[AfrICANN-discuss] Cyber Assaults -- a new battle tactic- How prepared are we?

Dr Yassin Mshana ymshana2003 at gmail.com
Mon May 21 13:01:20 SAST 2007

Oh No! Now the hidden weapon for a long time has come out!!  I remember
about a discussing I had with someone during AF* Abuja, asking him about the
integrity, security clearance and the importance of the reliability of  ISPs
and other Operators. Who vets who and how is a big question in many
countries - any Tom-Dick and Harry can provide the service yes BUT there is
more to that.

Eagerly waiting to see how this problem will be solved .......sad eh?

Good day


On 21/05/07, Anne-Rachel Inné <annerachel at gmail.com> wrote:
> *Cyber Assaults on Estonia Typify a New Battle Tactic*
> By Peter Finn
> Washington Post Foreign Service
> Saturday, May 19, 2007; A01
> http://www.washingtonpost.com/wp-dyn/content/article/2007/05/18/AR2007051802122_pf.html
> TALLINN, Estonia, May 18 -- This small Baltic country, one of the most
> wired societies in Europe<http://www.washingtonpost.com/wp-srv/related-topics.html/Europe?tid=informline>,
> has been subject in recent weeks to massive and coordinated cyber attacks on
> Web sites of the government, banks, telecommunications companies, Internet
> service providers and news organizations, according to Estonian and foreign
> officials here.
> Computer security specialists here call it an unprecedented assault on the
> public and private electronic infrastructure of a state. They say it is
> originating in Russia<http://www.washingtonpost.com/wp-srv/related-topics.html/Russia?tid=informline>,
> which is angry over Estonia<http://www.washingtonpost.com/wp-srv/related-topics.html/Estonia?tid=informline>'s
> recent relocation of a Soviet war memorial. Russian officials deny any
> government involvement.
> The NATO
> <http://www.washingtonpost.com/wp-srv/related-topics.html/NATO?tid=informline>alliance
> and the European Union<http://www.washingtonpost.com/wp-srv/related-topics.html/European+Union?tid=informline>have rushed information technology specialists to Estonia to observe and
> assist during the attacks, which have disrupted government e-mail and led
> financial institutions to shut down online banking.
> As societies become increasingly dependent on computer networks that cross
> national borders, security experts worry that in wartime, enemies will
> attempt to cripple those networks with electronic attacks. The Department
> of Homeland Security
> <http://www.washingtonpost.com/wp-srv/related-topics.html/U.S.+Department+of+Homeland+Security?tid=informline>has
> warned that U.S. networks should be secured against al-Qaeda<http://www.washingtonpost.com/wp-srv/related-topics.html/Al+Qaeda?tid=informline>hackers. Estonia's experience provides a rare chance to observe how such
> assaults proceed.
> "These attacks were massive, well targeted and well organized," Jaak
> Aaviksoo, Estonia's minister of defense, said in an interview. They can't be
> viewed, he said, "as the spontaneous response of public discontent worldwide
> with the actions of the Estonian authorities" concerning the memorial.
> "Rather, we have to speak of organized attacks on basic modern
> infrastructures."
> The Estonian government stops short of accusing the Russian government of
> orchestrating the assaults, but alleges that authorities in Moscow<http://www.washingtonpost.com/wp-srv/related-topics.html/Moscow?tid=informline>have shown no interest in helping to end them or investigating evidence that
> Russian state employees have taken part. One Estonian citizen has been
> arrested, and officials here say they also have identified Russians involved
> in the attacks.
> "They won't even pick up the phone," Rein Lang, Estonia's minister of
> justice, said in an interview.
> Estonian officials said they traced some attackers to Internet protocol
> (IP) addresses that belong to the Russian presidential administration and
> other state agencies in Russia.
> "There are strong indications of Russian state involvement," said Silver
> Meikar, a member of Parliament in the governing coalition who follows
> information technology issues in Estonia. "I can say that based on a wide
> range of conversations with people in the security agencies."
> Russian officials deny that claim. In a recent interview, Kremlin<http://www.washingtonpost.com/wp-srv/related-topics.html/Moscow+Kremlin?tid=informline>spokesman Dmitri Peskov called it "out of the question." Reached Friday at a
> Russia-E.U. summit, he reiterated the denial, saying there was nothing to
> add.
> A Russian official who the Estonians say took part in the attacks said in
> an interview Friday that the assertion was groundless. "We know about the
> allegations, of course, and we checked our IP addresses," said Andrei Sosov,
> who works at the agency that handles information technology for the Russian
> government. His IP address was identified by the Estonians as having
> participated, according to documents obtained by The Washington Post<http://www.washingtonpost.com/wp-srv/related-topics.html/The+Washington+Post+Company?tid=informline>
