About Me

My Photo

Geek by profession, thinker/writer/artist by passion. Part-time blogger,social media enthusiast and a tramp by nature :) A Man Of Mud

Connect

Monday, August 10, 2009

Is Cyber-Warfare on Social Web Same As Terrorism

Posted by: danish Ahmed 5:52 AM

If you are a web user then you must already know that some of the most popular social web sites including Twitter, Facebook,LiveJournal and even Friendfeed were taken down this week by miscreants. It is perhaps one of the largest co-ordinated DDoS attack since the attack was launched simultaneously on Twitter, Facebook and other popular social media sites. As a consequence Twitter was down for several hours outraging users like me addicted to Twitter. Even a day later the micro-blogging service was running slow and had major connectivity issue with clients. It is not surprising at all, Twitter already has an inherent scalability issue, its far more vulnerable to denial of service attacks.

A typical DoS a(Denial of Service) attack is one of the oldest techniques cyber criminals employ to cause damage to sites. The technique is wickedly simple, a large number of requests are sent to the victim server which, it is unable to handle and thus crashes or slows down considerably. Often this technique has been successful but compared to this the DDoS is far too powerful. In DDoS (Distrbuted Denial of Service) hundreds of thousands of computers are used to send data and flood the network, these computers may be in different parts of the world but all of them would have been infected with a malicious code that allows the attacker to remotely control these computers. A collection of hijacked computers is called a "botnet" which according to latest news are actually availabe for hire at a relatively cheap price.

Coming back to Twitter outage last Thursday, what is really alarming is the fact that it seems to be politically motivated with probable involvement of state-actors! Apparently this highly synchronised attack was not a random anarchist act, it was targeted at one individual, a Georgian blogger, going by the name "Cyxymu," (the name of a town in the Republic of Georgia), who had accounts on Twitter, Facebook,LiveJournal, Blogger and YouTube.[source] As is obvious, fingers have already been pointed at Russia, especially after the last years cyber-warfare between Russia and Georgia.

Only weeks back, there were reports of sustained Denial-of-Service attacks on US and South-Korean websites and most likely these are going to continue sporadically until it breaks out into bigger cyberwar or the political objective is met. Earlier, there have been politically motivated large-scale attacks against Eastonia in May 2007 , Ukraine and Lithunia besides the occasional but highly damaging attacks on US sites by Chinese hackers. China is reported to have been preparing for large-scale cyberwar. Of course, Jihadists can't be far behind! However, as with everything, the earliest politically motivated cyberwar involving DDoS was launched against Serbia under the auspicious of the US. Its another matter that, Serbians were equally successful in counter-attacking the NATO on cyberspace.

But as of yet, there hadn't been as big a collateral damage as has been the case in last weeks outage. The Social Web has become a very important political tool as we learnt very recently from Twitter's role during Iran elections and the massive protests later on. Indeed, web is quintessentially a democratic platform and we can expect far more political activism online but there is also the fear that the involvement of state-actors in disruption of what can be called "essential services on the web" is an alarming trend. If attack on civilians in real world is called terrorism and unacceptable in any manner, an attacks that disrupts Social Web cannot be considered any less than cyber-terrorism. May be we need global treaties or similar legislations to ensure that our social web lives are not held ransom by nation-states' military and intels, cybercriminals or cyberterrorists.

Update
A few hours back, Twitter came under another attack which disrupted the service for 30 minutes. At 12:17 P.M. PT Twitter confirmed the attack on its status blog.

More information....

7 comments :