Online vandalism does not equal cyberwar

Despite the hype and excited breathlessness of the reports, there is no cyberwar going on between Russia and Georgia.

Without getting into the argument of who is right in a five-sided conflict (South Ossetia, Georgia, Russia, Abkhazia, and the various external groups and individuals who are motivated enough to be involved), interesting conclusions can be drawn from what is happening online and also how those events are being reported upon.

To begin with, what is happening is not cyber warfare by any means, despite the excitable claims that many so-called security experts are making, as well as the claims from the Georgian government (or people claiming to be them online). It is nothing more than exuberant online vandalism or hacktivism (another made up term, but better than cyber warfare). Continuing to call it a cyber war risks devaluing the term for when (or if) real online warfare takes place.

If we are going to call the defacements and dDoS attacks that are currently going on between Georgia and Russian sites as cyber warfare, then Pakistan's inadvertent global blocking of YouTube earlier this year counts as a pre-emptive strike against all other countries. Since, plainly, this was not the case (merely a misguided attempt to censor access internally), it is disadvantageous to claim that these other incidents are cyber warfare.

In a similar line of thought, the numerous site defacements and denial of service attacks against Australian sites which result in the attackers leaving a nationalistic message or otherwise decrying Australia for its presence in a variety of global conflicts also count as cyber warfare.

The truth is, these attacks are continually happening and they are no more cyber warfare today than they were several years ago, before the current crop of hackers chose their conflict of choice to get worked up over. It is a part of life on the Internet. Many of those who engage in routine Web site defacement and attacks have their own political message to spread, and seek in some cases to disrupt normal site operation.

Where these incidents fall is in the realm of propaganda, whether intentional or otherwise. Many of the recent historical conflicts have had incidents where it is clear that military/political propaganda is being fed to the media and it has taken independent assessment (and critical thinking) to demonstrate the holes in the claims being made. Apparently this isn't a new thing, and any time that reports are being made with reference to a conflict, the question should be asked whether there is any reason why the report might be considered inaccurate.

At some stage in the last 18 months, what passes for online criminal activity (even then there are some jurisdictions where that isn't the case) has become nationalistic, state-sponsored cyber warfare. There are some names in Information Security that have done more than any others to promote this idea, and their own agendas, but the overall result is actually a backwards step for the wider community.

Unfortunately for those who have pushing the idea of cyber warfare for multiple conflicts, it leaves them open to the criticism that they are carrying significant bias by who they are consistently painting to be the aggressors, irrespective of what the reported evidence has shown.

A lot of the reported activity taking place in the Caucasus at the moment is straight forward Web site defacement (Georgian Parliament, and others) and denial of service attacks.

In the current environment, the motivated individual or group for hire is more likely to have a wider practical effect than a state-sponsored incident, if one could even be proven. Digging beyond the hype in the reporting and propaganda surrounding this conflict and it seems that the responsible parties are primarily motivated individuals or private groups (some suggest they could be Russian online criminal groups) on all sides. Some reports have even suggested that the same attackers are targeting sites belonging to both of the major combatants (Russia and Georgia).

If there was a real cyberwar going on, the cheapest and most effective military and political strategy would have been to cut the few fiber connections leading out of the country and to disable through military action any remaining satellite uplinks]. That way the country would be completely and physically isolated from the rest of the Internet, and in-country connectivity could then be attacked at will. There is a reason why telecommunications links are normally high priority targets in an armed conflict. Compared to normal attacks and the bombs and bullets that were flying, the online mischief is nothing but a minor annoyance. Surely the availability of a bank's online services isn't going to be one of the highest priorities for a population under attack.

So, you want to help as an Information Security expert. Well, here's what to do. Don't call it a cyberwar. If you feel the need to contribute, why not make a donation to any of the major charities that do post-conflict relief work. Your donation is going to do more good than all the posturing and hyperbole you can muster.

Join the newsletter!

Error: Please check your email address.

Tags cyberwar

More about BIASYahoo

Show Comments

Market Place

[]