January 17, 2014
Russian Cyber Strategy and the War Against Georgia
By David J. Smith, inFocus Quarterly
Russia's 2008 combined cyber and kinetic attack on Georgia was the first practical test of this doctrine. Although it was not fully successful, we must assume that the Russian military has studied the lessons learned, just as it has done for every other facet of its poor performance against Georgia. Given all the doctrinal attention paid to the subject, we must assume that Russia is honing far more sophisticated military cyber capabilities. . . .
In 2008, it was Georgia's turn in the first ever combined kinetic and cyber-attack. Many of the same techniques and computers involved against Estonia a year earlier resurfaced against Georgia.
Exhibiting remarkable insight on the part of the perpetrators, DDoS attacks on Georgian government websites, particularly the president's website, began more than two weeks before the kinetic Russian invasion. On the day the kinetic war started, sites such as stopgeorgia.ru sprang up with a list of sites to attack, instructions on how to do it and even an after-action report page. It is instructive that all this was ready to go—surveys, probing, registrations, and instructions—on day one! An Internet blockade was traced to five autonomous systems—four in Russia and one in Turkey—all controlled by the criminal syndicate RBN.
When one considers the forensic evidence, geopolitical situation, timing, and the relationship between the government and the youth and criminal groups, it is not difficult to conclude that the Kremlin was behind it all.
Ambassador David J. Smith is Senior Fellow and Cyber Center Director at the Potomac Institute for Policy Studies in Washington and Director of the Georgian Security Analysis Center in Tbilisi.