Cyberwarfare: Russia's Cyber Attacks on Georgia - Research Paper

Introduction

Cyberwarfare is the application of technology to stage attacks against a nation (Haizler, 2017). The phenomenon is one of the defining features of modernity since it does not involve violence or physical forms evidenced in traditional wars. A suitable example of such a war is the cyber events that unfolded during the Russo-Georgian War. This essay describes Russia's cyberwar against Georgia to demonstrate cybersecurity issues that have faced the latter recently. It will begin with a section showing the background for the war. Also, the essay embodies sections delineating events of cyber warfare, including specific cyber-attacks and Georgia's response. Lastly, a part reflecting on the conclusions and implications of the explication will be offered.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

An Overview of the Russo-Georgian War

Briefly, the Russo-Georgian War took place in 2008 after several years of uprisings in Georgia (Hafkin, 2010). Both Russia and Georgia were constituent republics during the former Soviet Union. In 1991, after the disintegration of the union, Georgia became an independent state (Shanahan Cutts, 2007)). However, Russia maintained some control of Georgia, particularly in South Ossetia and Abkhazia, leading to a political stalemate as the Georgian government battled separatists in these territories (Hafkin, 2010). To aggravate the situation, Georgia adopted a pro-western leadership in 2003 that worsened its diplomatic relations with Vladimir Putin-led Russia. The cyber warfare against Georgia that Russia initiated in July 2018 was a part of the mechanisms that the latter applied to reassert its influence (Ashmore, 2009).

Specific Cyber Attacks During the Conflict With Russia

Many researchers who have investigated the Russo-Georgian War argue that Russia launched cyberwarfare against Georgia before the military invasion (Connell & Vogler, 2017). Hagen (2012) identified two phases of cyber warfare. The first phase began on 7th August when Russia-sponsored actors hacked into Georgian news and government websites (Hagen, 2012). Military analysts in Russia explained that the aggressive cyberwar was a response to Georgia's intrusion into different internet sites and news platforms of South Ossetia. Indeed, these military informants clarify that the counterattacks happened some days before the ground expedition.

Initially, Russian hackers launched the distributed denial of service (DDOS) attack, which usually hinders legitimate use of computer resources (Hagen, 2012). DDOS begins by paralyzing the functioning of a single computer or a significant supply of a network and then replicates the action to multiple computers that ultimately disrupts all the services within the vicinity of the affected area (Kumarasamy & Asokan, 2012). DDOS launchers, in the case of Georgia, used botnets (zombies), which describes a group of internet-based computers infected with malware (Hagen, 2012). The malware allows the command and control functionality of another computer to direct the bots (Hagen, 2012).

Notably, Russia is one of the nations with the highest number of criminal organizations using botnets (Hagen, 2012). The botnets that facilitated the disruption of Georgian networks were affiliated to the Russian Business Network, a well-organized criminal group that perpetrates cybercrime around the world. According to Hagen (2012), Georgian systems are not so developed. Thus they were vulnerable to a DDOS attack than those of Estonia, where Russia had launched a similar attack in early 2007.

In the second phase, Russian hackers continued disrupting services in Georgia using the DDOS attack (Hagen, 2012). However, attacks in this phase were broader as in addition to targeting Georgian media and government websites; they afflicted financial entities, BBC and CNN units based in Georgia, and a hacker website sponsored by the Georgian government. Additionally, the second phase of warfare defaced government websites to meet further political causes. Hagen (2012) noted that at some point, government websites in Georgia likened President Mikheil Saakashvili to Adolf Hitler, which confirms the defacement.

In the process of defacing websites, Russian hackers end up conducting another type of attack, the SQL injection that utilizes a webpage's text field to communicate directly with the back end database (White, 2018)). Unfortunately, a system that is vulnerable to SQL injection accords a hacker substantial access to a database from where he/she can access login details, financial transactions, and other sensitive information. Another notable feature of the second phase was the use of hacktivists, mainly from the Russian youth movements, to supplement the cyberwar (Hagen, 2012). Russia recruited these hacktivists via several websites, with StopGeorgia.ru being the most utilized one. Some of the individuals who participated in the hacktivism revealed that sites contained easy-to-use tools for augmenting skills of novice users. For example, they had user-friendly buttons like FLOOD, which automatically deployed the DDOS attack to Georgian targets after a single click.

Besides, the websites featured a detailed description of the accessibility of different targets. They, for example, specified if a particular target was accessible from Russia or Lithuania-based operational bases as well as its associated vulnerabilities. Moreover, the second phase depicted some professionalism and effective and prompt policing (Hagen, 2012). In the conflict, XAKEP.ru, a Russian hacker site, responded to port scans initiated by U.S.-based open-source security projects by temporarily blocking all internet protocol addresses coordinated by American firms.

