This article first appeared in Aviation Week & Space Technology.
The 2008 Russia/Georgia conflict has become a defining event in network warfare, with a new report released this week revealing even more details.
For example, altered Microsoft Corp. software was fashioned into cyberweaponry and hackers collaborated on U.S.-based Twitter, Facebook, and other social-networking sites to coordinate the attack on Georgian digital-based targets, according to the report by the U.S. Cyber Consequences Unit (USCCU).
The new paper -- only parts of which are available to the public -- was put together by John Bumgarner, research director for security technology and Scott Borg, director and chief economist for the USCCU. Analyses of the attack began simultaneously with the wars start in the late summer of 2008.
The researchers were able to monitor attack activity over the Internet as it was taking place. They also collected data after the conflict from Web caches, companies hosting Web sites and the forums used by attackers. Information included extensive network traffic and security logs.
While the attack itself is interesting because of its scale and military impact, Bumgarner (a former CIA and FBI employee) cautions readers to look at the larger implications.
"Its the sort of cyber campaign that we can now expect to accompany most future international conflicts," he says in an interview with Aviation Week. "This is what makes some of the details about the way the Georgia campaign was managed pretty interesting. Russia is likely to run this playbook again with minor adjustments."
A striking revelation for the researchers was "how quickly a common citizen can be transformed into a foot soldier in a cyber conflict," Bumgarner says. The cyber attacks were carried out by civilians with little or no direct involvement by the Russian government or military, the researchers found. Most of those launching the attacks were Russians, but sympathizers from the Ukraine and Latvia also participated.
Bumgarner tracked the attacks to 10 Web sites registered in Russia and Turkey. Nine were registered using identification and credit card information stolen from Americans; one site was registered with information stolen from a person in France. They were used to coordinate "botnet" attacks, which co-opted thousands of computers around the world to disable the Georgian government, banks and media outlets. Computer servers used in the attacks had been previously used by cybercriminal organizations, according to the USCCU.
Read the rest of this story, see whether ISF can keep Iraq from blowing up, ponder Russia's sale of high-tech SAMs to Iran and see why the Dutch need more Bushmasters from our friends at Aviation Week, exclusively on Military.com.