Some interesting information on the cyberattacks on Georgia

I'm not going to start a political debate. I just want to review some of the technical aspects of this attack. Out of all the articles, I was waiting for Arbor Networks to post an article and they did. Here is their summary of observations. Abstract:

Raw statistics of the attack traffic paint a pretty intense picture. We can discern that the attacks would cause injury to almost any common website.

Average peak bits per second per attack	211.66 Mbps
Largest attack, peak bits per second	814.33 Mbps
Average attack duration	2 hours 15 minutes
Longest attack duration	6 hour

While Arbor Networks has a good view on the total scale of the attack, shadowserver has some views on the Control & Command servers behind the attack. They have 3 articles, dated the 11th, 12th & 13th of August:

• Georgian Websites Under Attack - DDoS and Defacement

• Georgian Websites Under Attack - Don't Believe the Hype

• Georgian Attacks: Remember Estonia?

Claiming that Russia is being the cyberattacks, is like saying that China was behind several attacks in Western Countries. It's very hard or impossible to proof government involvement. Evidence now points at hacktivism: "patriotic" operators inside Russia. The guys from Shadowserver found several Russian blogs, forums, and websites are spreading a Microsoft Windows batch script that is designed to attack Georgian websites. It's very similar to the attacks on Estonia. Read the above articles for more information.

Related posts:

• NATO will open a Cooperative Cyber Defence in Estionia
• Cyberattack: A risk management primer for CEOs and directors
• Botnets as machines of War
• New Belgian government department to monitor hacking and espionage activity
• Chinese hacking in Belgian media (updated)
• Germany caught spying on other countries with Trojan

(Photo under Creative Commons from MauronB's Photostream)