Case Studies Information Warfare and Cyber terrorism

Case Studies: Information Warfare and Cyber terrorism

HSM/438

Case Studies: Information Warfare and Cyber terrorism

Who was the victim of the cyber terrorism or information warfare campaign? Case Study 1: Russian denial-of-service attack on the country of Estonia in 2007 Computer networks in the tiny Baltic country of Estonia were disabled two years ago in a cyber attack similar to the one that knocked out Web sites in South Korea and the U.S. on Wednesday. “According to Associated Press (2009)”, Estonia jammed In April and May 2007, hackers unleashed a wave of cyber attacks that crippled dozens of government and corporate sites in Estonia, one of Europe’s most wired countries. Estonian authorities traced the so-called denial of service attacks to Russia, and suggested they had been orchestrated by the Kremlin a charge Moscow denied. The online assault followed Estonia’s decision to move a Soviet World War II memorial from downtown Tallinn on April 27, 2007, sparking furious protests from Russia’s government and rioting among Estonia’s ethnic Russian minority.

Experts said hundreds of thousands computers were used in a coordinated attack against government agencies and banks. (Associated Press, 2009). Government of Estonia, stills puts the blame on Moscow for the attacks, and claims made later during the situation is stated that some individuals of Russian associates has said they where the responsible one for the attacks, but there is no true credibility from my research however some sources involved in research said it is enough to go on.

Case Study 2: Cyber attacks during the 2008 South Ossetia war between Georgia and Russia: Hoffman (2008), Georgian Internet became the target of a coordinated cyber attack, which compromised several government Websites with defacement and Denial of Service attacks, crippling the nation’s ability to disseminate information. Georgian President Mikheil Saakashvili’s site was defaced, integrating his image with those of Hitler. The sabotage was followed by a DDoS attack that left the presidential site inaccessible. (para. 1-2). Cast Study 3: US State Department Compromised Computers in the East Asia Bureau in July 2006. The victim in this case study appears to have been the United States, state department network system. Their unclassified network where they send emails. It was a system implemented so that each employee and contractors had the ability to use the internet to conduct work send and receive information by email. The Reid (2007) the security strategy, which we call “Defense in Depth,” provides the Department multiple levels of defense and protection through a matrix of operational, technical, and managerial security controls. We focus on identifying and mitigating emerging threats because of our overseas exposure.

Who was the aggressor in the cyber terrorism or information warfare campaign? What type of cyber attack occurred? (E.g. virus, malicious code, denial-of-service, hacking, etc.) Case Study 1: “According to Stapleton-Gray, R., & Woodcock, W, 2011”. The first was an attack on Estonian Internet infrastructure and Web sites in May and June 2007. An attack on Estonian Internet infrastructure and Web sites began at 11 p.m. local time, midnight Moscow time, Tuesday, May 8. The attack was effectively mitigated by 7 a.m. the following day but continued to be visible traffic logs for exactly 30 days thereafter. That time period, together with the fact that the attacking botnets’ signature was identical to that used in prior Russian Business Network spam sending. Like many politically motivated attacks, it combined a distributed denial-of-service (DDoS) attack against Internet infrastructure with DDoS and attempted defacement attacks against the Web sites of Estonian banks, media outlets, and government. (Stapleton-Gray, R., & Woodcock, W, 2011).

Case Study 2: The attacks of Cyber attacks during the 2008 South Ossetia war between Georgia and Russia according to my research is consider being a hactivism to cyber attack that occur. These attack it that similar to the previous case study in this paper. The case study of Russian denial-of-service attack on the country of Estonia in 2007. These types of cyber attacks many stated that in order them to be ultimately control personal has to implemented some sort of protection system. Meaning overall investing more secure services so that as challenges continue to move forward and the more that information is control through computer systems, the more vulnerable information is at risk.

