The website for the president of Georgia was knocked offline by a distributed denial-of-service (DDOS) attack over the weekend, yet another in a series of cyberattacks attacks against countries experiencing political friction with Russia The website for the president of Georgia was knocked offline by a distributed denial-of-service (DDOS) attack over the weekend, yet another in a series of cyberattacks attacks against countries experiencing political friction with Russia.Georgia’s presidential website was down for about a day starting early Saturday until Sunday, according to the Shadowserver Foundation, which tracks malicious Internet activity.Network experts said the attack was executed by a botnet, or a network of computers that can be commanded to overwhelm a site with too much traffic.The command-and-control server for the attack is based in the United States, Shadowserver said. The botnet appears to be based on the “MachBot” code, which communicates to other compromised PCs over the HTTP (Hypertext Transfer Protocol), the same protocol used for transmitting Web pages. The tool used to control this kind of botnet “is frequently used by Russian bot herders,” according to Shadowserver. “On top of that, the domain involved with this C&C [command-and-control] server has seemingly bogus registration information but does tie back to Russia.”One of the commands contained in the traffic directed at the site contained the phrase win+love+in+Rusia,” wrote Jose Nazario, a senior security engineer with Arbor Networks, on a company blog. On Sunday, it appeared that the host for the command-and-control server had been taken offline, Shadowserver said.The motivation for the attacks is not entirely clear. But Georgia is just one of several former Soviet satellites including Estonia and Lithuania seeking to downplay their historical legacy with Russia.Georgia has angered Russia by pushing for entry to NATO (North Atlantic Treaty Organization), a pro-Western security alliance. It has also tangled with Russia over the handling of South Ossetia and Abkhazia, two rebellious regions pushing for independence.In Lithuania, 300 websites were defaced around July 1 following a new law prohibiting the public display of symbols dating from the Soviet era, as well as the playing of the Soviet national anthem. The hacking was blamed on an unpatched vulnerability in a Web server at a hosting company.Estonian sites were pounded by a massive DDOS attack in April and May 2007. The attacks were believed to have been connected to a decision to move a monument honoring Soviet World War II soldiers to a less prominent place, which ignited protests from ethnic Russians. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe