WASHINGTON, Oct. 9 (UPI) -- Viruses, worms, identity theft, extortion and other forms of criminal activity are not the only illicit uses of the Internet. "Malware" -- malicious software designed to exploit weaknesses in programs and the computers on which they run -- has now spawned the capability to digitally "soften up the battlefield."
The cyberattack has become a major weapon of psychological operations and information warfare in both hot and cold wars. It also will grow as a weapon of choice for transnational terrorists because it provides a relatively inexpensive means to disrupt global communications covertly and, in some cases, the ability to use our own computers against us.
According to the Shadowserver Foundation, an all-volunteer watchdog group of security professionals who gather, track and report malicious use of the Internet, on July 19, weeks before the Russian invasion of the Republic of Georgia, the Web site of Georgian President Mikheil Saakashvili was subjected to a distributed denial of service attack, rendering it unavailable for more than 24 hours.
On Aug. 8, the day after Georgian forces initiated a surprise attack on South Ossetian separatist forces, a cyberattack of Georgian government Web sites occurred in parallel to a Russian intervention in South Ossetia. These attacks included both denial of service and defacement of Web sites, such as inserting side-by-side images of Saakashvili and Adolf Hitler. Some Georgian government Web sites were under external control. Commercial sites such as banks were also targeted.
In the immediate aftermath of the Georgian-Russian conflict, independent security consultant and cyber-threats analyst Dancho Danchev concluded that these were coordinated attacks and similar to the denial of service attacks made against Estonia in April 2007, after the bronze memorial of a Soviet soldier was relocated.
Target lists of Georgian government Web sites were distributed among Russian Web forums. Denial of service tools were made available for download. Vulnerable Georgian Web sites were identified. Lists of Georgian politicians' e-mail addresses were provided for spamming and disruption of communications. In this way, sympathetic computer users are recruited to create mass attacks and enhance the effectiveness of these attacks.
Perhaps the single most serious threat to the Internet is the "botnet," which is a collection of hijacked computers forwarding viruses, spam or other malicious content without the knowledge of the computer owners.
Command and control -- C2 -- servers can direct these computers to send thousands of messages causing a denial of service like that seen in the Georgian and Estonian attacks. Such C2 servers can exist beyond the reach of law enforcement within rogue networks.
Just such a network was described by Brian Krebs in an October 2007 Washington Post article. The Russian Business Network offered hosting services and an apparent shelter for child pornography, spamming and identity theft and, in the process, carried out a major portion of global cybercrime and profiteering.
For a monthly fee of $600, 10 times the going rate, RBN provided "bulletproof" protection from regulation, allegedly by its connections to organized crime and bribing regulators. RBN has faded into the background as a result of pressure from Internet commercial interest -- not the government.
It is not clear, however, if RBN is indeed deceased or has simply shifted its operations elsewhere. In his thorough analysis of RBN operations, David Bizeul reported that Abdallah Internet Hizmetleri in Rize, Turkey, was used extensively and, at one time, reportedly was taken over by RBN.
Combining rogue networks with rogue nations could amount to a considerable threat to U.S. national security.
Eli Jellenc, manager of All-Source Intelligence at iDefense, has best defined the extent of the problem precipitated by the Russian-Georgian conflict.
"The use of cyberattack assets in conjunction with kinetic military operations in the current crisis now stands among the most significant developments ever seen in the field of information security or cyber-conflict studies."
(Lawrence Sellin, Ph.D., is a U.S. Army reservist and an Afghanistan veteran.)
(United Press International's "Outside View" commentaries are written by outside contributors who specialize in a variety of important issues. The views expressed do not necessarily reflect those of United Press International. In the interests of creating an open forum, original submissions are invited.)