Russia confirms involvement with Estonia DDoS attacks

Share this article:

The long-rumored perpetrators of DDoS attacks during the 2007 conflict between Russia and Estonia were members of a youth group with ties to the Kremlin, a Russian State Duma deputy, Sergei Markov, confirmed to a number of news outlets.

The DDoS claim was made by an activist Konstantin Goloskokov, a member of Russia's Nashi youth group, according to Radio Free Europe. He said his action was independent of the state – he received no help either from Nashi or Russian officials.

In 2007, Russian hackers were blamed for a politically motivated cyberattack on Estonian infrastructure. There were nearly 130 unique DDoS attacks on Estonian websites. Two kinds occurred – from botnets and from ping flood scripts passed around on forums. The attacks may have been prompted by the decision by Estonian officials to relocate a Russian World War II memorial.

“This is hard to prove, because Goloskokov is not giving the full smoking gun,” Jose Narazio, manager of security research at Arbor Networks, which provide DDoS protection solutions, told SCMagazineUS.com on Thursday. “However, it is backed up by other evidence.”

The claims that the youth group was involved have been around for a long time, and Goloskokov was quoted in 2007 as having been involved.

“The reason why it is getting so much attention now is that this is the first time that someone from the Duma has admitted to a connection,” Nazario said.

Goloskokov's position is that the attacks were neither a criminal act nor an act of aggression -- they were a defensive measure.

“This is a political tool," Nazario said. "It has become a proven political weapon as a way of intimidating your enemy – silencing them, and potentially controlling their infrastructure. Striking an enemy's ability to communicate with the outside world is a very valuable use of a weapon at the early stages of war.”

Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.