by Kaisa Stucke, CFA
In April 2007, Estonian government workers found their internet connectivity interrupted and e-mail access compromised. In hindsight, this marked the beginning of a three-week cyber attack on the country’s government and private servers. The attacks forced many servers to block international connections. At the same time, street riots by ethnic Russians were erupting in the country in response to the Estonian government’s decision to move a war memorial for fallen Soviet soldiers from the center of the capital to a military cemetery. It is still unclear who was actually responsible for the cyber attacks, but these events are considered to be the first cyber attacks aimed at a sovereign nation, and were significant in setting a precedent for future cyber incidents.
In August 2008, the country of Georgia experienced multi-faceted cyber attacks targeted at government websites. The country’s servers were overloaded with connection requests coming from abroad, forcing many servers to go offline. Additionally, many government websites were defaced with images of various fascist leaders. Concurrently, Georgia and Russia were involved in a military conflict in South Ossetia, in the northern regions of Georgia. It is also still unclear who was responsible for these attacks, but this is considered to be the second large-scale organized attack against a sovereign nation.
This week we will look at these two case studies of cyber attacks aimed at sovereign nations. We will then look at the current state of international cyber attack research, readiness and cooperation. We have had the pleasure of talking to the NATO Cooperative Cyber Defence Center of Excellence about their work and will communicate their vision and challenges.