> .
> "Our names and contact numbers are open resources. I am just saying that
> professional hackers could easily have used our IP addresses to spoil
> relations between Estonia and Russia."
> Estonia has a large number of potential targets. The economic success of
> the tiny former Soviet republic is built largely on its status as an
> "e-society," with paperless government and electronic voting. Many common
> transactions, including the signing of legal documents, can be done via the
> Internet.
> The attacks began on April 27, a Friday, within hours of the war
> memorial's relocation. On Russian-language Internet forums, Estonian
> officials say, instructions were posted on how to disable government Web
> sites by overwhelming them with traffic, a tactic known as a denial of
> service attack.
> The Web sites of the Estonian president, the prime minister, Parliament
> and government ministries were quickly swamped with traffic, shutting them
> down. Hackers defaced other sites, putting, for instance, a Hitler<http://www.washingtonpost.com/wp-srv/related-topics.html/Adolf+Hitler?tid=informline>mustache on the picture of Prime Minister Andrus Ansip on his political
> party's Web site.
> The assault continued through the weekend. "It was like an Internet riot,"
> said Hillar Aarelaid, a lead specialist on Estonia's Computer Emergency
> Response Team, which headed the government's defense.
> The Estonian government began blocking Internet traffic from Russia on
> April 30 by filtering out all Web addresses that ended in .ru.
> By April 30, Aarelaid said, security experts noticed an increasing level
> of sophistication. Government Web sites and new targets, including media Web
> sites, came under attack from electronic cudgels known as botnets. Bots are
> computers that can be remotely commanded to participate in an attack. They
> can be business or home computers, and are known as zombie computers.
> When bots were turned loose on Estonia, Aaviksoo said, roughly 1 million
> unwitting computers worldwide were employed. Officials said they traced bots
> to countries as dissimilar as the United States<http://www.washingtonpost.com/wp-srv/related-topics.html/United+States?tid=informline>,
> China<http://www.washingtonpost.com/wp-srv/related-topics.html/China?tid=informline>,
> Vietnam<http://www.washingtonpost.com/wp-srv/related-topics.html/Vietnam?tid=informline>,
> Egypt<http://www.washingtonpost.com/wp-srv/related-topics.html/Egypt?tid=informline>and
> Peru<http://www.washingtonpost.com/wp-srv/related-topics.html/Peru?tid=informline>
> .
> By May 1, Estonian Internet service providers had come under sustained
> attack. System administrators were forced to disconnect all customers for 20
> seconds to reboot their networks.
> Newspapers in Estonia responded by closing access to their Web sites to
> everyone outside the country, as did the government. The sites of
> universities and nongovernmental organizations were overwhelmed.
> Parliament's e-mail service was shut for 12 hours because of the strain on
> servers.
> Foreign governments began to take notice. NATO, the United States and the
> E.U. sent information technology experts. "It was a concerted,
> well-organized attack, and that's why Estonia has taken it so seriously and
> so have we," said Robert Pszczel, a NATO spokesman. Estonia is a new member
> of NATO and the E.U.
> The FBI<http://www.washingtonpost.com/wp-srv/related-topics.html/Federal+Bureau+of+Investigation?tid=informline>also provided assistance, according to Estonian officials. The bureau
> referred a reporter's calls to the U.S. Embassy in Estonia, which said
> there was no one available to discuss American assistance to the Baltic
> State.
> On May 9, the day Russia celebrates victory in World War II, a new wave of
> attacks began at midnight Moscow time.
> "It was the Big Bang," Aarelaid said. By his account, 4 million packets of
> data per second, every second for 24 hours, bombarded a host of targets that
> day.
> "Everyone from 10-year-old boys to very experienced professionals was
> attacking," he said. "It was like a forest fire. It kept spreading."
> By May 10, bots were probing for weaknesses in Estonian banks. They forced
> Estonia's largest bank to shut down online services for all customers for an
> hour and a half. Online banking remains closed to all customers outside the Baltic
> States<http://www.washingtonpost.com/wp-srv/related-topics.html/Baltic+States?tid=informline>and
> Scandinavia<http://www.washingtonpost.com/wp-srv/related-topics.html/Scandinavia?tid=informline>,
> according to Jaan Priisalu, head of the IT risk management group at
> Hansabank, a major Baltic bank.
> "The nature of the latest attacks is very different," said Linnar Viik, a
> government IT consultant, "and it's no longer a bunch of zombie computers,
> but things you can't buy from the black market," he said. "This is something
> that will be very deeply analyzed, because it's a new level of risk. In the
