Georgia-Russia conflict (2008): Difference between revisions

From International cyber law: interactive toolkit
Jump to navigation Jump to search
Content added Content deleted
VisualWikitext
No edit summary
No edit summary
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{| class="wikitable"
{| class="wikitable"
! scope="row"|Date
! scope="row"|Date
|During the Russian-Georgian conflict throughout July-August 2008
|During the Russian-Georgian conflict in July and August 2008.
|-
|-
! scope="row"|Suspected actor
! scope="row"|Suspected actor
|The Georgian authorities accused Russia of the attack, but the Russian government denied the allegations but admitted that it was possible that "individuals in Russia or elsewhere had taken it upon themselves to start the attacks".<ref> J Markoff, [https://www.nytimes.com/2008/08/13/technology/13cyber.html "Before the gunfire, cyberattacks"], (12 August 2008), The New York Times. </ref> However, multiple experts found hints that the attacks were launched by a group known as the 'Russian Business Network' that has close ties to the Russian government.<ref> S Gorman, [https://www.wsj.com/articles/SB121850756472932159 "Georgia States Computers Hit By Cyberattack"], (12 August 2008), The Wall Street Journal. </ref>
|The Georgian authorities accused Russia of the attack; the Russian government denied the allegations, but admitted that it was possible that "individuals in Russia or elsewhere had taken it upon themselves to start the attacks".<ref>J Markoff, [https://www.nytimes.com/2008/08/13/technology/13cyber.html 'Before the gunfire, cyberattacks'] ''The New York Times'' (12 August 2008).</ref> However, several cyber security experts claimed that the attacks had been launched by a group known as the "Russian Business Network", which had allegedly had close ties to the Russian government.<ref>S Gorman, [https://www.wsj.com/articles/SB121850756472932159 'Georgia States Computers Hit By Cyberattack'] ''The Wall Street Journal'' (12 August 2008). </ref>
|-
|-
! scope="row"|Target
! scope="row"|Target
|A number of government websites was targeted. The website of the Georgian President was taken down and then later defaced. The websites of the Georgian Parliament, of the Foreign Affairs Ministry, the Ministry of Defence as well as those of several Georgian news agencies and commercial entities were taken down. <ref> J Swaine, [https://www.telegraph.co.uk/news/worldnews/europe/georgia/2539157/Georgia-Russia-conducting-cyber-war.html "Georgia: Russia 'conducting cyber war' "], (11 August 2008), The Telegraph. </ref>
|A number of government websites was targeted. The website of the Georgian President was taken down and later defaced. The websites of the Georgian Parliament, of the Foreign Affairs Ministry, the Ministry of Defence as well as those of several Georgian news agencies and commercial entities were taken down.<ref>J Swaine, [https://www.telegraph.co.uk/news/worldnews/europe/georgia/2539157/Georgia-Russia-conducting-cyber-war.html 'Georgia: Russia "conducting cyber war" '] ''The Telegraph'' (11 August 2008). </ref>
|-
|-
! scope="row"|Method
! scope="row"|Method
|The websites were brought offline as the result of the DDos attacks on the servers. Other websites were defaced showing images comparing the Georgian President with Adolf Hitler. <ref> D Danchev, [https://www.zdnet.com/article/coordinated-russia-vs-georgia-cyber-attack-in-progress/ "Coordinated Russia vs Georgia cyber attack in progress"], (11 August 2008), ZDNet. </ref> The sites of several news agencies were also under external control facing disruptions and showing different content than intended. <ref> R Synovitz, [https://www.rferl.org/a/Georgian_Government_Accuses_Russia_Of_Cyberwar/1190477.html "Georgian Government Accuses Russia Of Waging 'Cyberwarfare' "], (12 August 2008), RFE/RL. </ref>
|The websites were brought offline as the result of the DDos attacks on the servers. Other websites were defaced showing images comparing the Georgian president to Adolf Hitler.<ref>D Danchev, [https://www.zdnet.com/article/coordinated-russia-vs-georgia-cyber-attack-in-progress/ 'Coordinated Russia vs Georgia cyber attack in progress'] ''ZDNet'' (11 August 2008).</ref> The sites of several news agencies were also under external control, facing disruptions and showing different content than intended.<ref>R Synovitz, [https://www.rferl.org/a/Georgian_Government_Accuses_Russia_Of_Cyberwar/1190477.html 'Georgian Government Accuses Russia Of Waging "Cyberwarfare" '] ''RFE/RL'' (12 August 2008). </ref>
|-
|-
! scope="row"|Purpose
! scope="row"|Purpose
|The cyber attacks were seen as part of Russia's warfare in the armed conflict between the two countries. Whilst the cyber attacks were not decisive for the outcome of the armed conflict, the position of the Georgian government was significantly weakened and created the time and space for Russia to shape the international narrative of the conflict. <ref> S P. White, [https://mwi.usma.edu/understanding-cyberwarfare-lessons-russia-georgia-war/ "Understanding Cyberwarfare: Lessons from the Russia-Georgia War"], (20 March 2018), Modern War Institute. </ref>
|The cyber attacks were seen as part of Russia's warfare in the armed conflict between the two countries.<ref>On the qualification of the conflict, see, eg, A Bellal (ed), ''The War Report: Armed Conflict in 2014'' (OUP 2015) 83 et seq.</ref> Whilst the cyber attacks were not decisive for the outcome of the armed conflict, some analysts have claimed that attacks significantly weakened the position of the Georgian government and created the time and space for Russia to shape the international narrative of the conflict.<ref>SP White, [https://mwi.usma.edu/understanding-cyberwarfare-lessons-russia-georgia-war/ 'Understanding Cyberwarfare: Lessons from the Russia-Georgia War'] ''Modern War Institute'' (20 March 2018). </ref>
|-
|-
! scope="row"|Result
! scope="row"|Result
|During the conflict, the Georgian sites were temporarily available as their traffic was re-reouted through German servers run by Deutsche Telekom. However, the communication in the country was severely disrupted. <ref> G Keizer, [https://www.computerworld.com/article/2532289/cyberattacks-knock-out-georgia-s-internet-presence.html "Cyberattacks knock out Georgia's Internet presence"], (11 August 2008), Computerworld. </ref> The attack significantly restricted the government’s ability to react by spreading its message online and to connect with foreign governments around the world during the fighting with Russia. <ref> N Popescu, S Secrieru (eds), [https://www.iss.europa.eu/sites/default/files/EUISSFiles/CP_148.pdf "Hacks, leaks and disruptions - Russian Cyber Strategies"], (October 2018), European Union Institute for Security Studies. </ref>
|During the conflict, the Georgian sites were temporarily available as their traffic was re-routed through German servers run by Deutsche Telekom. However, the communication in the country was severely disrupted.<ref> G Keizer, [https://www.computerworld.com/article/2532289/cyberattacks-knock-out-georgia-s-internet-presence.html 'Cyberattacks knock out Georgia's Internet presence'] ''ComputerWorld'' (11 August 2008). </ref> The attack significantly restricted the government’s ability to react by spreading its message online and to connect with foreign governments around the world during the hostilities with Russia.<ref> N Popescu and S Secrieru (eds), [https://www.iss.europa.eu/sites/default/files/EUISSFiles/CP_148.pdf 'Hacks, leaks and disruptions: Russian Cyber Strategies'] ''European Union Institute for Security Studies'' (October 2018). </ref>
|-
|-
! scope="row"|Aftermath
! scope="row"|Aftermath
|After the events in Estonia, this incident is often cited as one of the first examples where offensive cyber attacks were part of synchronized kinetic military operations. <ref> M Connell, S Vogler, [https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf "Russia’s Approach to Cyber Warfare"], (24 March 2017), CNA. </ref>
|This incident is often cited as one of the first examples of offensive cyber attacks forming part of synchronized kinetic military operations.<ref>See, eg, M Connell, S Vogler, [https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf 'Russia’s Approach to Cyber Warfare'] ''CNA'' (24 March 2017). </ref>
|-
|-
! scope="row"|Analysed in
! scope="row"|Analysed in
Line 26: Line 26:


