priit@imke

Only hours after the Bronze Soldier was removed from Tõnismäe, in Tallinn, the capital of the Estonia, cyberattacks began and massivly continued for weeks. As Linnar Viik, well known visionaire in Estonia, commented the situation in morning television at ETV: „this is the firsti time, when such kind of massive attack was intented to be against the whole country“.

While Russia and Estonia are embroiled in their worst dispute since the collapse of the Soviet Union, a row that erupted at the end of last month over the Estonians’ removal of the Bronze Soldier Soviet war memorial in central Tallinn, the country has been subjected to a barrage of cyber warfare, disabling the websites of government ministries, political parties, newspapers, banks, and companies (The Guardian 2007). That was something that no one expected (Securenet 2005).

Main similarities between two wars are:

1.Attacking important infrastructures. After 26th April. The main targets have been the websites of (The Guardian 2007):

the Estonian presidency and its parliament
almost all of the country’s government ministries
political parties with no difference, was they against or supportive for removing bronze soldier
three of the country’s six big news organisations
two of the biggest banks, Hansapank and Ühispank; and firms specializing in communications

Arbor Networks Security Blogs (2007) gives an short overview of the last two weeks (17th May and before it). According to this, 128 unique DdoS attacks has been:

Attacks Destination Address or owner

35 “195.80.105.107/32″ pol.ee
7 “195.80.106.72/32″ www.riigikogu.ee
36 “195.80.109.158/32″ www.riik.ee, www.peaminister.ee, www.valitsus.ee
2 “195.80.124.53/32″ m53.envir.ee
2 “213.184.49.171/32″ www.sm.ee
6 “213.184.49.194/32″ www.agri.ee
4 “213.184.50.6/32″
35 “213.184.50.69/32″ www.fin.ee (Ministry of Finance)
1 “62.65.192.24/32″

2.Data gathering. Both sides are doing massive and even public (in case of cyberwar) espionage to find out enemy’s weaknesses.
3.Weapons distribution. In case of cyberwars, weapons are computers, software and tutorials about attacking targets with malware or just to overload servers.
4.Propaganda. Web forums, mailing lists and portals are perfect for quick and efficent propaganda against the other side.

Differences between wars are:

1.Chances to get hurt or killed is minimal, if you are taking a part of the cyberwar.
2.Very easy to join with the „army“
3.Patriotism is going to fade very soon and goes over to riots – one reason is tightly related with small chance to get caught.
4.In cyberwar, humans are dictating computers, who are taking over the role of being and fighting as a soldiers. More often users are not aware of the fact that his or her computer is being used as a part of the battle.
5.Cyberwar is invisible for the physical world. But the results are very visible – everything, what is connected to the Internet, is in danger and nowadays everything is connected.

What kind of attacks are being used in cyberwars?

Denial of Service attack (DoS attack) and DDoS (Distributed Denial of Service attack).

DDoS attack is a distributed attack from the multible computers at the same time. There are approximetly ten different DoS attack but the main idea is the same – victim is overloaded with queries and when computer is trying to answer them, it gets overloaded and crashes. The reason for that might be hidden in software errors or computer is just going to over heated.

How to prevent and be against the attacks?

A DoS attack can be perpetrated in a number of ways. There are three basic types of attack:

1.consumption of computational resources, such as bandwidth, disk space, or CPU time;
2.disruption of configuration information, such as routing information;
2.disruption of physical network components.

After the attacks began, Estonia cutted access to its sites from abroad. That is potentially more damaging to the country’s economy than the limited Russian sanctions announced so far, such as cutting passenger rail services between Tallinn and St Petersburg. It certainly hampers Estonia’s efforts to counter Russian propaganda that portrays the country as a fascist hellhole. “We are back to the stone age, telling the world what is going on with phone and fax,” says an Estonian internet expert (The Economist 2007).

Fact was that at the beginning some of the earliest attacks linked to Russian goverment. Plus suddenly tens of how-to’s appear about how to launch DoS attacks and those were mainly on the Russian web pages (The Economist 2007).

But cutting yourself out from the rest of the world is not the solution. Best way to help preventing those attacks (not from the target side but from the „host“ computer) would be using updated software against the malware. It is still very easy to follow that but usually users are not keeping attention on that.

Conlcusion

On 14th May, Finnish television agencie Yle announced that there has been started attacks against Yle homepage, police and some ministries and companies. Same type attacks were used as in Estonia before. Attack against the Yle site was the most powerful in the Finnish Internet history so far (Postimees 2007). That shows clearly the situation where cyberwar is not only happening between two countries and solving this mess is an excersise for whole EU and NATO too.

References:

1.http://en.wikipedia.org/wiki/Cyber-warfare
2.http://www.militaar.net/phpBB2/viewtopic.php?p=90926&sid=
fceb66499ab52144c24b132648c64164
3.http://www.ekspress.ee/viewdoc/F69F3BF1BC6B13FCC22572D0003166D6
4.http://www.postimees.ee/110507/esileht/siseuudised/260027.php
5.http://www.economist.com/world/europe/displaystory.cfm?story_id=9163598
6.http://www.securenet.ee/48?PHPSESSID=6cd380914f38636520828f477
44ce410
7.http://www.tgdaily.com/content/view/31869/97/
8.http://www.postimees.ee/160507/esileht/valisuudised/260946.php
9.http://arstechnica.com/news.ars/post/20070514-massive-ddos-attacks-target
-estonia-russia-accused.html
10.http://en.wikipedia.org/wiki/Denial_of_service
11.http://postimees.ee/170507/esileht/siseuudised/261227.php
linnar viik räägib ka asjast
12.Postimees, arti „Soome netilehed on küberrünnaku all“,
13.http://www.guardian.co.uk/russia/article/0,,2081438,00.html
14.http://asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary
-to-date/

Basically Second Life is the computers came which became extremely popular about half a year ago and have now reached to the millions of users (residents, to be accurate) who are using (or living on) it tens of hours per week. What is all about it, what can I get from it?

The very first thing to do is to download a client program (runs on Windows 2000/XP, currently not supporting Vista and on Mac OS X 10.3.9 or better), install it. Next moves are going to happen in the virtual world already - creating an avatar (your virtual me), moving and exploring the virtual world and chatting / making new friends around it. It is nice to know that behind those virtual avatars there are always a live human behind that. Like Philip Rosedale, Linden Lab’s (creator of the Second Life) says: “There are a lot of ways of connecting people to their computers, not just mice and keyboards but gaze detection and neuromuscular stuff”. Sounds like a perfect opportunity to widen the circle of friends and a fantastic way to collaborate in the actions you are missing in the real life.

Philip Rosedale knows that very well: “There are lots of handicapped people using Second Life - it’s one of the really inspiring things about it”. I must admit, that he’s right - when all the traditional computers are also capable to managesome kind of virtual world, there’s always certain scenario to be followed. But Second Life may help you to by a house or visit the virtual lectures and plan a tour to the art museum. It is accessible without leaving the computer.

Meanwhile, we cannot forget the world we are physically existing in. Dutch report on the Second Life is mentioning: “The relationship between happiness in real life and in Second Life is strong in the group 30 hours and more except for those who are unhappy in real life. They are happier in Second Life. In the group are several people who are house-bound because of circumstances, illness or a handicap.”.

But what I’m thinking of, is the situation, where I’m house-bounded myself, I don’t have close friends or relatives and my only true friends are existing in the Second Life, then I would choose a chance to be happy in the virtual world rather thatbeing depressed in my situation.

http://www.comcast.net/news/technology/index.jsp?cat=TECHNOLOGY
http://en.wikipedia.org/wiki/Second_life
http://infoisland.org/2006/12/09/dutch-report-on-second-life-the-second-life
-of-virtual-reality/
http://www.workconnexions.com/blog/Leo
/Whysecondlifehasgreatpotentialforthehandicapped.aspx

Some thoughts after the reading

When we are talking or thinking about the Internet and everything concerning to that, we can’t ignore the fact that Internet did not born on the empty place. More accurate would name and accuse the telephone and its “father”, Mr. Alexander Graham Bell on this situation we are living in - era of information.

With a bit more than a hundred years, changing an information has gone more faster, reliable, cheaper, wide spreaded, and complexed. At the moment we are able to make free of charge phone calls all over the world, calls can last for hours without dropping down and we can call to or friends, no matter where we are. That’s fantastic as long there is no need to explore inside to those technologies. Why?

Approximately 100 years of the invention of the first phone, almost everything has gone to the level of software. Although the software is created and controlled by the humans, they are not require physical maintenance. Software update will be done regularly (or sometimes not so regularly) and that’s it. But let’s face it, in software development process it is much easier to make mistakes than making a cable connection between two analog telephone. One example is mentioned in the Hacker Crackdown as well: on January 15, 1990, AT&T’s long-distance telephone switching system crashed. Reason was hiding itself in the piece of software and it wasn’t physical. And the backup system didn’t work as well as it supposed to too.

My point is, that for ordinary user, systems are so complexed and getting more and more towards to mathematical world and further from the physical world. In the popular TV show “Saved by the Bell” we can see how physical world controls over the mathematical world (Slater vs. Screetch). If there would be “Saved by the Bell 2007″ we could see, how Screech is the most popular character in the show and everyone is teasing poor Slater over and over again. And going a bit further, we can imagine how those big-headed aliens (that we are seeing in the movies and reading about from the computers) are nothing more than humans, who are leaving their needs for physical world and instead of it are collecting knowledge to their brain as much they can.