Notably, the cyberattacks in both phases were so comprehensive and well-coordinated in that they also targeted Georgian servers hosted in other countries. Georgia depends heavily on neighboring nations when it comes to the connections of the internet via land, as some of its servers rely on connections running through Turkey, Ukraine, and Armenia (Hagen, 2012). In line with that argument, Hagen, (2012) argued that control of servers hosted externally gave Russia full access to all the information in Georgia's cyberspace, which was significant for directing military ground tactics. Also, the whole access meant that Russia hackers acquired confidential information in government networks and public email addresses, which facilitated the defamation of Georgia and justification of Russia's invasion (Hagen, 2012).

Georgia's Cyber Defenses

In general, Georgia responded to the cyberwar insufficiently because it concentrated efforts on the ground war. Georgia's first response was the establishment of filtering mechanisms with the hope of preventing all Russian IP addresses from accessing its networks (Hagen, 2012). Even though this strategy could have prevented many attacks initiated from Russia, it proved to be ineffective as hackers expected such a response. Thus, they evaded the response by accessing Georgia networks from other countries (Hagen, 2012). Also, Georgia depended on Estonian cybersecurity experts since they had experienced a similar experience in 2007 (Miniats, 2019). However, these experts could not mitigate the attacks effectively as they mostly concentrated on controlling the damage (Hagen, 2012).

The only identifiable effective mechanism was the transfer of cyber resources to countries like the United States, Poland, and Estonia. It is, however, important to note the transfer involved third parties and not officials of the host countries. For instance, the Georgian government transferred the president's website to Google blog servers in California and the one for the Ministry of Defense to a particular private firm in Atlanta (Hagen, 2012).

Conclusions and Implications

Russia's invasion of Georgia via cyberspace uncovered significant issues that deserve attention from both the Georgian government and the international community. In particular, the discussion reveals that Georgia's cyber infrastructure is highly deficient in withstanding cyber warfare. The reliance on foundations of neighboring takes control of cybersecurity away from the Georgian government, which is a source of vulnerability. Besides, the country lacks a reliable mechanism for mitigating sophisticated cyber attacks like those it experienced during the conflict with Russia. In the battle, Georgia relied on third-party security infrastructures located in the U.S. and other countries. Still, this arrangement increases cyber vulnerability as international laws may not govern nongovernment entities. Hence, the Georgian government needs to upgrade its cyber infrastructure to prevent a similar attack in the future. In that regard, it might request experts from advanced countries like the U.S. to upgrade cybersecurity infrastructure.

Lastly, the Russo-Georgian cyber warfare pinpointed a severe deficiency in international law about interstate war or sovereignty. Since the formation of the United Nations and the end of decolonization, countries have become sovereign. However, sovereignty exists in terms of physical territorial boundaries. As such, the world needs a cyber law that specifically prohibits states from invading other countries' cyberspace (Geiss, 2013). Without this law, cyberspace remains a potential catalyst for a third world war. After Georgia outsourced its cyber assets to U.S. firms, Russia hackers temporarily paralyzed operations of these firms. Therefore, a third world war might happen if a similar incident occurs in the future, and the U.S. or other countries involved, and their allies decide to retaliate.

References

Ashmore, W. C. (2009). Impact of alleged Russian cyber attacks. Army command and general staff Coll Fort Leavenworth KS school of advanced military studies.

Connell, M., & Vogler, S. (2017). Russia's Approach to Cyber Warfare (1Rev) (No. DOP-2016-U-014231-1Rev). Center for Naval Analyses Arlington United States.

Geiss, R. (2013). Cyber warfare: implications for non-international armed conflicts. International Law Studies, 89, 627-645.

Hafkin, G. (2010). The Russo-Georgian War of 2008: Developing the law of unauthorized humanitarian intervention after Kosovo. BU Int'l LJ, 28, 219-239.

Hagen, A. (2012). The Russo-Georgian War (2008): The Role of the Cyber Attacks in the Conflict. The Armed Forces Communications and Electronics Association, 1-26.

Haizler, O. (2017). The United States' Cyber Warfare History: Implications on Modern Cyber Operational Structures and Policymaking. Cyber, Intelligence and Security, 1(1), 31-45.

Kumarasamy, S., & Asokan, R. (2012). Distributed Denial of Service (DDoS) attacks detection mechanism. International Journal of Computer Science, Engineering and Information Technology, 1(5), 39-49. DOI : 10.5121/ijcseit.2011.1504

Miniats, M. A. (2019). War of Nerves: Russia's Use of Cyber Warfare in Estonia, Georgia and Ukraine.

Shanahan Cutts, N. M. (2007). Enemies through the gates: Russian violations of international law in the Georgia/Abkhazia conflict. Case W. Res. J. Int'l L., 40(1), 281-310.

White, S. P. (2018). Understanding Cyberwarfare: Lessons from the Russia-Georgia War. Modern War Institute at West Point.