Analysis: An Eastern European argument has created a new kind of DDOS attack | SC Media

Analysis: An Eastern European argument has created a new kind of DDOS attack

June 1, 2007

The clash between Estonia and Russia over the removal of a Soviet war monument is gathering force on the web.

The re-siting of a bronze statue of a Soviet soldier in the Estoniancapital Tallinn has triggered a wave of protests from Russians, rangingfrom physical blockades of the border and the Estonian embassy in Moscowto riots and, now, a flood of alleged cyber attacks.

Estonian authorities claim that a million PCs have been used in severalwaves of crippling direct denial-of-service (DDOS) attacks on governmentsites, banks and media organisations. Damage is estimated to run intotens of millions of euros, and Nato chiefs are said to be advising thetiny EU nation.

Russian officials have denied any state responsibility and havesuggested the Estonians should prove their allegations - an impossibleburden, given the nature of the attacks. As well as malicious trafficfrom Russia itself, analysts say they have traced attackers to othercountries, including the US, Canada, Vietnam and Brazil.

According to Paul Sop, chief technology officer of DDOS defencespecialist Prolexic Technologies, this battle has one unusual element:"Activists have downloaded a DDOS tool and pointed it at a specificwebsite at a pre-arranged time. This is a huge shift in the use of thistechnology.

"Most websites could be brought down by 20,000 or 30,000 users doingthis, and that's not such a large number in political terms," hewarns.

Cyber-security is expected to be discussed at a meeting of Natoofficials next month. In the meantime, it seems Estonia has littlerecourse. The concept of a cyber-war is not new, recent events such asthe Iraq war and the cartoons crisis in Denmark attracted similar onlineresponses, if on a somewhat smaller scale.

Although the size of this assault is unprecedented in geopoliticalterms, commercial attacks can be much more impressive. "One singleprofessional Russian botnet herder could easily generate this amount oftraffic, and more," observes Sop.

prestitial ad