Inside Cyber Warfare - Jeffrey Carr [12]
The participation of the software industry is crucial, as governments and the private sector face both criminal and geopolitical adversaries in a domain that has been in existence only since the birth of the World Wide Web in 1990, a domain that millions of individuals are impacting, shaping, and transforming on a daily, even hourly, basis.
The Way Forward
If I were asked what I hoped to accomplish with this collection of facts, opinions, and assessments about cyber warfare and its various permutations, my answer would be to expand the limited thinking of senior leadership and policymakers surrounding the subject and to instigate a broader and deeper conversation in the public sphere. This book will probably feel more like a collection of essays or an anthology by different authors than a cohesive story with a clean development arc. In part, that’s because of the nature of the beast. When it comes to how attacks orchestrated by a myriad of parties across globally connected networks are impacting national security for the United States and other nation-states, we’re all like blind men describing an elephant. The big picture sort of eludes us. My hope for this book is that it will inform and engage the reader; inform through the recounting of incidents and actors stretching across multiple nations over a period of 12 years up to almost the present day (Thanksgiving 2011) and engage by firing the reader’s enthusiasm to get involved in the debate on every level—local, state, and national. If it raises almost as many questions as my contributors and I have attempted to answer, I’ll feel like the book accomplished its mission.
Chapter 2. The Rise of the Nonstate Hacker
List of first goals for attacks is published on this site: http://www.stopgeorgia.ru/?pg=tar. DDoS attacks are being carried for most of the sites/resources at the moment. All who can help—we enlist. Please leave your suggestions for that list in that topic.[1]
—Administrator, StopGeorgia.ru forum post, August 9, 2008
The StopGeorgia.ru Project Forum
On August 8, 2008, the Russian Federation launched a military assault against Georgia. One day later, the StopGeorgia.ru Project forum was up and running with 30 members, eventually topping out at over 200 members by September 15, 2008.
Not only did it launch with a core group of experienced hackers, the forum also featured a list with 37 high-value targets, each one vetted by whether it could be accessed from Russian or Lithuanian IP addresses. This was done because the Georgian government began blocking Russian IPs the month prior when the President of Georgia’s website was knocked offline by a DDoS attack on July 21, 2008.
In addition to the target list, it provided members with downloadable DDoS kits, as well as advice on how to launch more sophisticated attacks, such as SQL injection.
StopGeorgia.ru was not the only forum engaged in organized nationalistic hacking, but it serves as a good example of how this recent extension of state warfare operates in cyberspace. In addition to this forum, an IRC channel was created on irc.dalnet.ru, called #stopgeorgia.
At StopGeorgia.ru, there was a distinct forum hierarchy wherein forum leaders provided the necessary tools, pinpointed application vulnerabilities, and provided general target lists for other less-knowledgeable forum members to act on.
Those forum members who pinpointed application-level vulnerabilities and published target lists seemed to have moderate/high technical skill sets, whereas those carrying out the actual attacks appeared to have low/medium technical sophistication.
Forum leaders analyzed the