This action might not be possible to undo. Are you sure you want to continue?
b y j o s h u a d av i s
The botnet attack on Estonia last spring nearly shut down the most wired country in Europe . Behind enemy lines with the foot soldiers of the digital age .
This was not the first botnet strike ever. He stared at the error message: For some reason. They were all down. “All major commercial banks. But a digital invasion? Estonia is a member of both NATO and the European Union. wasn’t responding. the site for Estonia’s leading newspaper. This was the first time that a botnet threatened the national security of an entire nation. But never before had an entire country been targeted on almost every digital front all at once. and tank advances. nor was it the largest. which states that an assault on one allied country obligates the alliance to attack the aggressor? In the coming months. sep 2007 1 6 3 . The border guards had reported no incursions. “The attacks were aimed at the essential electronic infrastructure of the Republic of Estonia. and name servers—the phone books of the Internet— felt the impact. the meaning was clear. Ministers of defense develop strategies to combat the threat of missile attacks. Should Aaviksoo invoke NATO Article 5.” Aaviksoo tells me later. The leading bank was under siege. Jaak Aaviksoo attempted to pull up the sites of a couple of other papers. telcos. He hadn’t even changed the art on the walls. Outside. the Postimees. air raids.” Welcome to Web War One. and it had slipped into the country through its least protected border—the Internet. commentators around the world would look back at this moment and debate its significance.WI WEB WAR ONE he minister of defense checked the Web page again—still nothing. Government communications were going down. and never before had a government itself fought back. and Estonian airspace had not been violated. The former director of the University of Tartu Institute of Experimental Physics and Technology had been the Estonian defense minister for only four weeks. It wasn’t just the newspapers. An enemy had invaded and was assaulting dozens of targets. It is known as a botnet. and this affected the majority of the Estonian population. everything was quiet. media outlets. naval bombardment. The aide explained what was going on: They were under attack by a rogue computer network. But for Aaviksoo. An aide rushed in with a report.
Estonia. violence broke Estonians had finally mustered the gump. But having rid the country tion to ignore the protests of the Russian with spikes in the newspaper’s Internet MOLDOVA AUSTRIA HUNGARY traffic before. Rioters smashed paper’s servers were being swamped with TUNISIA ICELAND 1 6 4 sep 2007 Canary Islands WESTERN MOROCCO ALGERIA CYPRUS LEBANON ISRAEL SYRIA JORDAN IRAQ KUWAIT IRAN AFGHANISTAN EGYPT PAKISTAN NEPA . government—which had warned ominously SLOVENIA ROMANIA CROATIA to settle in. hundreds of night meeting of the people were arrested. IRELAND poland germany in 1947 to commemorate their war dead after country. But the April 27—after an overfighting died down quickly. after 16 years of independence. it was installed in a military cem. the windows were russia nation’s crisis commission—the Estonian repaired. Most of the demonstrafinland had occurred a few days tors were ethnic Russians. To many citizens.etery in the suburbs. But now his tion. the capital of But just as the unrest subsided. the days later. K. flipped over cars. the Russians decided SWITZ. Three buildings. the Even before the removal. but this was different. Now. a differNETH.ND SWEDEN he event that sparked shop windows. Ago Väärsi had dealt KAZAKHSTAN of World War II.few years serving up a million pageviewsKYRGYZSTAN ARMENIA AZERBAIJAN ALBANIA PORTUGAL TURKMENISTAN statue was a symbol of an oppressive occupa. The head of IT at the Postimees BELGIUM driving the Nazis out of the region at the end watched it with alarm. and street sweepers had cleaned up latvia everything by the morning of April 28. and soon masses of Estonians were Estonians”—and uprooted the statue. government removed a 6-foot-tall bronze lithuania statue in downtown Tallinn. a day. roughly comparable to the traffic at GREECE SPAIN TAJIKISTAN TURKEY the Seattle Post-Intelligencer. From of German occupation. who make up a estonia earlier. and threw sweden this digital onslaught rocks at riot police. The Soviet secret policeFRANCE that the removal would be “disastrous for his office at the top of one of Tallinn’s highest set up ITALY BOSNIA SERBIA shop.out in the streets of Tallinn. Around dawn on quarter of the nation’s population. The Soviets had built the monument ent kind of aggression began to sweep the belarus U. the 31-year-old had spent the past BULGARIA UZBEKISTAN MONTENEGRO GEORGIA MACEDONIA deported to Siberia.
At noon. As the sun lit the Baltic Sea outside Väärsi’s window. available bandwidth hit zero. If so. the maximum available.” Estonia’s foreign minister said. and the government has embraced online voting. the Postimees Web site disappeared. On the morning of Wednesday. But then he looked at where the traffic was coming from. He keyed in a few lines of code and pressed Enter—and all international requests to the paper were suddenly blocked. In the eyes of the world. as some citizens prefer—is like a window into the future. The site went down. and real. May 2. he realized he was exhausted. to increase bandwidth capacity. Vietnam and Peru followed. At the time. crippled ATMs in Tallinn.3 million pageviews and had already crashed 20 times. Though this was a 21st-century attack. Väärsi couldn’t have known that this was just the beginning. Väärsi has the look of a ’70s rock promoter—he wears his hair long and his shirts open. the future was looking perilous.” The paper’s editors thought he was going to have a heart attack. 5 percent unused. Väärsi had already asked Elion. In other words. fast. he received an automated alert on his cell phone: “Web site is critical. the site would become inaccessible. traffic again rose precipitously. 10 percent unused. Väärsi used the same defense Estonia had used against Russian invasions four centuries earlier: He had closed the gates. Now he had 110 Mbps. and intelligent. and he sports rose-tinted. The number one foreign country accessing the site: Egypt. the bandwidth meter turned green. He dis- covered that the attackers were constantly tweaking their malicious server requests to evade the filters. He knew he had only one choice: to sever the international connection. Someday. It made no difference. but at a cost. A flat-panel monitor on the wall of his office displayed bandwidth consumption—the amount of traffic flowing to the newspaper from within Estonia and from around the world. Now he watched as the numbers ticked down: 20 percent unused. Väärsi tried to pull up his competitors’ Web sites. He doubted that a sizable Estonian population had suddenly materialized in southeast Asia and South America. square sunglasses. Every time a server crashed. photographs by “The European Union is under attack. and Skype is taking over the international phone business from its headquarters on the outskirts of Tallinn. They were down as well. “The attacks are virtual. Väärsi had preserved enough bandwidth to keep the Postimees online by removing ads and pictures. Some 40 percent read a newspaper online daily. driven largely by overseas visitors.” 2. pulled up the ramparts. He’s proof that the geeks have triumphed in this country of 1. cell phones can be used to pay for parking or buy lunch. among other things. the paper’s Internet service provider. creating a two-fold problem: The spam overloaded the server’s processors and hogged bandwidth. more than 90 percent of bank transactions are done over the Internet. He had been in the office writing filters and struggling to keep his servers up for days. Väärsi initially thought the traffic spike was due simply to international interest in the statue controversy. Usually it hovered in the green zone—20 to 30 percent of capacity unused. Estonia—or eStonia. Väärsi turned off the comments feature. Donald Milne . Whoever was behind this was sophisticated. That saved bandwidth—the meter showed that there was still capacity—but what did get through tied the machines into knots and crashed them repeatedly. and settled in for a siege. If it reached zero. Estonia’s leading news outlet could not tell the world what was going on in its own country. Väärsi watched as automated computer programs continued to spew posts onto the commentary pages of the Postimees Web site. The site became accessible again within Estonia. The pages were a lighter load. The country is saturated in free Wi-Fi.Defense minister Jaak Aaviksoo got help from NATO in the wake of cyberattacks that. the rest of the world will be as wired as this tiny Baltic nation. but the capacity monitor was still hovering precariously close to zero. So far.3 million. Instantaneously. psychological.
