with top-secret network access gained over an open Wi-Fi in his high-school network was able to persuade the Russian AI to back off by showing it the futility of war through a game of tic-tac-toe. Oh, wait a second -- that's a movie plot! None of this actually happened

For all the reports of cyberwar between opposing arming of cyberwarriors, you'd think that a big part of the war was being fought in cyberspace. A few instances of denial of service (DoS) were being amplified by the media into a cyberwar. I got e-mails and calls from journalists asking me about the implications of cyberwarfare, the vulnerability of U.S. infrastructure and the potential for electronic Pearl Harbor. What a load of [redacted:TOPSECRET]!

There are two problems with the theory of cyberwarfare in the Caucusus. The first is that all of the reported attacks consisted of DoS against Web sites, mostly connected with government functions. There were no reports of attacks against critical infrastructure, electronic jamming of stock exchanges, SCADA-hack explosions in substations or anything like that. This was not a battalion of elite army-trained hackers from the Russian Southern Command of Cyber Warfare (Unit 1337). In all likelihood it was groups of run-of-the-mill script kiddies with control of a botnet, stroking their egos with the higher cause of injured nationalism. More "Boris waz ere" than "All your SCADA are belong to us."

The second problem is that in order for cyberwarfare to be successful there needs to be a lot of cyberinfrastructure to attack. Georgia and Russia are both making tremendous strides in development of Internet infrastructure but let's not kid ourselves. These are not info-economies running all their banking in virtual reality on top of Second Life. The targets that were attacked were mostly government brochure-sites. Even in the United States, where a lot of government services are delivered over the Web, a sustained DoS attack against government Web sites would not really affect the economy. It would simply make the online experience more like the real-life DMV experience, and we somehow survived that fine up to 1995.

A single picture of a Russian tank on the front page of a newspaper can probably cause investor panic and have a bigger economic impact than all of the DoS attacks. News continued to get out of Georgia without much interruption. Instant messaging, which was a lifeline for many with family in the war zone, was mostly unaffected. You can't have cyberwar when such a small part of the economy depends on cyber-anything.

Subscribe to the Security Watch Newsletter

Comments