Cyberattacks during the Russo-Georgian war

From Wikipedia, the free encyclopedia
Jump to: navigation, search

During the 2008 South Ossetia war a series of cyberattacks swamped and disabled websites of numerous South Ossetian, Russian, Georgian, and Azerbaijani organisations.[1]


On 5 August 2008, three days before Georgia launched its invasion of South Ossetia, the websites for OSInform News Agency and OSRadio were hacked. The OSinform website at kept its header and logo, but its content was replaced by a feed to the Alania TV website content. Alania TV, a Georgian government supported television station aimed at audiences in South Ossetia, denied any involvement in the hacking of the websites. Dmitry Medoyev, at the time the South Ossetian envoy to Moscow, claimed that Georgia was attempting to cover up information on events which occurred in the lead up to the war.[2]

One such cyber attack caused the Parliament of Georgia and Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian president Mikheil Saakashvili to Adolf Hitler.[3] Other attacks involved denials of service to numerous Georgian and Azerbaijani websites,[4] such as when Russian hackers allegedly disabled the servers of the Azerbaijani Day.Az news agency.[5] The governments of Estonia, Ukraine, and Poland offered technical assistance and mirrored web pages for Georgian websites to use during the attacks.[6][7][8]


While claimed that Russian intelligence services conducted the denial-of-service attacks (DDoS) on Georgian informational and governmental websites through a proxy in this period,[5] the Russian government denied the allegations, stating that it was possible that individuals in Russia or elsewhere had taken it upon themselves to start the attacks.[4] Others[who?] asserted that the St. Petersburg-based criminal gang known as the Russian Business Network (RBN) was behind many of these cyber attacks on Georgian and Azerbaijani sites,[9] as it was for the attacks on Estonia in 2007.[10]

In 2008, Gadi Evron, the former chief of Israel's Computer Emergency Response Team, believed the attacks on Georgian internet infrastructure resembled a cyber-riot, rather than cyber-warfare.[11] Security researchers from Greylogic concluded that Russia's GRU and the FSB were likely to have played a key role in co-coordinating and organizing the attacks.[12]
Both these viewpoints are valid according to research by John Bumgarner a former intelligence officer and member of the United States Cyber Consequences Unit (US-CCU).[13] Bumgarner’s research concluded that the first-wave of cyberattacks against Georgian targets were synchronized with Russian military operations and that a second wave was conducted by Russian sympathizers.[14][15]

See also[edit]