a single attack launched by China against the US lasts only a few hours. it becomes one of the unwitting drones that make up a global botnet. In this scenario. overwhelming its defenses and either crashing it or driving its owners to shut it down as a defensive precaution.000 computers. Beijing orders a limited attack on the computer systems of US congressmembers and corporations that support the bill. Fortunately.When Bots Attack If you want to bring down a country’s information infra structure and you don’t want anyone to know who did it. tension over proposed US legislation to raise tariffs on Chinese imports triggers a crisis. like Norton AntiBot. When these machines. Thanks to the distributed nature of these networks. Once the attack is under way. all while maintain ing total deniability. his network of bots can launch millions of packets of information toward a single target. attacks appear to be coming from random personal computers located all over the world. Typically. But bots keep mutating. phishing fraud. the bot takes control of its host and sends out multiple packets of information— usually spam—to designated targets. Chinese security officials hire criminal bot herders to launch the denial of service attacks. BY JOHN ROBB 1 attacker 2 bot herder 1 attacker 2 bot herder 3 Zombie In this scenario. receive a signal from the bot herder. Once an ordinary computer is infected by a bot. And if you’re wondering if your PC is infected. a hacker or a syndicate of hackers control one or more giant botnets. and denial-of-service extortion. detection isn’t easy. you can launch hundreds of thousands —even millions—of infobombs at a target. so the game is far from over. Using rented botnets. In this hypothetical scenario. the weapon of choice is a distributed denial of service attack. Freelance computer hackers function as the project managers for the DDoS attacks. Payments are routed via anonymous services like PayPal (often using branches based in Latin America). known as zombies. new versions of home security software. are targeting this new strain of malware. a Chinese media and diplomatic campaign will portray the attackers as cybervigilantes operating on their own. many will even be from within the US. but a fullscale assault lasting days or weeks could bring an entire modern information economy to its knees. a remotely controlled piece of malicious software. Catalogtree and Systemantics infographic by . On the bot herder’s signal. Target IP addresses and email accounts (harvested in earlier operations) are distributed through private chat rooms used by criminal hackers. worldwide networks that can include 100. Herders usually make their living by renting these networks out for commercial spam. Each machine has been surreptitiously infected by the bot herder with a bot.
To beat back the bots. befitting the trench-coat-andshades look. like Väärsi. These groups blame the Chinese government. charged with coordinating the country’s response to the attacks. It required social networking. he wears a trench coat and shades. which direct global Internet traffic. That makes Lindqvist a sort of Olympian in the IT crowd. Nevertheless.com) is the author of Brave New War. But in this more likely scenario. banks. and 10 years ago he began specializing in digital crime. the targets are Web sites and email systems of congressmembers and corporations that support higher trade barriers.” But he was here for a reason. The cybercop explained what had happened: Web sites around Estonia had resorted to a siege defense by cutting off international traffic. He’s one of the so-called Vetted: the select few who are trusted by the world’s largest ISPs and can ask them to kick rogue computers off the network. He is a handsome 32-year-old with a dimpled chin and close-cropped hair. Lindqvist and some others were in Tallinn that week for what was referred to as a BOF—a birds-ofa-feather—meeting with European network operators. inhibiting their ability to work on behalf of the legislation. he needed help tracing their origins.4 target 3 Zombie 4 target A full-scale DDoS attack meant as an act of war might target military and government servers. He doesn’t look like the fine-dining type. Across the dinner table from Aarelaid sat Kurtis Lindqvist. The problem was that IT managers nationwide. A mutual friend suggested that Lindqvist sit down with Aarelaid. had so far been able to use only the bluntest tool—they cut off Estonia from the rest of the world. Fighting the bots directly required a more modern defense. but can’t prove it. but the geek in him is just below the surface. He loves to play badminton and often programs late into the night. Now he’s head of the Estonian computer emergency response team. He’s also a tech entrepreneur and former special operations pilot. he belongs to a clandestine alliance of Internet elite with the power to cut off global Internet flows. targets will be effectively shut down while they undergo security upgrades and damage assessment. Legend attacker bot herder Zombie target (globalguerrillas. the man in charge of running Stockholm-based Netnod. The Vetted constantly crisscross the globe to expand their network of trusted members.typepad. Hillar Aarelaid was having dinner at Ö. civilian email. His years working the streets as a beat cop have stuck with him: His face seems frozen into an expression that says “Don’t mess with me. and by a stroke of luck. and phone companies. John robb our days after the siege began. a high-end restaurant just outside the walls of the old city of Tallinn. By day. And. Since his rookie years in the 1980s. one of the world’s 13 root DNS servers. Then he needed to persuade ISPs around the world to blacklist the sep 2007 1 6 7 . Aarelaid’s IT cops are the de facto Estonian Internet defense force. he has moved up the ranks. Known by the acronym CERT.
