Russian Cyber Strategy and the War Against Georgia

Cyber Attacks on Georgian Governmental ResourcesRussia holds a broad concept of information warfare, which includes intelligence, counterintelligence, deceit, disinformation, electronic warfare, debilitation of communications, degradation of navigation support, psychological pressure, degradation of information systems and propaganda. Computers are just among the many tools of information warfare, which is carried out 24 hours a day, seven days a week, in war and in peace. Seen this way, distributed denial of service (DDoS) attacks, cyber espionage, and Russia Today television are all related tools of information warfare. . . .

Russia’s 2008 combined cyber and kinetic attack on Georgia was the first practical test of this doctrine. Although it was not fully successful, we must assume that the Russian military has studied the lessons learned, just as it has done for every other facet of its poor performance against Georgia. Given all the doctrinal attention paid to the subject, we must assume that Russia is honing far more sophisticated military cyber capabilities. . . .

In 2008, it was Georgia’s turn in the first ever combined kinetic and cyber-attack. Many of the same techniques and computers involved against Estonia a year earlier resurfaced against Georgia.

Exhibiting remarkable insight on the part of the perpetrators, DDoS attacks on Georgian government websites, particularly the president’s website, began more than two weeks before the kinetic Russian invasion. On the day the kinetic war started, sites such as sprang up with a list of sites to attack, instructions on how to do it and even an after-action report page. It is instructive that all this was ready to go—surveys, probing, registrations, and instructions—on day one! An Internet blockade was traced to five autonomous systems—four in Russia and one in Turkey—all controlled by the criminal syndicate RBN.

When one considers the forensic evidence, geopolitical situation, timing, and the relationship between the government and the youth and criminal groups, it is not difficult to conclude that the Kremlin was behind it all.

Ambassador David J. Smith is Senior Fellow and Cyber Center Director at the Potomac Institute for Policy Studies in Washington and Director of the Georgian Security Analysis Center in Tbilisi.

Image: Cyber Attacks on Georgian Governmental Resources (graphic: Ministry of Justice of Georgia)