[[Category:Example]]
[[Category:Example]]
[[Category:-2013]]
[[Category:2008]]
[[Category:DDoS]]
[[Category:Defacement]]
[[Category:International armed conflict]]

Latest revision as of 15:20, 17 September 2021

Date During the Russian-Georgian conflict in July and August 2008.
Suspected actor The Georgian authorities accused Russia of the attack; the Russian government denied the allegations, but admitted that it was possible that "individuals in Russia or elsewhere had taken it upon themselves to start the attacks".[1] However, several cyber security experts claimed that the attacks had been launched by a group known as the "Russian Business Network", which had allegedly had close ties to the Russian government.[2]
Target A number of government websites was targeted. The website of the Georgian President was taken down and later defaced. The websites of the Georgian Parliament, of the Foreign Affairs Ministry, the Ministry of Defence as well as those of several Georgian news agencies and commercial entities were taken down.[3]
Method The websites were brought offline as the result of the DDos attacks on the servers. Other websites were defaced showing images comparing the Georgian president to Adolf Hitler.[4] The sites of several news agencies were also under external control, facing disruptions and showing different content than intended.[5]
Purpose The cyber attacks were seen as part of Russia's warfare in the armed conflict between the two countries.[6] Whilst the cyber attacks were not decisive for the outcome of the armed conflict, some analysts have claimed that attacks significantly weakened the position of the Georgian government and created the time and space for Russia to shape the international narrative of the conflict.[7]
Result During the conflict, the Georgian sites were temporarily available as their traffic was re-routed through German servers run by Deutsche Telekom. However, the communication in the country was severely disrupted.[8] The attack significantly restricted the government’s ability to react by spreading its message online and to connect with foreign governments around the world during the hostilities with Russia.[9]
Aftermath This incident is often cited as one of the first examples of offensive cyber attacks forming part of synchronized kinetic military operations.[10]
Analysed in Scenario 13: Cyber operations as a trigger of the law of armed conflict
  1. J Markoff, 'Before the gunfire, cyberattacks' The New York Times (12 August 2008).
  2. S Gorman, 'Georgia States Computers Hit By Cyberattack' The Wall Street Journal (12 August 2008).
  3. J Swaine, 'Georgia: Russia "conducting cyber war" ' The Telegraph (11 August 2008).
  4. D Danchev, 'Coordinated Russia vs Georgia cyber attack in progress' ZDNet (11 August 2008).
  5. R Synovitz, 'Georgian Government Accuses Russia Of Waging "Cyberwarfare" ' RFE/RL (12 August 2008).
  6. On the qualification of the conflict, see, eg, A Bellal (ed), The War Report: Armed Conflict in 2014 (OUP 2015) 83 et seq.
  7. SP White, 'Understanding Cyberwarfare: Lessons from the Russia-Georgia War' Modern War Institute (20 March 2018).
  8. G Keizer, 'Cyberattacks knock out Georgia's Internet presence' ComputerWorld (11 August 2008).
  9. N Popescu and S Secrieru (eds), 'Hacks, leaks and disruptions: Russian Cyber Strategies' European Union Institute for Security Studies (October 2018).
  10. See, eg, M Connell, S Vogler, 'Russia’s Approach to Cyber Warfare' CNA (24 March 2017).
Retrieved from "https://cyberlaw.ccdcoe.org/wiki/Georgia-Russia_conflict_(2008)?oldid=2814"