Lindqvist grinned broadly. :). Aarelaid had his social network. Woodcock. NATO sent a few experts to the Baltic nation. If the computers don’t work.” wrote a hacker named S1B. the bombs don’t strike their targets. “You may think you have no influence on the situation??? You CAN have it on the Internet!” The post then laid out precise instructions on how to launch a ping attack on specific Estonian sites. Then there was the air force: botnets. For all they knew. or DDoS.” At 10 pm on Tuesday. protect. could be made to repeatedly flood designated Internet addresses with a variety of useless network-clogging data. and plugged in.individual attacking computers that would otherwise overwhelm Estonia’s bandwidth. communicate. That’s where the Vetted would come in—they could make the calls on Aarelaid’s behalf. First they were goaded by overheated rhetoric about the April 27 removal of the statue. who had spent years traveling through Europe. hundreds of posts called for a coordinated attack at the stroke of midnight on May 9. The script kiddies were stoked into a fervor on Russian-language chat rooms. now advised his government on Internet security. Beyond the at-risk civilian sector. today the key is a military’s ability to collect. took a picture with the built-in camera. By the end of dinner. Lindqvist was satisfied that Aarelaid was legit. unfolded across multiple fronts. “DDoS is occurring even now but something more potent is on its way. They used private chat rooms to communicate among themselves. It was a geek dream team. and defensive security is being tightened. and Woodcock arrived at the downtown Tallinn office building that housed CERT headquarters. delete legitimate content. Finally. Their primary weapon was the ping attack. It was almost 11 pm in Tallinn—midnight Moscow time. The problem was that most international ISPs had never heard of Hillar Aarelaid. he could be a hacker trying to cut off legitimate users. The 21stcenturywarfare version of depriving a city of water will be to deny entire states the ability to process. like most other ambitious campaigns. Aarelaid would lead the charge—his team had to identify the addresses of the attackers and build the filters that would get distributed worldwide—but these guys were the ones with real battle experience. If petroleum was the indispensable asset that decided campaigns in World War II. The action will be massive—it’s planned to take Estonnet the fuck down :). Insiders acknowledge that the Department of Defense is worried about the vulnerability of its networks and weapons systems. 0 0 0 voices miss three critical points: First. officials are developing offensive methods. In fact. It was the equivalent in the real world of an army recruitment pitch bundled with marching orders. When deployed by masses of attackers. These giant squadrons were made up of hundreds of thousands of individual computers from around the world that had been hijacked previously by hackers. he cyberattacks on Estonia. known as zombies. “You do not agree with the policy of eSStonia???” demanded a user named Victoris on a Russian online forum. Fältström. funding still goes overwhelmingly to cold war–era legacy sep 2007 . Patrik Fältström from Sweden and Bill Woodcock from the US— two more of the Vetted—would also go. and shoot. compute. a warrior could not fight without water. the pings could overwhelm a server. Those what-me-worry Washington policymakers ignore the threat of cyberattack at everyone’s peril. our armed forces rely on digitized information and communications to fuel their high tech hardware. though these black programs are classified. The astonishing thing about last spring’s alleged Russian cyberattack wasn’t the crippling effect it had on Estonian’s government and the lives of its citizens but the lack of serious reaction elsewhere. and sent it out to the network to prove to the Vetted that Aarelaid was for real. Aarelaid stared calmly at the camera. a pony-tailed former programmer for the Swedish Navy. The European Union raised but one scolding finger. At the same time. A week later. the day Russia celebrates its World War II victory. as the world witnessed the trial run of a new mode of warfare. and Asia helping to set up Internet infrastructures. but a full-scale cyberattack on the US could be far more devastating. The foot soldiers were called script kiddies—relatively unsophisticated troublemakers who copied programs line for line off hacker Web sites. with the attitude to match. attack. No matter how brave. It was the digital version of carpet bombing and is referred to as a distributed denial of service. While America Sleeps BY RALPH PETERS For thousands of years. and he agreed to join him at CERT headquarters