Georgia-Russia conflict (2008)

From International cyber law: interactive toolkit
Jump to navigation Jump to search
Date During the Russian-Georgian conflict in July and August 2008.
Suspected actor The Georgian authorities accused Russia of the attack; the Russian government denied the allegations, but admitted that it was possible that "individuals in Russia or elsewhere had taken it upon themselves to start the attacks".[1] However, several cyber security experts claimed that the attacks had been launched by a group known as the "Russian Business Network", which had allegedly had close ties to the Russian government.[2]
Target A number of government websites was targeted. The website of the Georgian President was taken down and later defaced. The websites of the Georgian Parliament, of the Foreign Affairs Ministry, the Ministry of Defence as well as those of several Georgian news agencies and commercial entities were taken down.[3]
Method The websites were brought offline as the result of the DDos attacks on the servers. Other websites were defaced showing images comparing the Georgian president to Adolf Hitler.[4] The sites of several news agencies were also under external control, facing disruptions and showing different content than intended.[5]
Purpose The cyber attacks were seen as part of Russia's warfare in the armed conflict between the two countries.[6] Whilst the cyber attacks were not decisive for the outcome of the armed conflict, some analysts have claimed that attacks significantly weakened the position of the Georgian government and created the time and space for Russia to shape the international narrative of the conflict.[7]
Result During the conflict, the Georgian sites were temporarily available as their traffic was re-routed through German servers run by Deutsche Telekom. However, the communication in the country was severely disrupted.[8] The attack significantly restricted the government’s ability to react by spreading its message online and to connect with foreign governments around the world during the hostilities with Russia.[9]
Aftermath This incident is often cited as one of the first examples of offensive cyber attacks forming part of synchronized kinetic military operations.[10]
Analysed in Scenario 13: Cyber operations as a trigger of the law of armed conflict
  1. J Markoff, 'Before the gunfire, cyberattacks' The New York Times (12 August 2008).
  2. S Gorman, 'Georgia States Computers Hit By Cyberattack' The Wall Street Journal (12 August 2008).
  3. J Swaine, 'Georgia: Russia "conducting cyber war" ' The Telegraph (11 August 2008).
  4. D Danchev, 'Coordinated Russia vs Georgia cyber attack in progress' ZDNet (11 August 2008).
  5. R Synovitz, 'Georgian Government Accuses Russia Of Waging "Cyberwarfare" ' RFE/RL (12 August 2008).
  6. On the qualification of the conflict, see, eg, A Bellal (ed), The War Report: Armed Conflict in 2014 (OUP 2015) 83 et seq.
  7. SP White, 'Understanding Cyberwarfare: Lessons from the Russia-Georgia War' Modern War Institute (20 March 2018).
  8. G Keizer, 'Cyberattacks knock out Georgia's Internet presence' ComputerWorld (11 August 2008).
  9. N Popescu and S Secrieru (eds), 'Hacks, leaks and disruptions: Russian Cyber Strategies' European Union Institute for Security Studies (October 2018).
  10. See, eg, M Connell, S Vogler, 'Russia’s Approach to Cyber Warfare' CNA (24 March 2017).