lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 15 Aug 2008 22:18:32 +0200
From: Radoslav Dejanović <radoslav.dejanovic@...us.hr>
To: Paul Ferguson <fergdawg@...zero.net>
Cc: funsec@...uxbox.org, full-disclosure@...ts.grok.org.uk,
	bugtraq@...urityfocus.com, ge@...uxbox.org
Subject: Re: [funsec] Internet attacks against Georgian
	web sites

Paul Ferguson wrote:

> Also, I wish to say:
> 
> "It is clear that there are anti-Georgian forces at work on the
> Internet."
> 
> "Who they are, and what their motivations are 9at this point),
> remains to be seen."

Just for the record...

There were in the past several such "cyber wars" between Croatia and
Serbia, with the scenario not quite unlike this one. The scenario is as
follows:

1. there's some political tension between countries;

2. someone on one side decides that it would be highly patriotic to
attack servers on the other side;

3. someone on the other side retaliates by attacking other country's
servers;

4. more individuals join in, adding to the magnitude of the event;
clueless media joins in with headlines like "brave local patriots are
hacking the (evil) other side into oblivion; we have won the real war,
we're going to win this one too";

5. governments do not quite understand what is going on, but they do not
intervene because they can get some political points out of that mess
(cracked government web pages are collateral damage and in fact good for
propaganda);

6. after some time, the "cyberwar" ceases.


IMHO, what is going on in Georgia is a scenario like the one above. I
don't think there's any real cyberwar between governments going on, but
in fact local groups of people who believe that they're showing their
patriotism. Therefore:

- who they are: groups of individuals, not a state operated force

- what are their motivations: showing patriotism and having a
"legitimate" target to practice "cyberwar", as nobody is going to
prosecute a patriotic attack on enemy country's infrastructure.

- how to end it: it will end by itself.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