This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."
Download it now to read this article plus other related content.
Were the attacks on Estonia state-sponsored cyberterrorism? Probably not, but the month-long protest signals a troubling trend.
Reports on the cyber assault against Estonia this spring once again raised the specter of pending doom in cyberspace--the "electronic Pearl Harbor" that always seems to be just over the horizon. One headline even upped the doomsday language to "cyber nuclear winter."
Is all this hype, as many experts have argued, or should we worry about cyberterrorism? So far, no attack in cyberspace has come close to bringing about the devastation, grief and political consequences of Pearl Harbor or Sept. 11, let alone nuclear war. Certainly not the cyber protest against Estonia, which left no one dead or even physically injured.
Yet the assault deserves our attention, as it took online activism to a new, worrisome level.
In one of the first cases of Internet-based protest 12 years ago, cyber activists conducted a one-hour "netstrike" against the French government. At the appointed hour, participants amassed at selected Web sites and repeatedly hit the reload button in an attempt to block legitimate use of the sites. Not much happened, but later, software was developed to automate these so-called "sit-ins." The Electronic Disturbance Theater's FloodNet software allowed activists to visit an EDT-sponsored site, where they could simply click a link to launch a barrage of page requests against a target. EDT and other groups
However, more powerful cyber attack tools have emerged. One of the most potent is the botnet--a network of hijacked computers used to conduct DDoS attacks or send spam. By some estimates, 70 million computers have been compromised and assigned to botnets, which are sold and rented in underground markets.
This was first published in September 2007