• United States



by Dave Gradijan

With Trials Beginning, Another Estonia Cyberattack

Jan 17, 20082 mins
CSO and CISOData and Information Security

With the trial starting for four ethnic Russians charged in connection with rioting last year, the Estonian news site has weathered a two-week-long denial of service attack.

The attack, which ended Tuesday, was minimally disruptive, according to Hillar Aarelaid, manager of Estonia’s Computer Emergency Response Team (CERT). He described it as an “ordinary DDOS” (distributed denial of service) attack in which the news agency’s servers were flooded with Internet traffic, in an attempt to crash them.

“Minimum assistance was needed from our side” to deal with the attack, he said in an e-mail interview.

DDOS is one of the techniques used in May 2007 during a widely publicized — and far more widespread — assault on computer systems in the tiny Baltic nation. Unlike last year’s attacks, there were no political messages published in coordination with the attacks, Aarelaid said.

The May 2007 attacks came after Estonian officials decided to relocate the statue of a Red Army soldier erected during the Soviet era, leading to protests from ethnic Russians angered by the move and by the destruction of the graves of Russian soldiers.

Estonian authorities were quoted in the media saying that the cyberattacks were traced to government servers in Russia, causing the attacks to be viewed as cyberwarfare. At one point NATO (North Atlantic Treaty Organization) weighed in on the issue, saying that “tensions over the Soviet war memorial and graves in Estonia must be resolved diplomatically between the two countries.”

Security experts have described the online attacks as more of an online riot than coordinated, state-sponsored cyberwarfare, but they were effective. At the height of the onslaught, parts of the country’s financial system were brought down as hackers crippled servers at Estonia’s banks.

This four men on trial this week are accused of involvement in the April street riots that preceded the cyberattacks, according to a Reuters report. They are Dmitri Linter, Maksim Reva, Dmitri Klenski and Mark Sirik.

By Robert McMillan, IDG News Service, who blogs for CSO at Security Blanket.