Russian hacker 'militia' mobilizes to attack Georgia
Security researchers Tuesday disputed claims that a well-known Russian hacker hosting network is responsible for cyberattacks against sites belonging to Georgia, the former Soviet republic that has been battling Russian military forces since Friday.
Rather than blame the notorious Russian Business Network (RBN) -- as researcher Jart Armin did over the weekend -- other researchers said Tuesday that it appears the attacks originated from a "hacker militia" of Russian botnet herders and volunteers.
"They mobilize themselves without a need for a central location to do so, distribute the targets, discuss the attack approaches, come up with a plan on the coordination, and you have everyone participating," Bulgarian security researcher Dancho Danchev said in an instant messaging interview early Tuesday.
Danchev and others have found evidence that points to a self-starting militia composed of volunteer hackers and cyber criminals who control large-scale bots, or collections of previously-compromised computers, as behind the escalating attacks that have knocked Georgian sites offline.
"A lot of it started with posting on blogs," said Kimberly Zenz, a senior threat analyst with VeriSign Inc.'s iDefense. "A bunch of youth groups posted something that was almost a manifesto that called on supporter to 'wage an information war' against Georgia."
That call to arms was only one of many, said Zenz and Danchev, both whom noted similarities to the attacks against several hundred Lithuanian Web sites early last month.
But while the forces assembled only appear to be uncoordinated to the untrained eye, they are in fact very coordinated, both researchers argued. In a lengthy blog post on ZDNet, Danchev spelled out the coordinated steps that someone -- or some group -- took to rally the hacker troops and turn them against specific targets.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
Georgia
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
