INFORMATION SECURITY

STUDIES AND ANALYSIS CENTER

CYBER ASPECTS OF RUSSO-GEORGIAN WAR

Ana Sulakvelidze

Student of Information Security Studies and Analysis Center

 INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

*******

Current document represents educational material and it is based on non-classified sources

and on personal observations. In case of any other kind use of this publication, author is not
responsible. The opinions and recommendations represented by this document should not be
considered as official position of INFORMATION SECUIRTY STUDIES AND ANALYSIS
CENTER, which by itself represents this document.

© Ana Sulakvelidze
All Rights Reserved.

It is strictly forbidden copying and redistribution of this document, without authors agreement.

2
 INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

CYBER ASPECTS OF RUSSO-GEORGIAN WAR

Russo-Georgian War of August 2008

was alarming for the international
community not only because it was
an open attempt of a big and strong
state to occupy its little and weak
neighbor, but also because this
conventional war was accompanied
by the cyber attacks on Georgian
cyberspace.

Worthy to note, that cyber attacks

on Georgian cyberspace started
several weeks before the conventional war via social networks, media, and generally
internet1. Nevertheless, the Russian special agencies understood clearly that the massive
cyber attacks on Georgian cyberspace would yield more effective results if implemented
during the conventional war. The cyber attacks on Georgian cyberspace disrupted the majority
of Georgian government websites and pro-Georgian political web-portals 2. As a result,
Georgia experienced complete information vacuum, which meant for the country almost a
deadlock; obviously, the country, which is engaged in an unequal war with the powerful
neighbor, can only rely on the international assistance and support. In such situation an
information vacuum automatically meant for Georgia a stalemate.

The cyber attacks on Georgia were accomplished according to the popular Botnet scheme
where several computers were coordinated in a group, and a chief computer ascribed to each
group computer a particular task; the group computers with the different specific tasks sent a
deluge of internet traffic to the victim computers in order to cause DDoS problem (Denial-of-
Service).

1
Cyber Report 2008-2010. Lasha Pataraia.
2
Ibid

3
 INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

As I mentioned earlier, the international community paid a noteworthy attention to the cyber
attacks on Georgian cyberspace in August 2008. Several articles and publications were
published in the top newspapers and magazines of the world. John Markoff started his article
in New York Times stating that, the cyber attack on Georgian cyberspace began as early as
July 20 when the DDoS attack was implemented on president Saakashvili’s webpage 3. It
appeared quite difficult for experts and international community to determine whether the
Russian government, Russian intelligence agencies, or simply “patriot” Russian hackers were
responsible for these attacks. Nevertheless, an attempt to disconnect Georgia during the
Russo-Georgian conventional war was obvious.

Furthermore, there were several suggestions from the independent

experts and Georgian government officials about Russia’s “strong connection” to the attacks
on Georgian cyberspace; moreover, the possible involvement of the Russian shadowy
business organization, called Russian Business Network, was also suggested by the Georgian
party and the independent expert community. 4The Shadowserver Foundation contended that
one of the six used servers in the aforementioned attacks was of Russian origin, and that the
implemented Botnet scheme was very similar to those schemes generally used by the Russian
hackers5.

Finally, cyber aspects of Russo-Georgian war of August 2008 are significant for the whole
international community, because this attack on Georgian cyberspace was the first cyber

3
Before the Gunfire. John Markoff. New York Times. 2008.
http://www.nytimes.com/2008/08/13/technology/13cyber.html
4
NATO and Cyber Defense. 173 DSCFC 09 E bis. http://www.nato-pa.int/default.asp?SHORTCUT=1782
5
Cooperative Cyber Defence Center of Excellence (CCDCE). Cyber Attacks Against Georgia: Legal Lessons
Identified.

4
 INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

attack which coincided with the conventional war. On the other hand, this experience is
priceless for Georgia and its future development regarding digital technologies. While
Georgia is a newcomer in cyberspace, the cyber attacks of 2008 led the country to realize
how important cybersecurity is for the national security, and how immature Georgia is in the
field. Additionally, the scrupulous analysis of the cyber aspects of Russo-Georgian war
allowed the international community to apprise an existing situation in the whole range.

In sum, regardless that the Georgian cyberspace is far from being secure and standardized, the
process of cyberspace standardization should certainly start in Georgia in the nearest future in
order to ensure proper development of the nation.

5
 INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

ABOUT THE CENTER

Information Security Studies and Analysis Center is the first and only in the Caucasus region
oriented towards the field of Information Security.

Establishment of the organization was caused by the new reality to develop after 2008
Russian-Georgian conflict. The war in 2008 showed us that there were no systems developed
so far to provide protection against the means of informational warfare and cyber-terrorism,
this equally is a challenge to both public and private sectors. Non-existence of respective law
basis, governmental institutions and appropriate means to fight against cyber-crime and cyber-
terrorism affects not only the homeland security but economy of the country also.

Currently in both private or governmental sectors there are modern technologies actively
implemented, the bigger is the process automation scale the more dificcult is its control. In the
conditions where there are espionage and other security challenges, that are of a technological
character, there are new threats to rise, consequently security of the information becomes vital
to not only governmental organizations, but private sector also.

Opposite to the named above threats and challenges our organization gathered a team of
experienced professionals, that gives us the opportunity for the first time in Georgia to
establish institutional mechanisms to fight cyber-terrorism, piracy, corporate espionage and so
on.

6
 INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

OUR SERVICES

We offer unique services to private and governmental sectors, such as:

 Training of specialists in the fields of Information Secuirty, intelligence and anti-

terrorism;
 Staffing;
 Training to different type of employees of private and governmental sectors;
 Audit in terms of informational security aspects and preparation of respective
recommendations;
 Development of standards and SOPs;
 Creation of organizational units for threat monitoring and incident reaction;
 Consultancy in IT infrastructural issues, legal part of IT projects;
 Development of software/hardware solutions, provision and implementation;
 IT outsourcing, protected hosting on US servers, domain registration and etc.

The first priority to the center still remains study of the technological, geopolitical and
military challenges existing in the country, at the same time in-depth analysis of such, and
timely provision of the objective information to public. For this purpose analytical unit of
ISSAC periodically prepares and publishes analysis of modern threats and global trends. We
are maximally transparent in our activities and we help out those interested in these fields, we
give them knowledge base and encourage them to become part of the various projects
conducted by the center.
Our goal is to cooperate with as much governmental institution and educational units as
possible in order to ensure more effective fight against modern threats, create general/common
standards and means of implementation of these standards, increase the quality of
informationin this field to the society and provide our services to those who really needs it.

7
INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY

This publication was downloaded from E-LIBRARY portal of

INFORMATION SECURITY STUDIES AND ANALYSIS CENTER

http://www.issac.ge

8
INFORMATION SECURITY STUDIES AND ANALYSIS CENTER – E-LIBRARY