whenever Aarelaid wanted. May 8. there were the special forces— hackers who could infiltrate individual Web sites. If you follow defense-budget dollars. Fältström. “On the 9th of May a mass attack is planned. He called Aarelaid and Lindqvist over. a simple request for a response from a Web server. repeated hundreds of times per second. The computers. besieging armies sought to cut the water supplies to walled cities to break down their resistance. sauntered into the operations center wearing bisonskin boots handcrafted for him in Montana. Estonia’s advanced state as an e-society makes it appear uniquely vulnerable. Maine. and the US protested mildly and briefly—then President Bush welcomed Putin to the Bush family compound in Kennebunkport. and the women and children he defended could not live long without it. the Pentagon doesn’t seem to fully grasp the dangerous potential of this new domain of warfare. and post their own messages. pundits at The New York Times and other publications dismissed the digital assault on the tiny nation as much ado about nothing. but in public forums they hinted at their intentions. Woodcock hoisted his laptop into the air. Still. flipped open his PowerBook G4. Lindqvist grabbed an Oreo off the counter. and communicate information. Lindqvist. Africa.
more destructive and far more vicious than it would have been had the US been prepared. the breakdown of one system would compound the effects on another. Military technologies and techniques can develop with distressing speed: In 1918. ranging from the foreign ministry to the major banks. If the US vigorously pursues offensive and defensive e-war capabilities but the skeptics turn out to be right. in an all-out conflict.000 packets per second. the more complex our society becomes. and the economy froze. the current asymmetry between the no-holds-barred approach to cyberwar embraced by potential enemies and our own insistence on confining all forms of warfare within antiquated laws would put us at a painful disadvantage in a conflict’s opening phase. citizens panicked. we will have wasted only time and money. the greater its inherent vulnerabilities (a law that software writers certainly understand). a mere quarter-century later. What they found was a botnet comprising mostly hijacked computers in the US. The rest of the war would be longer. digital attacks would not occur in a vacuum. the media. Their goal was to block traffic before it could enter Estonia’s major international connections. a retired Army intelligence officer. Beijing would also attempt to physically destroy the satellites our forces rely on to communicate. The enemy’s goal would be to pressure Washington into an early settlement that amounted to a de facto surrender. we might face a devastating surprise attack. informational dependencies and e-attack methodologies are advancing exponen- tially. as America’s most-advanced military systems failed. Immediately. a 200-fold surge. Globally. Still. government services. and guide precision weapons. ralph peters. by 1943. the Chinese would combine virtual destruction with actual destruction. In theory. his most recent is Wars of Blood and Faith: The Conflicts That Will Shape the 21st Century. As Aarelaid identified a specific address. those rickety World War I airplanes were little more than romantic irritants. Traffic coming into Estonia was average for this time of night—about 20. Woodcock and Lindqvist sent rapid-fire emails to network operators throughout the world asking for the IP to be blocked at the source. The first wave of attacks had died down over the previous two days. But Americans are far tougher than commonly perceived—after all. Tomorrow could be different. It was a larger-scale version of what had happened to the Postimees. At exactly 11 pm. except that the entire country’s bandwidth capacity was being squeezed. they picked off the bots. while you may hope for the best. One by one. Chinese military theorists like the infamous colonels Qiao Liang and Wang Xiangsui were already hinting at the importance of simultaneously striking multiple infrastructure layers in a confrontation with the US. Aarelaid and his team started chasing the sources upstream. Everything looked normal on the networks.The cyberattacks were sparked when Estonian officials decided to move a statue commemorating Russian war dead to the Tallinn suburbs. you had best prepare for the worst (a principle violated. in Iraq). is the author of 22 books. Internet traffic | continued on page 182 systems meant to defeat Soviet tank armies. not Russian e-brigades. find the enemy. Finally. communications. To borrow a line from Frank Zappa. and by dawn they had deflected the attackers. but we’d pull