Analysis: An Eastern European argument has created a new kind of DDOS attack

Share this article:

The clash between Estonia and Russia over the removal of a Soviet war monument is gathering force on the web.

The re-siting of a bronze statue of a Soviet soldier in the Estonian capital Tallinn has triggered a wave of protests from Russians, ranging from physical blockades of the border and the Estonian embassy in Moscow to riots and, now, a flood of alleged cyber attacks.

Estonian authorities claim that a million PCs have been used in several waves of crippling direct denial-of-service (DDOS) attacks on government sites, banks and media organisations. Damage is estimated to run into tens of millions of euros, and Nato chiefs are said to be advising the tiny EU nation.

Russian officials have denied any state responsibility and have suggested the Estonians should prove their allegations - an impossible burden, given the nature of the attacks. As well as malicious traffic from Russia itself, analysts say they have traced attackers to other countries, including the US, Canada, Vietnam and Brazil.

According to Paul Sop, chief technology officer of DDOS defence specialist Prolexic Technologies, this battle has one unusual element: "Activists have downloaded a DDOS tool and pointed it at a specific website at a pre-arranged time. This is a huge shift in the use of this technology.

"Most websites could be brought down by 20,000 or 30,000 users doing this, and that's not such a large number in political terms," he warns.

Cyber-security is expected to be discussed at a meeting of Nato officials next month. In the meantime, it seems Estonia has little recourse. The concept of a cyber-war is not new, recent events such as the Iraq war and the cartoons crisis in Denmark attracted similar online responses, if on a somewhat smaller scale.

Although the size of this assault is unprecedented in geopolitical terms, commercial attacks can be much more impressive. "One single professional Russian botnet herder could easily generate this amount of traffic, and more," observes Sop.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Millenials improve security habits, more interested in cyber careers, still need guidance

Millenials improve security habits, more interested in cyber ...

Raytheon's second annual survey on the online and security behavior of Millennials shows improvement but still a long way to go.

Pakistani man indicted over spyware app creation

Hammad Akbar created StealthGenie, which allowed the purchaser to secretly monitor a cell phone's communications.

FDA finalizes guidelines on medical device, patient data security

The recommendations are aimed at providing better protecting patient health and data, as well as hoping device manufacturers take into account cybersecurity risks in the early stages of development.