Cyberattacks during the Russo-Georgian War

During the Russo-Georgian War a series of cyberattacks swamped and disabled websites of numerous South Ossetian, Georgian, Russian and Azerbaijani organisations. The attacks were initiated three weeks before the shooting war began.

Attacks

On 20 July 2008, weeks before the Russian invasion of Georgia, "zombie" computers were already on the attack against Georgia. The website of the Georgian president Mikheil Saakashvili was targeted, resulting in overloading the site. The traffic directed at the website included the phrase "win+love+in+Rusia". The site then was taken down for 24 hours.

On 5 August 2008, the websites for OSInform News Agency and OSRadio were hacked. The OSinform website at osinform.ru kept its header and logo, but its content was replaced by the content of Alania TV website. Alania TV, a Georgian government supported television station aimed at audiences in South Ossetia, denied any involvement in the hacking of the rival news agency website. Dmitry Medoyev, the South Ossetian envoy to Moscow, claimed that Georgia was attempting to cover up the deaths of 29 Georgian servicemen during the flare-up on August 1 and 2.

On 5 August, Baku–Tbilisi–Ceyhan pipeline was subject to a terrorist attack near Refahiye in Turkey, responsibility for which was originally taken by Kurdistan Workers' Party (PKK) but there is circumstantial evidence that it was instead a sophisticated computer attack on line's control and safety systems that led to increased pressure and explosion.

According to Jart Armin, a researcher, many Georgian Internet servers were under external control since late 7 August 2008. On 8 August, the DDoS attacks peaked and the defacements began.

However, within hours the traffic was again diverted to Moscow-based servers.

On 10 August 2008, RIA Novosti news agency's website was disabled for several hours by a series of Georgian counter-attacks.

By 11 August 2008, the website of the Georgian president had been defaced and images comparing President Saakashvili to Adolf Hitler were posted. This was an example of cyber warfare combined with PSYOPs. Georgian Parliament's site was also targeted. Some Georgian commercial websites were also attacked. The Ministry of Foreign Affairs set up a blog on Google's Blogger service as a temporary site. The Georgian President's site was moved to US servers. The National Bank of Georgia’s Web site had been defaced at one point and 20th-century dictators' images and an image of Georgian president Saakashvili were placed. The Georgian Parliament website was defaced by the "South Ossetia Hack Crew" and the content was replaced with images comparing President Saakashvili to Hitler.

Estonia offered hosting for Georgian governmental website and cyberdefense advisors. It was reported that the Russians bombed Georgia’s telecommunications infrastructure, including cell towers. Private United States companies also assisted the Georgian government to protect its non-war making information such as the government payroll during the conflict.

Russian hackers also attacked the servers of the Azerbaijani Day.Az news agency. The reason was Day.Az position in covering the Russian-Georgian conflict. ANS.az, one of the leading news websites in Azerbaijan, was also attacked. Russian intelligence services had also disabled the information websites of Georgia during the war. The Georgian news site Civil Georgia switched their operations to one of Google's Blogspot domains. Despite the cyber-attacks, Georgian journalists managed to report on the war. Many media professionals and citizen journalists set up blogs to report or comment on the war.

Reporters Without Borders condemned the violations of online freedom of information since the outbreak of hostilities between Georgia and Russia. "The Internet has become a battleground in which information is the first victim," it said.

The attacks involved Denial-of-service attacks.

On 14 August 2008, it was reported that although a ceasefire reached, major Georgian servers were still down, hindering communication in Georgia.

Analysis

The Russian government denied the allegations that it was behind the attacks, stating that it was possible that "individuals in Russia or elsewhere had taken it upon themselves to start the attacks".

Dancho Danchev