through. Estonia was slammed with traffic coming in at more than 4 million packets per second. Maybe the online chatter about an attack that night was a hoax—maybe nothing would happen.” A well-prepared. A decade ago. nearly 1 million computers suddenly navigated to a multitude of Estonian sites. Whether attacking military targets or civilian systems. A basic military law is that all weapons are most effective when used in incisive combinations with others. In a major war. A digital assault today would outrage and inconvenience Americans. resourceful opponent could create an atmosphere of collapse. history’s greatest losers are those who bet against the US. Second. But if the US doesn’t prepare and those who dismiss the digital-warfare threat are wrong. And the pace of technological change today is considerably greater than it was in the 1920s and 1930s. Pearl Harbor might look like “strictly a pup-tent affair. and the crippling of energy. and health care and finance systems would interact in a downward spiral. The military maxim that applies is that. sep 2007 1 6 9 . long-range bombers were flattening entire cities. fatally.
sowing discord and new distrust between states and people. “It is an unimportant example. Red Square was cordoned off. the equivalent of the West Wing.Web War I continued from page 169 into the country hovered just above normal. Patrik. He will identify weaknesses. From the beginning. He has performed what is known as an SQL injection attack. and real. The attacks shut down the opposition Web sites just as government authorities 1 8 2 announced a change in venue for an upcoming opposition rally. “Did you offer to help fix R2.” It wasn’t the first time the Russian government had been accused of being involved in a large botnet campaign. Kasparov had difficulty informing his followers of the change. he says.” Aarelaid says. I ask if he has offered this support to Estonia.ee. Arbor Networks. anxious 21year-old named Emin Azizov. and he navigates to R2. He tells me that he has just started a new company that will help system administrators assess the vulnerability of their sites.) Denis Bilunov. He isn’t with the magazine but says the editor has sent him to see me and explain exactly what happened to Estonia. some of the attacking computers were located in Russia. “I didn’t have any interest in it.” he had said in a statement a week earlier. Aarelaid continued his blocking efforts even as the Russian government denied involvement in the offensive. the infected computers abandoned the attacks and reverted to more traditional botnet pastimes. Alexey Salnikov and Valery Yashenko have recently hosted an international conference focusing in part on Internet security. attackers replaced the homepage with the phrase “Hacked from Russian hackers. He agrees. “Those who are trying today to … desecrate memorials to war heroes are insulting their own people.ee?” I ask. and now it appears they have attacked Estonia. nor do I have the slightest intention of studying it. It was not about money. a similar assault had been launched against an alliance of Russian opposition parties led by chess grandmaster Garry Kasparov.” But the Russian government showed little interest in tracking down the culprits. Yashenko explains that the institute represents the Russian government on all scientific Internet issues and advises the Kremlin on matters of cyberterrorism. he was arrested for leading an illegal rally. “There is a specific department within the FSB—the successor to the KGB—that specializes in coordinating Internet campaigns against those they consider a threat. had been accusing Putin’s administration of direct involvement. can disrupt the routine functioning of commerce. as he just has with R2. sep 2007 . The bots appeared to have been set to run for exactly two weeks. a security firm that tracks international DDoS attacks. but when I show up at the restaurant on Bolshaya Lubyanka Street. he could take over the site entirely. With one more keystroke. “Why are you showing me this?” I ask. psychological. “They have attacked Chechen rebel sites.” he says. media. This veiled threat came as yet another 58 separate botnet attacks rained down on Estonia over the course of the day. and offer to fix them—for a price. an Estonian radio station. He watched the hackers formulate their plans in public and private chat sessions and emphasizes that it was not coordinated by the government. Its first roundtable: counteracting cyberterrorism. and on at least one Estonian site. Estonia’s foreign minister. just a few weeks earlier. Estonian officials say. He responds that he was too busy with other projects. “I was very.” He goes on to explain that no country can protect itself from cyberattacks