|
Estonian attackers reportedly employed botnets in their DDoS attacks, including one with a million computers. The effect was equivalent to more than 1 million individuals participating in a Web sit-in--many more than the few thousand who typically join a sit-in--except that none of them volunteered. They too were victims. Moreover, unlike most sit-ins that last an hour or two, the Estonian attack went on for weeks. The net effect of the siege was extremely disruptive and costly--at least $1 million for one of the targets, Estonia's largest bank.
The extent of the assault led some to speculate that it was the work of the Russian government. This seems unlikely. The hijacked computers comprising the botnets were located all over the world. It is doubtful the Russian government would engage in that level of collateral damage against neutral countries. Although a few attacks seem to have come from inside the Kremlin, those computers too could have ...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
been compromised. Also, at least one individual--the leader of a pro-Kremlin youth group--admitted to staging one of the attacks, and several Russian-language Web forums distributed information and scripts for participating in the attacks.
More importantly, it did not take a government to cause the cyber damage seen in Estonia. The assault showed that a few individuals, operating on their own and without the resources of a government, can cause considerable damage at a national level. Al-Qaida and other terrorists know this. Indeed, they already advocate and use cyber attacks to fund operations, disrupt Web sites and cause economic harm. They want to do more.
As cyberspace increasingly penetrates our lives and critical processes, and cyber technologies and attack tools continue to advance, the possibilities for harm will increase. We need to take cyber defense seriously, regardless of whether the cyberterror terminology sounds like hype today.
|
 |
|