Case Study 3: US State Department Compromised Computers in the East Asia Bureau in July 2006. In this case study cyber intrusions occur. “According to Reid (2007)”, in late May 2006, a socially-engineered e-mail was sent to an employee in the East Asia Pacific region. The e-mail appeared to be legitimate and was sent to an actual Department e-mail address. The e-mail contained a Word document attachment of a Congressional speech on a topic germane to this region of the world. Later analysis confirmed the attachment contained exploit code hidden within a known Microsoft application that took advantage of a vulnerability for which there was no readily available patch. Once the recipient clicked on the attachment the embedded malicious code established backdoor communications outside of the Department’s network via a Trojan Horse.

What has the victim (country or person) done since the cyber attack to prevent similar attacks from occurring, in the future? Case Study1: “According to stapleton-Gray, R., & Woodcock, W (2011)”, The attacks had far-reaching consequences in Estonia and beyond. They prompted NATO to enhance its cyber-war capabilities and to establish the alliance’s cyber defense research center in Tallinn in 2008.They also motivated Estonia to call on the European Union to make cyber attacks a criminal offense. Earlier this year, the FBI said it will permanently base a computer crime expert in Estonia to help fight international threats against computer systems also a direct consequence of the cyber attacks in 2007.

Case Study 2: The attacks ultimately prompted the Georgian governmental sites to switch to U.S. based hosts, while Georgia’s Ministry of Foreign Affairs moved to a blogspot account. (Hoffman, 2008). I assume with this type of switch, it allow government to have a more control over what is going on. It may not be able to prevent all attacks but at least it is better monitor. I state this from the story that I read on the case study. So far in my research Case Study 1 and 2 are very similar. They both were at risk to cyber attacks, mainly it seems because their systems where not well protected from individuals to attack their information. This likely was due to not wanting to invest in the necessary government protected and computer protected require controlling and keeping a look out for these types of acts. Lack of communication and education cause these two case studies to be at risk.

Case Study 3: US State Department Compromised Computers in the East Asia Bureau in July 2006 Since this incident occur, the United States took many actions with the help of the FBI, Task Forces and other government agency to have a 24/7 operation at all times, as well they incorporate “tripwires” for disconnecting posts from the Internet if the activity got more daring, especially if data was being stolen. (Reid, 2007). In all three case studies what is in comparison of all three, was the fact that individual as we see today, challenges the computer systems for their own well doing for whatever reason. In the first two case studies, it apparently seem to due to disagreements and trying to get back by causing these cyber attacks. In the third case study it is still similar because someone had some motive against United States. I believe it is critical to use all force necessary against cyber attacks. In case study three the United States was very successful in protectioing their information that was intruded on, as mention not only was this handle fast and effectively, they where , and did destroy all necessary information on target. They did not wait to make any moves in this cyber attack and this makes this case study number three stands out among the first two. Having a good strategic planning is where this begins, implementation, security, and monitoring is how to protect these cyber attacks both present and for the future.

References

Associated Press. (2009). A look at Estonia’s cyber attack in 2007 . Retrieved October 13, 2012 from http://www.msnbc.msn.com/id/31801246/ns/technology_and_science-security/t/look-estonias-cyber-attack/

Hoffman, S. (2008). Russian Cyber Attacks Shut Down Georgian Websites. Retrieved October 13, 2012 from http://www.crn.com/news/security/210003057/russian-cyber-attacks-shut-down-georgian-websites.htm

Reid, D. (2007). Response to May-July 2006 Cyber Intrusion on Department of State Computer Network. Retrieved October 15, 2012 from http://2001-2009.state.gov/m/ds/rls/rm/83256.htm

STAPLETON-GRAY, R., & WOODCOCK, W. (2011). Communications of The ACM. Retrieved October 14, 2012 from http://web.ebscohost.com.ezproxy.apollolibrary.com/ehost/pdfviewer/pdfviewer?sid=0d7e4297-cf95-4eb1-85f2-4480b954c6e8%40sessionmgr104&vid=7&hid=113