Economist: cyberwar reassessed

Good piece pondering the implications of the assault on Estonia.

Even at their crudest, the assaults broke new ground. For the first time, a state faced a frontal, anonymous attack that swamped the websites of banks, ministries, newspapers and broadcasters; that hobbled Estonia’s efforts to make its case abroad. Previous bouts of cyberwarfare have been far more limited by comparison: probing another country’s internet defences, rather as a reconnaissance plane tests air defences.

At full tilt, the onslaught on Estonia was also of a sophistication not seen before, with tactics shifting as weaknesses emerged. “Particular ‘ports’ of particular mission-critical computers in, for example, the telephone exchanges were targeted. Packet ‘bombs’ of hundreds of megabytes in size would be sent first to one address, then another,” says Linnar Viik, Estonia’s top internet guru. Such efforts exceed the skills of individual activists or even organised crime; they require the co-operation of a state and a large telecoms firm, he says. The effects could have been life-threatening. The emergency number used to call ambulances and the fire service was out of action for more than an hour.

For many countries, the events of the past weeks have been a loud wake-up call. Estonia, one of the most wired nations in Europe, actually survived pretty well. Other countries would have fared worse, NATO specialists reckon…

IMHO, this is a really big deal. I can’t understand why governments appear to be paying so little attention to it. And I’m astonished that it has taken so long for an attack to materialise. Years ago I wrote that Saddam Hussein should stop wasting his efforts on WMD and hire some hackers instead. I guess he didn’t read the Observer. Just as well, maybe.