> 21st century, the understanding of a state is no longer only its territory
> and its airspace, but it's also its electronic infrastructure.
> "This is not some virtual world," Viik added. "This is part of our
> independence. And these attacks were an attempt to take one country back to
> the cave, back to the Stone Age."
> --------------------------------------------------------------------------------
> >
> >
> > http://news.bbc.co.uk/2/hi/europe/6665145.stm
> > Estonia hit by 'Moscow cyber war'
> > *Estonia says the country's websites have been under heavy attack for
> > the past three weeks, blaming Russia for playing a part in the cyber
> > warfare. *
> >
> > Many of the attacks have come from Russia and are being hosted by
> > Russian state computer servers, Tallinn says. Moscow denies any involvement.
> >
> >
> > Estonia says the attacks began after it moved a Soviet war memorial in
> > Tallinn. The move was condemned by the Kremlin.
> >
> > A Nato spokesman said the organisation was giving Estonia technical
> > help.
> >
> > "In the 21st century it's not just about tanks and artillery," Nato
> > spokesman James Appathurai told BBC News.
> >
> > "We have sent one of our experts at the request of the Estonian
> > authorities to help them in their defence."
> >
> > *'Paperless government' *
> >
> > Estonia wants to put the issue at the top of Friday's EU-Russia summit
> > agenda.
> >
> > The head of IT security at Estonia's defence ministry, Mikhail Tammet,
> > told BBC News that the attacks had affected a range of government websites,
> > including those of the parliament and governmental institutions.
> >
> > He said the country was particularly vulnerable as much of its
> > government was run online.
> >
> > "Estonia depends largely on the internet. We have e-government,
> > government is so-called paperless... all the bank services are on the
> > internet. We even elect our parliament via the internet," Mr Tammet said.
> >
> > The memorial's removal also triggered riots amongst mostly ethnic
> > Russian living in Estonia, during which one person was killed and more than
> > 150 injured.
> >
> > Estonians say the memorial symbolised Soviet occupation of the Baltic
> > state. Russians say it is a tribute to those who fought the Nazis.
> >
> > *Spam avalanche *
> >
> > The Estonian government says its state and commercial websites -
> > including a number of banks - are being bombarded by mass requests for
> > information - overwhelming their computer servers.
> >
> > Targets of the so-called denial-of-service attacks have also included
> > the Estonian foreign and defence ministries and leading newspapers and
> > banks.
> >
> > In some cases, officials have simply blocked access to the servers from
> > outside Estonia, to prevent them from being attacked.
> >
> > "A couple weeks ago when the whole thing started we had some problems in
> > our online services and then our mail server was absolutely inundated with
> > spam e-mails as well," Estonian journalist Aet Suvari told the BBC.
> >
> > "In the past few weeks it has been quite difficult for some government
> > officials to read their e-mails on the web, to get access to the banks."
> >
> > The defence ministry says that the cyber attacks come from all over the
> > world, but some have been hosted by Russian state servers.
> >
> > It says that instructions on how to carry out cyber warfare are
> > circulating in Russian on Russian websites.
> >
> > Estonian Prime Minister Andrus Ansip has directly accused Russia of
> > being responsible, pointing the blame at the Russian government.
> >
> > Nato and EU internet experts are all helping to track down the culprits,
> > but Estonian officials say that they have had no co-operation from Russia.
> >
> > *'Internet pioneer' *
> >
> > While technical experts say that the initial wave of attacks came from
> > official structures in Russia, they now say it might be very difficult to
> > track the perpetrators down, the BBC's Steven Eke says.
> >  He says that experts point out that botnets - the term given to the
> > groups of computers that mount denial-of-service attacks - can be located
> > across several countries, or even continents.
> >
> > Russia - which has a large community of hackers and computer
> > virus-writers - has been accused of mounting such attacks before in the US
> > and Ukraine.
> >
> > Moscow denies any involvement in the internet attacks on Estonia.
> >
> > Kremlin spokesman Dmitry Peskov told the BBC that the allegations were
> > "completely untrue".
> > Story from BBC NEWS:
> > http://news.bbc.co.uk/go/pr/fr/-/2/hi/europe/6665145.stm
> >
> > Published: 2007/05/17 15:21:15 GMT
> >
> > (c) BBC MMVII
> _______________________________________________
> AfrICANN mailing list
> AfrICANN at afrinic.net
> https://lists.afrinic.net/mailman/listinfo.cgi/africann

c/o DFID-Nigeria
No. 10 Bobo Street

Skype: yassin mshana
Mobile: +234-803 970 5117
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20070521/7d22831b/attachment-0001.htm

More information about the AfrICANN mailing list