on its own.” he says. Azizov insists that he did not participate in the Estonian assault.” Putin proclaimed to the troops. These were simply hackers whose fathers and grandfathers had made huge sacrifices for Russia during World War II. If so. he smiles and tilts the screen toward me. Urmas Paet. very lucky that Kurtis. was able to identify overlap between the networks involved in both attacks. including. on their own. We walk to a nearby park and sit on a bench. With his Web site down. It connects to the Internet via cellular card. the executive director of the United Civil Front. Azizov begins by saying that he has closely followed the attacks against Estonia. one in Putin’s presidential administration office. After a few keystrokes. (At wired’s request. I ask him what he knows about the cyberattacks against Estonia.” In mid-May. There was plenty of evidence suggesting a clear Russian agenda in the attacks: Russian-language bulletin boards exhorted readers to defend the motherland. these hackers represent a stateless power—a sort of private militia. So in late June I head to Moscow to find out what I can. like spamming and extortion. Kasparov’s party. fighter jets streaked through the cloudy skies while 7. wasn’t surprised. The appearance of Russian IP addresses nevertheless incensed the Estonians. It was about Russian pride. We sit down beneath a photo of Putin in Yashenko’s large office. I find instead a skinny. Then he tells me that 80 percent of Estonian Web sites are vulnerable to attack and offers to show me how. If that is the case—if Azizov isn’t trying to cloud the issue—the implication is perhaps more troubling. There is an error message. a small Russian-language publication that claims to represent the hacker community. I make an appointment to meet the vice directors of the Institute of Information Security Issues at Lomonosov Moscow State University. “The European Union is under attack.ee. Part of the botnet that attacked the opposition Web sites was soon redeployed to assault Estonia. As the sun rose in Moscow that morning.000 Russian soldiers marched past President Putin to celebrate Russia’s victory over Nazi Germany. But those computers were most likely hijacked in the same way US machines had been taken over—when their users opened an infected attachment or visited a site that automatically installed malware. “The attacks are virtual. and government any time they want. We move to a coffee shop so Azizov can plug in his Alienware laptop. After that. Soon. In fact. because Russia is attacking Estonia. and Bill were here. the major botnet attacks stopped as suddenly as they started. and ask to meet with its editor. The botnets involved—which are usually rented for criminal purposes—were in this case dispatched for free. and when they massed at the originally announced location. It suggests that there is a group of Russian hackers who. us. I contact Hacker. True. There needs to be broader international cooperation.
| continued on page 192 The Science of Play continued from page 147 to hit home. all the dots are clustered in tight bunches.” says Frank O’Connor. “Attacking us is one way of checking NATO’s defenses. That area wasn’t even supposed to be accessible to players. is an experience that keeps players in a “flow” state—constantly surfing the edges of their abilities without bogging down. and it’s perfectly linear. jumped into another one. The vastness of the game’s geography means that gamers can replay each battle several times. Enormous battlefields also create lots of places where things can go wrong—areas where players can get bored. but it can destroy everything. In this new world of Internet warfare. or killed. the designers must subtly direct player movement by altering the world in small ways. But though expansive levels may be one of the keys to Halo’s appeal. armies will be replaced by badminton-loving geeks. trying several radically different ways to fight through it. after the fix was implemented— and sure enough. Players were simply baffled about where to go. It worked. At 63. He then placed the second lift on the ledge and used it to bounce up even higher. the problems they cause go well beyond graphics. “They’re the best in the world.” Today. information warfare is a similar deﬁning moment in world history. A bunch of Gravity Lifts were scattered around the bottom. “People were lost. It doesn’t have the eye-popping verisimilitude of.” Pagulayan says. The international community would have to rely on the already established community of the Vetted. holding it. The flow comes from constantly discovering innovative ways to solve these open-ended problems.” Halo 3 is a vibrant. on it are superimposed the locations of about 30 