Information Warfare: The Russian Cyber War Army Attacks

Archives

November22, 2006: There have been two recent example of Cyber War, just to show us all what weapons are actually in use and what they are capable of. In the Central Asian nation of Kirghizstan, the areas 400,000 Internet users were knocked off the net for several hours by a DDOS (Distributed Denial of Service) attack. The attack came from outside the area, and was apparently arranged by the Kirghiz secret police, in an attempt to disrupt pro-democracy groups that are trying to get some honest elections.

The Kirghizstan attack apparently was actually a minor operation compared to what Russian Cyber Criminals have, over the past few weeks, done to cause a noticeable increase (67 percent since August) in spam (especially emails touting thinly held, low price, stocks, for what is called a "pump and dump" scheme.) This flood of spam was delivered by a botnet of some 73,000 PCs, secretly infected with software that enables the crooks to take over the infected PC and use it for sending spam (over a billion emails a day), or launching DDOS attacks. This particular botnet (called SpamThru by its owners) has taken control of PCs in 166 countries, although about half of them are in the United States. This botnet also takes pains to seek out and delete botnet software from other criminals, in PCs it has infected. PCs with fast Internet connections are the most prized, and apparently the criminal gangs are now fighting each other for control of the fast PCs.

All this represents the same tools and tactics a military organization would use to create and maintain a botnet for war time use. The Russian government has recognized the danger, to everyone, that these Cyber Criminals represent, and has become less tolerant of them. However, it is also suspected that the Russian government may be making cooperation deals with some of the Cyber Criminal gangs, in order to obtain their technology for military use.