2008 - Year of the first cyber-war?

The concept of an attack by one nation on another seems on the cusp of being redefined.

In the past, wars have started when one country physically threatens or attacks another. But what about electronic attacks on computer systems and infrastructure?

During May of 2007, the small country of Estonia was the subject of a sustained 'cyber-attack' which lasted for three weeks. The government reported that a number of state run banks and government ministries had their websites and other computer systems attacked. It's believed that part of what may have provoked the attack was the removal of a war memorial statue of a Soviet soldier from a location in central Tallinn, the capital of Estonia. While no person or organisation claimed responsibility, the attacks came from computers located around the world - but some, claimed the Estonian government, came from systems run by the Russian state. Regardless of who is responsible, this appears to be the first acknowledged large scale co-ordinated attack on electronic systems owned and operated by a nation.

How was Estonia attacked?

The Estonian attacks were reported to be what is known as a Distributed Denial of Service attack (DDos). In some ways, DDoS is primitive, but it can be very effective in disrupting communication. The basic concept is to 'hit' a website many times, overwhelming the ability of the website to respond.

What is a Denial of Service attack?

To explain clearly to those who are not experts, any computer system has a finite ability to respond to requests for information. A bank, for example, operates a website through which it's customers are able to pay bills and perform other transactions. Each time a customer a customer accesses a web page is a 'hit' on that page - and the bank's computers must respond by sending back information across the internet to the customer who has requested it. Each 'hit' or request for information from a website is a drain on the resources of the computer system on which the data is stored.

While the IT managers at the bank have probably done their best to set up a system capable of dealing with peaks of demands from their customers - they will grind to a halt or fail alltogether if they are overwhelmed by an amount of requests far above the peak load which has been planned on. This is why an attack of this kind is called a Denial of Service - by sending a huge amount of requests to the system, it prevents it's normal functioning and 'denies service' to legitimate users. The term 'Distributed' Denial of Service attack refers to the fact that the requests made to the computer system do not need to come from one 'attacking' computer - they can come from anywhere.

In the case of Estonia, no physical damage occured as a direct result of the DDoS attack. However, if we were to compare the effectiveness of such an attack in a pre-internet world it would be roughly equivalent to shutting down all the banks by phoning up and telling them all that there was a bomb on the premises.

Banks were not the only targets in the Estonian attack - government websites, political parties, news organisations and communications providers were victims as well.

Many unfamiliar with Estonia may be tempted to believe that the country is a relatively poor former satellite state. However, the nation is an internet pioneer. Wifi access is widely available and a large proportion of the population do their banking online - many government services are web based.

What other types of computer attacks are possible? Read on to find out more...