testers after half an hour of play. The dots are scattered throughout the terrain. Ergma understands this. she leans toward me in her gilded office in the parliament building and says that she suspects the attacks were a test. is inaccurate. so why not hire them? Maybe Estonia was simply an advertising campaign. it first showed up in testing of the beginning Jungle level. executive producer Jonty Barnes watched a tester run around in a multiplayer level of Halo 3 that’s constructed like a deep canyon.” � Contributing editor joshua davis (www. They like to note that Gears of War— like most of today’s shooters—takes place mostly in narrow corridors with only a few enemies at a time. is bad: It means that people were wandering aimlessly instead of progressing through the level.He smiles awkwardly and says that he hasn’t.” she says. The ideal in gameplay. This. Many critics have made this same comparison. but it’s also a bit cartoony. launching himself up onto a high ledge. Pagulayan pulls up an early map of Jungle.” To solve such problems.joshuadavis. “Like nuclear radiation.” An alliance. They could examine the alliance’s readiness under the cover of the statue protest. “Estonia is a NATO country.” he says. he says. “There wasn’t much deep analysis to do here. in contrast. with dozens of alien enemies swarming onscreen at once. one of the writers tasked with scripting the story line in Halo 3. “When I look at a nuclear explosion and the explosion that happened in our country in May. a hint of pride in his voice. many Bungie designers will tell you. and the engineers are going.07. This spring.” she says. so its makers can lavish attention on every square foot of space. They can’t raise an Internet army from scratch. cyberwar doesn’t make you bleed. “But that’s what you get when you set people free in your world. “So he’s up running on the canyon ledge. however. because the key element in defending against botnets is a network of trust. In this case. this means that players will sometimes surprise game designers by doing things even they never thought of. And they’d have a hard time ﬁghting back: Since governments don’t control the Internet. 1 8 4 laughs. This way people can’t go backward. is like a combination of architecture—constructing environments that influence the behavior of people inside them—and designing a new sport. landing on the top rim of the canyon. For her. and it’s a sore point among some Bungie designers.” The implication: Clearly you want them on your side. they decided to change the geography of the Jungle level so that in certain places players had to jump down a steep ledge to reach the next area. could not use the siege defense that Estonia initially employed—the NATO countries can’t all cut themselves off from the world. Gamemakers have to devise a system of rules and equipment that gives players a few basic goals and then allows them to find their own ways of achieving those goals. the speaker of the Estonian parliament looks like she’d be as comfortable driving a tank as playing with the grandkids. Creating a game. She spent years studying nuclear energy and watched the world transform as it wrapped itself around the advent of nuclear technology. Ene Ergma is a formidable woman—tough and smart. they can’t effectively ﬁght such a war on their own. A movie is static. Of course. Gears of War. say. because they can’t climb back up the ledges. Modern videogames are often compared to Hollywood movies. She has a PhD from Russia’s Institute of Space Research. but the comparison. It also means that Bungie’s designers have to spread the Xbox 360’s processing power around more thinly. how the hell did that happen? Do you know what kind of bugs this is going to cause?’” Barnes SEP 2007 . Then the tester got a clever idea: He grabbed one lift and. This has been one of the main challenges facing Halo 3’s designers. ‘Christ. Halo 3 is set in sprawling outdoor levels. stuck.net) wrote about Linux pioneer Hans Reiser in issue 15. a rival Xbox 360 hit from Epic Games that dazzled fans last winter. he seems to have a suspiciously intimate knowledge of the Estonian attacks. “You sit there and absorb it all in a single two-hour shot. right where they are supposed to be. I see the same thing. After all. “Russian IT specialists are knowledgeable and experienced enough to destroy the key servers of whole states. and the player was bouncing from one to another. where she wrote a dissertation titled “Unstable Thermonuclear Burning at Late Stages of Stellar Evolution. the goal every developer aims for. beautiful game. In the lab. Pagulayan shows me a map from the next testing round. I ask him why anyone would trust him.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.