http://www.cbw.cz/phprs/2007061112.html By Pavla Kozkov 11.06.2007 Not so long ago Estonia made the headlines as the first country to hold its national elections via Internet. Now the country has taken center stage due to a different but much less pleasant first, and one which could hit closer to Czech homes than Czechs would like. Estonia is one of the most advanced countries in its use of Internet and e-government in Europe. An attack on its virtual world hit society where it counts the most. Estonia, which became independent of the former Soviet Union in 1991, pulled down a bronze statue of a Red Army soldier in the center of the capital city of Tallin at the end of April. The move provoked strong words from Russia and the largest riots among the Russian minority in Estonia since the collapse of the Soviet bloc. During the protests some 1,300 people were arrested, 100 injured and one person killed. The political row escalated in May when Estonia endured a two-week cyberwar that disabled Web sites of government, political parties, newspapers, banks and companies. The damage caused by the shutdowns hasnt been calculated yet. These attacks are the first known incidence of an assault on such a wide scale and caused alarm across the countries of North Atlantic Treaty Organization (NATO), which is examining the offensive and its implications. NATO even sent some of its top cyber-terrorism experts to the Estonian capital to investigate and strengthen the countrys electronic defenses. While no one is pointing fingers openly at Russia, all heads are turned in that direction. So far there has been no proof of Russias official involvement. The hackers have been disrupting Estonian Web sites using distributed denial of service attacks (DDoS), which swamp Web sites with tens of thousands of visits. The huge number of visits exceeds the capacity of the server and disables the sites. Estonian authorities claimed that one of the addresses sending the DDoS belonged to an official who works with Russian President Vladimir Putin, but the Russian government denied any involvement. According to online publication Boing Boing, a Russian youth group called Nashi, which has strong ties to Putin, claimed responsibility for the attacks. Whether it is the Russian state or some patriotic group that orchestrated this cyberwar isnt as important as that it alerted attention to possibilities and ramifications of Web aggression. The Czech angle The second largest city in the Czech Republic, Brno, South Moravia, is considering removing a memorial above the tomb of Red Army soldiers in Brnos district Kralovo Pole. The Russian general consulate in Brno already stated it would consider the removal of the memorial as a breach of interstate treaty and as a hostile step. The debate was started by Brno Deputy Mayor Ren Pelan who, in the district newsletter, called the structure a monster. The monument is shaped like a stone pyramid with a Cyrillic inscription saying that 326 Red Army soldiers, who died during Brnos liberation in 1945, are buried there. At the base of the monument is a flowerbed thats supposed to symbolize a grave. Pelan wants the space cultivated and proposed removing the memorial and replacing it with an irregular piece of rock. The new stone monument would bear the inscription to the memory of all victims of World War II, he suggested. It would make no specific reference to the Red Army. The Russian consulate said that victory in World War II was attained at the cost of huge Russian sacrifices, and thats why the attempts in a number of countries to rewrite the history of the war and to distort the importance of the victory are absolutely unacceptable. The consulate, however, said that it believes that the Czech Republic is not trying to rewrite the history, according to the Czech News Agency (CTK). Estonias lesson The events in Estoniataken seriously, not only by the country directly affected, but also by NATO officialsgives Czechs and other nations a flavor of what might happen if they anger another state. The memorial is scheduled for repair this year and apart from cleaning up the obelisk, it will get back the Russian symbols of a hammer and sickle, according to an agreement between the Ministry of Defense and Brnos City Hall. The symbols of the communist Soviet Union were originally part of the memorial and will most likely return, despite the protests from leaders in the Kralovo Pole district. This should serve to make the Russians happy. But there is another issue that for the past couple of months irks the Russians to such degree that they stated they would be willing to point their missiles at the Czech Republic: the U.S. radar base. The first round of the Czech-U.S. talks on the possible hosting of the U.S. radar base in the Czech Republic were completed in May. The talks are expected to last another several months but Russia is coming up with strongly worded comments on the issue almost daily. While so far the threats circle around the use of the conventional, old-fashioned missiles, the Estonian experience shows a way that countries can express dissatisfaction and cause damage without reverting to brute force. What would be the effects of such a shutdown in the Czech Republic? Even though the country isnt very advanced in e-government services yet, a cyber attack on the government Web sites would still result in significant inconvenience for officials and citizens. The attack could shut down portals for Web applications such as public transport schedules, for example. Shutdowns could also affect advertising income for portals. The effects of such a shutdown would be equally lethal for a company that generates its sales revenues from business deals closed solely on the Internet, such as Internet shops. The Czech largest online retailer in terms of revenue Internet Mall posted its sales exceeding Kc 1.37 billion ( 48.5 million) in 2006 and one day out of operation might cost the company almost Kc 3.8 million in lost revenues. The amount, naturally, would be lower for slow seasons such as summer and higher for high seasons such as December holidays but it gives us an idea what the cost of even a limited cyber attack could be. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jun 12 2007 - 00:09:37 PDT