Political Cyberattacks to Militarize the Web
Governments looking to silence critics and stymie opposition have added DDOS (distributed denial of service) attacks to their censoring methods, according to a security expert speaking at the Source Boston Security Showcase.
As the use of DDOS for political gains increases, expect the Internet to become more militarized said Jose Nazario, senior security researcher at Arbor Networks, in an address on Wednesday.
"I don't think anyone is going to die because of these attacks, or a phone won't work, but it is early," he said, noting that other weapons have evolved from their initial forms.
In DDOS attacks, botnets, or a group of compromised computers used for malicious purposes, attempt to connect en masse to a victim's Web site. The server hosting the site is unable to respond to the abundance of communication requests and shuts down or returns pages so slowly that site is essentially inaccessible.
"The premise is to aggregate bandwidth and knock an adversary offline," said Nazario.
Nazario discussed how major international political situations spawned DDOS attacks. Unsuccessful DDOS attacks were launched at the Pentagon's network after the 2001 collision between a U.S. Navy spy plane and Chinese fighter jet resulted in the Navy plane making an emergency landing in China, he noted. CNN's Web site experienced a similar attacks after one of the network's reporters made disparaging comments about China's hosting the Olympic Games. China was reportedly responsible for both incidents.
"These folks are launching these attacks to show support for their own government," said Nazario.
Nazario mentioned the 2007 DDOS incidents that crashed the Estonian government's servers. Russia supposedly conducted those attacks after the government of its former territory moved the statue of a Russian soldier. The attackers built primitive tools and launched a basic campaign, but the end result shut down the government, he said.
Russia was also reportedly responsible for the August 2008 DDOS attacks against Georgia, a former Soviet Republic. Russia launched a military attack against Georgia to support a separatist faction. Cyberattacks against Georgian government Web sites coincided with Russia's military campaign, the first time in 10 years that Nazario saw an Internet and ground war launched simultaneously.
Governments are interested in using DDOS attacks since tracing their originators and financiers proves difficult for security researchers. Arbor Networks could not conclusively link the Estonian attacks to Russia while Estonia questioned Arbor's findings, said Nazario.
"We can tell you certain technical aspects, but we can't tell you who is paying them," he said. "There is no smoking gun as to who launches the attacks."
The pace and complexity of the DDOS is increasing, Nazario said, as opposition groups further use the Internet to coordinate. Groups using the Web to communicate makes it a natural target, he said.
The result of this cyberwarfare will turn the Internet into a battleground as governments and citizens launch these attacks, Nazario said.
"Militarization of the Internet is happening," he said. "There are plenty of nonstate players so governments can say it wasn't us. This levels the playing field. Kids in Kiev as well as the government have this."
According to Nazario, some governments are more candid about their engaging in cyberwarfare or intentions to enter the space. China has supposedly discussed its cyberwar plans and a Russian government executive allegedly admitted to using propaganda campaigns during the conflict with Georgia. These campaigns consisted of a Web site directing Russians to use cyberwar tactics against pro-Georgia sites. One site set up by Moscow supporters resembled a professional looking news site and went up immediately after Georgian troops fired on Russian soldiers, he said.
France is reportedly looking into cyberwarfare while the U.S. has repeatedly discussed the concept of a military botnet, said Nazario.
While governments develop cyberwarfare strategies, they are also attempting to develop defenses against such attacks.
Estonia took the issue to NATO, but the organization's slow policy development pace resulted in no agreement being reached. This issue also hampered efforts in the European Union to develop a solid online security strategy.