Forward Observer

By Sean Gallagher

Blog archive
Sean Gallagher

Russians claim innocence in DOD cyber attack

The Russian Foriegn ministry has formally denied allegations that the Russian government was directly or indirectly involved in the cyber attack on Defense Department computer systems.

In a Nov. 28 article citing anonymous DOD officials, the Los Angeles Times reported that the virus attack, which struck hardest at computer networks in Iraq and Afghanistan, was believed to have originated in Russia. U.S. News and World Report, citing other anonymous DOD officials, said the finger was pointed at China.

The virus — which may or may not be the reason for the reported ban on removable media — by some reports may have affected as much as 75 percent of computer systems at one Afghani base and was reportedly tailored to go after military networks. ZDNet security blogger Adam O'Donnell, who is also director of emerging technologies at messaging security vendor Cloudmark, said that "signs point to state rather than non-state actors."

In its official statement, the Russian Foreign Ministry said, in dismissing accusations that it had been involved with the cyber attack on DOD, on those on Estonia in 2007 and on Georgia during the Osetia crisis this year, "With global informatization and a growing common threat to all of the use of information-communications technology for hostile purposes, such ‘pitches,’ besides being unproven, are irresponsible."

Regardless of protests, it's clear that someone in Russia was involved in the cyber attacks on Georgia this summer — the command and control server for the Distributed Denial of Service (DDOS) attack on the Georgian president's Web site was well known from previous attacks, and shared a Domain Name Service server with a DDOS attack-on-demand provider, Loads.cc — tied to the Russian Business Network, a cybercrime organization that began as an Internet service provider based in St. Petersburg. By some estimates, the RBN is involved in 60 percent of Internet criminal activity, and its founder allegedly has family ties to a high-ranking Russian politician.

Posted by Sean Gallagher on Dec 05, 2008 at 8:12 AM


Reader Comments

Wed, Dec 10, 2008 GuyWhoReads

If you read the article, it attributes the attack to a cybercrime organization whose founder has ties to a Russian politician. Its not unlikely that the Russian government requested this, with the expectation that it would either not be traced, or that if it were they could just blame it on criminals (ye olde plausible deniability). A great way to counterattack would be to get the personal email addresses of the crime bosses and the politican and provide them to people selling "enhacement" pills and Albanian lottery tickets, to officials of the Nigerian government trying to move funds out of the country, and so on.

Wed, Dec 10, 2008 Billy The Great USA

Naive? Why would the US attack its own defense network in an active theater? We have test environments for that. My question would be how Cyber Command is planning on an offensive, not for revenge, but in order to take an aggressive stance and show that we can bring down systems as well.

Sun, Dec 7, 2008 Edward Moscow

Allow me smile - very naive text. Let's put itself to the place of those who has organised it if they were from Russia. Certainly, the trace would conduct to the USA or Nigeria. I can assume that attack was spent as training by corresponding American divisions.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Forward Observer Blog

  • Gates’ budget proposal boosts C4ISR, keeps FCS network

    Defense Secretary Robert Gates recommended in his 2010 budget proposal an additional $2 billion for C4ISR, and also a significant restructuring of the Army’s Future Combat Systems program to enhance ground surveillance capabilities. Apr 15, 2009 More

Defense IT Contract Guide

Defense Systems eNewsletters

eSeminar

  • Where Cyberwarfare and Cybersecurity Meet

    We invite you to attend the third event in this three-part series on Cybersecurity. 1105 Government Information Group will present a panel of government and cybersecurity experts, including Jeffrey Carr, cyber strategies consultant and author of Inside Cyber Warfare; Dean Lindstrom, strategic cybersecurity architect and CEO of Cyberström LLC; and Dr. George Stein, director of the Cyberspace and Information Operations Study Center, Air War College, U.S. Air Force, in this editorial webcast on Tuesday, April 13 at 11 a.m., where they will discuss the cyberwarfare threat to both industry and government, as well as strategies to consolidate the wider cybersecurity mission. Read more

Highlights from the current issue