[governance] DNSSEC and War

[Peter Dambier]

Yehuda Katz wrote:
> Russian Cyber Attacks Shut Down Georgian Websites 
> By Stefanie Hoffman, ChannelWeb 
> 7:22 PM EDT Tue. Aug. 12, 2008 
> 
> Art. Ref.: http://www.crn.com/security/210003057
> 
> Following just six days after the initiation of the Georgia-Russian conflict,
> the Georgian Internet became the target of a coordinated cyber attack, which
> compromised several government Websites with defacement and Denial of Service
> attacks, crippling the nation's ability to disseminate information. 
> Georgian President Mikheil Saakashvili's site was defaced, integrating his
> image with those of Hitler. The sabotage was followed by a DDoS attack that
> left the presidential site inaccessible. 
> 
> Denial of service attacks are conducted when a coordinated network of computers
> sends multiple requests to a given server or computer at exactly the same time,
> which subsequently shuts down the targeted computer under the barrage of
> incoming requests. 
> 
> Meanwhile, Georgian news sites and other popular information forums were also
> blocked during the attack. 
> 
> "As more government services move toward the Internet, you end up with more
> exposure to these types of attack, whether it was an organization and executed
> by government or criminal elements acting at somebody's direction," said Kevin
> Newmeyer, worldwide principal for strategic security and counter terrorism for
> security company Unisys (NYSE:UIS). "It's hard to prove it was a
> government-directed operation." 
> 
> The attacks ultimately prompted the Georgian governmental sites to switch to
> U.S. based hosts, while Georgia's Ministry of Foreign Affairs moved to a
> blogspot account. 

Maybe that is exactly what the attacker wanted.

Who is interested?

Georgians exiled in the U.S.?
American hosters?
The georgian government?

> 
> The exact sources of the attacks are yet unknown. Experts say that some ISPs
> appear to be sourced in Russia, and some speculate that the Russian government
> had used its resources to fund the attack, which was launched the day before
> Russia drove tanks into South Ossetia. 

They need their resources. Buying a foreign botnet is much cheaper and more
efficient.

> 
> Other unconfirmed reports suggest that members of the cybercrime organization
> Russian Business Network are responsible for the coordinated sabotage of the
> Georgian Websites. 
> 
> "It looks like it was coming from Russia, or is it a co-opted server that
> wasn't properly patched, with people taking over the computer and doing things
> with it?" said Newmeyer. "With the Russian Business Network, you can rent out a
> server or a botnet for a number of hours. You pay your cyber gold and these
> transactions happen offshore. That's one of the challenges that governments
> face." 

If the hosts were U.S. based or china based then that would be plausible.

The hosts based in russia, who is profitting from the belief that russia was it?

> 
> Other experts, such as Paul Ferguson, advanced threats researchers for Trend
> Micro, maintained that the actual RBN ISP has long been shut down, disbanding
> into less obvious activity spread all over the globe. 
> 
> The first of the coordinated cyber attacks against Georgia was detected in
> July, weeks before Russia launched its military intervention. Experts say that
> attacks launched in tandem with military conflict will likely increase as more
> global infrastructure is controlled by the Internet. 
> 
> While experts hesitate to call the Georgia attack an act of cyber terrorism,
> most agree that it was part of a strategic campaign to eliminate Georgia's
> ability to disseminate information. 
> 
> "It's a brute force attack, one that goes all the way back to the Mafiaboy
> attacks of 2000," said David Perry, global director of education for Trend
> Micro. "This is not a verifiable cyber war, but it is clearly a step in that
> direction." 

Brute force means botnet. Who controls it? who has bought it?

Ask the NSA. They do control international money transfer. They do know it?
But is it in their interest to tell the world?

> 
> The attacks recall a similar cyber attack in Estonia in April of 2007, when
> government, parliament, and newspaper sites, as well as numerous online banking
> operations were shut down after a conflict that resulted in the removal of
> several Russian World War II monuments. However, experts contend that the
> recent information attack on Georgian Websites was more coordinated,
> professional and sophisticated in nature than last year's attack on Estonia
> infrastructure. 
> 
> "The Estonia incident was more what I would call hactivism, more of an attack
> by impassioned amateurs," said Ferguson. "This is a professional attack, and it
> is vastly more serious." 
> 
> --
> 
> Of what value is it, knowing who started the War?

If we find out, then the culprit will stand there with shit pants for all the
world to see. We dont need to pull his pants down. He will do it himself finally.

The next one will think twice before taking that risk.


> The question is - Can DNSSEC prevent Wars?

Can flies prevent wars?
If you have enough flies so they spoil all the food and nothing is
left for the soldiers, then yes, flies can prevent wars.

DNSSEC - if it binds all computer power so nothing is left
for military intelligence, then yes DNSSEC can prevent wars.

> 
> Re: DNSSEC
> http://en.wikipedia.org/wiki/DNSSEC
> 


-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
http://www.peter-dambier.de/
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance