Professional Documents
Culture Documents
Dissertation On Cyber Warfare
Dissertation On Cyber Warfare
By
Alexia Kasparian
2013/2014
ii
Acknowledgments
This dissertation would not have been possible without the valuable opinions,
advice, and guidance from one of the best professors of Kingston University.
I would like to thank Dr. Steven Bastow for all his guidance, patience and
making me fall in love with the subject. Lastly I would like to thank my
partner and my close friend who stood by me and encouraged me that taking
iii
List of Acronyms
EU European Union
IT Information Technology
MS Microsoft Windows
iv
NATO North Atlantic Treaty Organisation
UN United Nations
US United States
v
Contents Page
Page
Acknowledgments.....................................................................................................i
List of
Acronyms.......................................................................................................ii-iii
Abstract..................................................................................................................viii
Introduction.........................................................................................................1-5
Chapter 1
How did Cyber Warfare Emerge and why is it so Important to National and
International Security?...........................................................................................6
Chapter Conclusion...........................................................................................21-22
Chapter 2
Warfare?...........................................................................................................25-28
Warfare?............................................................................................................29-30
Warfare?............................................................................................................31-35
Chapter Conclusion...........................................................................................36-37
Chapter 3
of Foreign Nations..............................................................................................38
What were the Political Aims behind the Cyber Warfare against Estonia in 2007
and Georgia in
2008?.................................................................................................................39-52
Georgia?............................................................................................................52-53
vii
How did the Estonian Government, NATO and EU Respond to the Cyber Warfare
Was the Russian Government Behind the Cyber Warfare of both Estonia and
Georgia?.............................................................................................................55-60
Chapter
Conclusion.........................................................................................................61-62
Recommendations............................................................................................63-66
Appendices.......................................................................................................67-68
Glossary............................................................................................................69-72
Bibliography...................................................................................................73-106
viii
List of Figures & Tables
attack.......................................................................................................................48
ix
Abstract
illustrations like the Estonian and Georgian case studies. Both Estonia
era statue from the capital city to a nearby military cemetery. While in
Georgia, the political tensions started during the armed conflict between
the Russian Federation and Georgia over South Ossetia. Even though
warrant careful consideration since the future has cyber conflicts in store.
x
Introduction
ongoing hot topic as cyber attacks in recent years have become one of the
(Kozłowski, Rękawek and Terlikowski, 2014, p.1). It can be argued that the
to monitor and control. Some people argue that the information revolution
and Peterson, 2012, p.60). This can be explained by the fact that more and
networks. Thus cyber attacks and cyber wars have become a frequent
Another major incident was the cyber warfare against Georgia in the
1
information warfare worldwide (Brenner, 2007; cited in Heickeroe and
foreign states and thus threatening national and international security. This
such as the attacks against Estonia and Georgia (Bryman, 2012, pp.8-9).
cyber warfare against Estonia in 2007 and Georgia in 2008 (Kothari, 2004,
are borne out by the specific situation” (Goddard and Melville, 2004, p.9).
This chosen methodology will compare and analyse the two case
studies juxtaposing primary and secondary sources such as: books, journals,
website. These sources will augment the critical analysis of the two case
9).
2
One of the most important strengths of using the comparative
selection of cases that share similar features means that the testing of the
intensive analysis of a few cases with limited financial resources and time.
This intensive analysis of few case studies can be richer than the outward
the comparative case study is due to the eclectic selection of cases where
there are often many variables connecting the cases that are not essential to
the study, thus: “too many variables, not enough cases” (Landman, 2006,
p.67).
Georgian cyber warfare will also be analysed through the lens of critical
consists of different layers such as: the Real (the enabling causal laws,
tendencies and mechanisms which are undetectable), the Actual (that which
actually takes place and can be experienced) and the Empirical (that which
corresponding social practices and events (things taking place but not
essentially seen) and observable social events (things we can detect and
study taking place in the social world) (Bhaskar,1978, p.23; Jeppesen, 2005,
3
For instance, the very notion of cyber warfare cannot be detected
with the naked eye, it cannot be physically touched, but we are very much
space. It disrupts our highly wired mode of life. Cyber attacks then become
being the summary of the order and relevance of what is to follow as well as
begin with, chapter one will examine the emergence of cyber warfare and its
organised into three main sub-sections: firstly, it will define cyber warfare
their use of cyber weapons; and thirdly, it will outline and critically assess
the threat and importance of cyber warfare and cyber terrorism to national
Russia’s, and China’s towards cyber warfare and cyber security. Alongside
states by examining and comparing the selected case studies of Estonia and
4
Georgia. These case studies will be used to explore and to give powerful
critically assess the political aims behind the cyber warfare assailing the
European Union (EU) and the North Atlantic Treaty Organisation (NATO)
responded to the cyber warfare against Estonia and Georgia after the
infrastructure during the attacks. Lastly, the main conclusion will provide a
brief summary about what the dissertation has demonstrated, along with
applicable to the rest of the first world nations. The main conclusion will
also point out a couple of issues which surfaced in the research process
which should be addressed in future research, along with the need for
5
Chapter 1
Security?
frequently been labelled as the date that altered everything (NATO Review,
2011). This may not be true for our everyday life, but it certainly marked a
most people in the information age. It has helped us to connect with the rest
of the world with just a few clicks on the keyboard; however, information
activities have also surfaced in parallel with these positive results. The
connected nature of our lives only magnifies our weakness to cyber attacks.
because society is becoming more and more dependent on the World Wide
6
Web in its day to day social-networking activities (Heickeroe and Peterson,
2012, p.10; Singer and Friedman, 2014, pp.37-39; Stytz and Banks, 2010,
p.1).
to deliver their political messages and views and thus threatening national
and international security. Threats exist due to the fact that the World Wide
Web offers little regulation, has a fast flow of information, and most
cited in Janczewski and Colarik, 2008, p.5; Yar, 2013, p.13; Kozłowski,
2014, p.237).
and international security. The chapter will be organised into three main
it will investigate the emergence of hackers and their use of cyber weapons;
and thirdly, it will outline and assess the threat and importance of cyber
cyberspace that have effects that amplify or are equivalent to major kinetic
novel, Burning Chrome, and it was his use of the term as an indicative
hard drives, cables, mainframes and networks. Hence, the battlefield where
and Maness, 2014, p.348; Singer and Friedman, 2014, pp.13-14). Libicki
conflicts will have no apparent battle lines and the combat will take place in
and Georgia in 2008. Using the World Wide Web to convey this message is
8
Woodcock, the research director of the Packet Clearing House (a non profit
establishment that follows Internet traffic), states that cyber attacks are so
low-cost and easy to escalate, with a few “fingerprints” that they will almost
back to hacking; hence in order to understand cyber warfare one must first
understand the roots and nature of hacking. Cyber warfare can be simply
the computer hacker in the online world. For instance in 1982, a group of
2014, p.352). This cyber attack led to the very first concerns about the
2014, p.352). In the early 1980s hackers started producing their own
would be the famous black hat conference. This social phenomenon led to a
1
The Convention on Cybercrime is the first international treaty seeking to address internet and
computer crime. It was signed in 2001 and became effective in 2004 (Convention on Cybercrime,
2001). The International Telecommunication Union (ITU) is also the key organisation that is
responsible for cyber security within the United Nations (UN) configuration (Ashmore, 2009,
p.17).
9
significant progress in different forms of virus and threat technologies, such
The main cyber weaponry being used against victims are the
(DDoS) and cyber intrusions. These digital weapons are used by states to
damage their adversaries (Andress and Winterfield, 2011, p.4). They are
websites (Clarke and Knake, 2010). This form of hacking takes over the
website for a short period of time and shows texts or pictures that degrade or
cause offence to the victim’s website. This applies to the cyber warfare
are also a type of control, signifying to the victim that they lack the ability
2
See glossary.
3
As hacking started becoming more popular, numerous types of hacking were defined by using hat
colours to signify the levels of threat, ethics and criminality. For instance, a white hat hacker is one
who uses hacking for benevolent purposes such as informing companies of security vulnerabilities,
whereas a black hat hacker is one who hacks for malevolent reasons such as disturbing computer
and network operations. Most black hat hacks are criminal offenses in most nations and when their
Internet Protocol (IP) addresses are detected they are liable to arrests (Jones, 2014, p.352).
Hacking was strongly emphasised and portrayed in the film Goldeneye (1995), where Russian
hackers are introduced in the hacking world, where they intend to cause havoc and threats to
international security.
4
See glossary.
10
The second, slightly more sophisticated form of cyber weaponry,
‘flood’5 specific targeted websites, servers, or routers with more data needs
than the website can process (Reveron, 2012). DDoS methods are a well-
The DDoS method efficiently closes down the website, thus making
virus that permits the invader to remotely control the victims’ machines
without the awareness of their owners (Clarke and Knake, 2010, p.191).
DDoS methods were effectively used in both of the cyber attacks against
pp.131-139).
5
See glossary.
11
Figure 1: Over a Decade of DDoS6
6
See Appendix 1.
12
The third-level of techniques in cyber warfare are intrusions which
vandalism and the damage they create can be more long-term. Trojans or
These intrusions can be inactive for a long period of time and then
as to when to turn on without the need for a human hacker (Valeriano and
Terrorism
cyber terrorism, and cyber warfare, are charged with an “aura of mysticism
and secrecy” (Heickeroe and Peterson, 2012, p.9). The rapid evolution of
7
See glossary.
8
See glossary.
13
means of warfare have been greatly altered by the explosive growth of
now has more of an impact on our daily reality (Huh, Lee and Chang, 2007,
p.216).
Access to and the availability of the World Wide Web in today’s GII is vital
cyber attacks because they have developed to the point where they manage
the command and control systems, operate the logistics, facilitate the staff
operations and planning. In simple words they are “the backbone” of the
intelligence abilities. Thus, this makes them even more vulnerable and
14
inbuilt weakness in our reliance on that infrastructure and effectively
These systems are utilized to examine and manage utility equipment such as
grid and water supply systems. The loss of statewide power systems, the
a dam’s flood waters are further targets that have been infiltrated in the past
p.419).
the federal authorities that he had full control of the SCADA system
ignored. For instance, a cyber attack against the electric power system,
could possibly demolish equipment and shut down power for an extended
2010, p.198).
9
See glossary.
15
Without electric power, hospitals and their equipment could become
addition, many suppliers would be forced to shut down and this would make
shortages, air and rail travel would be disrupted in the sense that most
costs, which could mean that airports and train stations could become
dysfunctional and even close (Jones, 2014, p.372). The following areas are
crucial to national health and to a great degree are dependent on the World
Wide Web:
A cyber attack against the aforementioned GII can create real world
vulnerability in the victims because their systems and the fibre of their
16
everyday lives can be disturbed in this way (Shakarian, Shakarian and Ruef,
2013, p.12). Hence, the network infrastructures that facilitate most of what
attacks and disruptions (Ashmore, 2009, p.8). Landler and Markoff (2007)
state that after Estonia was cyber attacked in 2007, the Estonian government
issue, the invisible threat. It could be for the reason that civilian targets have
and economic recovery have been lacking since defences were found weak
Nonetheless, there are other irregular targets which are not defended against
also a vital element of the national economy and is prey to irregular cyber
attacks by foreign states and terrorists. Recent web security reports point out
that US banks and financial systems are key targets for hacking by other
17
national governments such as China, North Korea and Iran (Jones, 2014,
pp.371-372).
A good metaphor which can give context to this new danger is the
2011; Heickeroe and Peterson, 2012, p.60). Shawn Henry, the assistant
that the threat to the computer network is one of the most serious threats the
Jones (2014, p.351) points out that cyber warfare has been
he observes that all of the armed forces now have cyber warfare units that
try to steal information and meddle with armed tools and command and
Brazil and India (Adams, 2001, as cited in Knapp and Boulton, 2008, p.20).
orchestrate terror, crime and warfare (Andress and Winterfield, 2011, p.2).
10
An arms race is entering into the cyber field of software and algorithms
10
See glossary.
18
Iasiello (2013) emphasises how cyber attacks have become this
that all conflicts which will take place in the near future will involve cyber
warfare tactics, and that the US is too weak to defend itself against this type
of warfare. The General stated: “We are finding that we do not have the
very thin, and a crisis would quickly stress our cyber forces...This is not a
are both invisible. Not only are cyber attacks invisible, it is hard to detect
the correct source of the attack, due to the complex and anonymous nature
because most cyber attacks have a political message, they are not carried out
undetectable, but the damage which might be caused is neither invisible nor
impalpable (Heickeroe and Peterson, 2012, p.9). There might have been
apocalyptic millennium havoc about the millennium bug (Y2K bug 12) in the
year 1999, but the persistent existence of cyber warfare has proved to be
11
See glossary.
12
See glossary.
19
battlefield to attack critical information infrastructures (Clarke and Knake,
2010, pp.109-111).
(Shakarian, Shakarian and Ruef, 2013, p.12). Moreover, the cyber warfare
against Georgia in 2008 marked the first time where a cyber operation was
against Estonia in 2007 as the first official and publicly illustrated cyber
warfare against a nation. Brenner (2007) also remarked that not everyone
agrees that this cyber attack should be labelled as cyber warfare; instead
like to label the incident, the incident has been a wake-up call for authorities
20
Chapter Conclusion
2002, James Lewis, the Director and Senior Fellow of the Technology and
annoyance” and “hype” were used, there have been notable incidents of
cyber warfare that posed real threats to national security such as the cyber
cyberspace has its origins in the real world where it is used as a vehicle to
convey messages and illustrate one’s power to the adversary (Heickeroe and
hackers and the three main cyber weapons used to attack opponents such as,
DDoS, website defacements, and cyber intrusions (Clarke and Knake, 2010;
13
“Weapons of mass annoyance”: a phrase originated by Stewart Baker (Lewis, 2002, p.11).
21
The chapter also highlights that critical infrastructure networks are
the main targets for cyber attacks by cyber aggressors and cyber terrorists
attack against the GII can create real world disturbance to the functions of
The chapter has also shown the potential danger to society posed by
cyber warfare, a threat which might even extend to the risk of an “electronic
revolution it would almost be safe to assert that cyber warfare might also
evolve, hence this would mean that society will need stronger defenses and
22
Chapter 2
Warfare?
human race. History indicates that information has always been a key
information technology is opening the route for the growth of new means
from the US, Russia and China are formulating their own ideas and
some kind of cyber element (Heickeroe and Peterson, 2012, p.31). For
instance, DDoS type of cyber weaponry might have a huge role in future
23
conflicts that employ a computerised element since the technology is
currently not only a well-known cyber weaponry, but also used largely as
2013, p.21).
Defense Agency, notes that the alarming events in cyberspace such as the
Saydjari (2008, p.10) states that one thing for certain which must be
infrastructure.
whose threats and risks must be brought under control (Saydjari, 2008,
p.10). This chapter will assess and outline the superpowers’ strategies and
14
See glossary.
24
What is the US Military Approach to Cyber Warfare?
security experts started observing that the US’s critical infrastructure was
nations, the US’s real-world critical resources are controlled via this virtual
2008, p.10).
Heickeroe and Peterson (2012, p.40) also confirm that the US have
(Heickeroe and Peterson, 2012, p.40; Singer and Friedman, 2014, p.133).
all mechanisms of the US military which focus on and deal exclusively with
15
In 2011, US intelligence officials openly charged Russia and China of continuously stealing
high-tech data from the US for their own national economic advantage (Bodeen, Meghani and
Robertson, 2011).
25
cyber issues from the Army’s Ninth Signal Command to the Navy’s Tenth
Fleet (The Fleet Cyber Command).16 The Pentagon’s 2013 budget plan
referred to the term ‘cyber’ 53 times and the 2014 budget plan referred to
‘cyber’ 147 times and along with it CYBERCOM’s headquarters budget has
security efforts (Knott et al., 2013, p.399). According to Harris (2014), the
planning to train a force of 6,000 cyber warriors by the end of the year 2015.
This indicates that the Pentagon is becoming fully ‘geared up’ for cyber
pp.133-135).
a functioning sphere as the rest of the military does on the ground, sea and
air; to apply new security theories to succeed there; to associate with other
ways in which the military might combat and win in cyber warfare (Singer
US’s strategic doctrine just as vital as land, air, sea and space (US
three categories of cyber forces: firstly, cyber defence forces that will
16
CYBERCROM is rumoured to have a cyber warrior force of just under 60,000 staff, with
headquarters located at Fort Meade, Maryland (Singer and Friedman, 2014, p.135).
26
secondly, to fight mission forces that will aid the operation of troops in the
field; and thirdly, direct national operation forces that will support the
(2014, p.93), a computer security and privacy expert, argues that it is vital
for the US to improve their cyber security strategy because of the power
foreign nations, and at the same time to minimise cyber aggression from
Security (2014, p.93), the author points out that there is strong evidence of a
cyber warfare and cyber security strategy and that the NSA17 and the United
General along with Amit Yoran, a former National Cyber Security Division
Yoran states that cyber 9/11 has been taking place over the past decade but
commands formed after similar hotlines for nuclear commands. This would
the population so that the latter gives up more and more of their privacy and
28
What is the Chinese Approach to Cyber Warfare?
battle ground and military information and information systems are the
Command, evidently placed China among the most serious threats in this
sphere. Singer and Friedman (2014, p.138) also interpolated, that many are
the Cold War. Interestingly, Chinese officials declared in 2011, that China
was the victim of some 34,000 cyber attacks which originated from the US,
while in 2012 the numbers rose to the point that Chinese military websites
alone were cyber attacked by US sources nearly 90,000 times (Singer and
2013 revealed that the NSA had hacked the high-status Tsinghua University
backbones” which direct all of mainland China’s World Wide Web traffic,
29
as well as the Hong Kong centre of operations of Pacnet, which controls one
warfare has become a “top funding priority” and a multitude of new units
have been formed to counter and launch cyber attacks on the adversary’s
codes and signals, “making it a natural fit” for cyber conducts (Singer and
Singer and Friedman (2014, p.144) claim that China is not just an
World Wide Web users. General Keith Alexander claims that China is
30
What is the Russian Approach to Cyber Warfare?
vital advantage over an adversary (CRS Report for Congress, 2001, as cited
encompassing effect over the populace. In other words they use cyber
weapons like viruses, worms, logic bombs18 and trojans as force multipliers
18
See glossary.
31
so as to maximise the impact of a cyber attack (Tsymbal, 1995, as cited in
cost of carrying out a cyber attack against their nation. Regardless of the
existence of the threat or not, these measures affirm the seriousness of the
carried out in stages: in peace time, in the preface to war, and in time of war
and a complex infrastructure. A small group or even one expert can develop
Giles (2011, p.47) implies that even though Russia now views the
actions of NATO and the US with less apprehension than during peaks of
32
military agenda is set on the manipulation, disruption, destruction or seizure
defending their own (US Joint Publication 3-13.1, as cited in Giles, 2011,
p.47). Despite the US’s attempt not to antagonise Russia in cyberspace, the
systems and computer data storage systems, and of gaining unlawful entry
Schneier (2014, p.93) also points out that parallel cyber attacks against
systems via cyberspace (Heickeroe and Peterson, 2012, p.47; Libicki, 2007,
33
information gathering and cyber espionage (Heickeroe and Peterson, 2012,
p.47).
cyber vulnerability was a subject discussed well before the cyber attacks and
the armed conflict in Georgia in 2008. The then Deputy Chief of the
He remarked that leading nations are now vigorously inventing and building
and political potential, and alters the traditional forms of power struggle
(ITAR TASS News Agency, 2008, as cited in Giles, 2011, p.50). Those
with the fastest and more sophisticated computer capacities will have an
attained: “by suppressing its state and military command, navigation and
34
Chapter Conclusion
itself in cyber warfare since it is giving the notion that they have become
35
Russia. Thus, is order to defend its information and cyber sovereignty a US
Friedman, 2014).
pointed out that General Keith Alexander and Amit Yoran were
(Schneier, 2014).
and Friedman (2014) argue that China has also become a victim of cyber
attacks in cyberspace from the US. Unlike the US, the Chinese military
organization’s cyber agenda remains covert yet many speculate that it falls
Controversially, this unit is very similar with the NSA (Singer and
Friedman, 2014). The chapter has identified how Russian cyber warfare
for a global information war. He noted that leading nations are now
36
vigorously building forms and means of struggle in the information arena
(Giles, 2011). The chapter has investigated the viewpoints and strategies of
consideration the wider dialectics directly and indirectly involved. All three
their cyber security efforts and to vigorously invent and build devices as
Chapter 3
37
Government use of Cyber Warfare as a tool to
Nations
Alexander and Amit Yoran, there actually have been recent cases of
Crete-Nishihata, 2012, p.4; Schneier, 2014, p.92). The main aim in this
world news which present the nature and scale of such incidents taking
place in our shared virtual space. This will allow us to better identify the
target reasoning and the affect on the targeted nations, but to also examine
how the targeted nations are dealing with cyber threats socially, politically
law” that the cases present (Tikk, Kaska and Vihul, 2010, p.11).
The cyber warfare against Estonia and Georgia illustrate the risks of
launch conflicts and escalate them (Heickeroe and Peterson, 2012, p.131).
considered to be one of the most wired nations in the world and had wide-
stipulation to examine and act against politically motivated attacks that had
no profit incentive (Kaeo, 2007; Tikk, Kaska and Vihul, 2010, p.8).
38
In order to comprehend cyber warfare it is important to select and
examine in detail case studies such as the cyber attacks against Estonia and
Georgia that illustrate fully its complexity and mutability. Both of these
nations happen to be former Soviet satellite states and both have a common
problematic nature of the identity of the ‘attacker’ started when both nations
started having political tensions with Russia Thus these case studies will be
What were the Political Aims behind the Cyber Warfare against
drew attention to the fact that the world faced the escalating problem of
cyber threats to public security and state stability. The three-week cyber
attacks, along with other first world nations (NATO Review, 2011). In
particular, political and social relations between Russia and Estonia hit a
“low point” in 2007 because of the popular belief that the Russians were
by the USSR in 1944 to honour Soviet soldiers who lost their lives in World
39
War II. However, the government’s ultimate plan to relocate the monument
was strongly opposed by the Russian government and by the ethnic Russian
started taking place in Tallinn and in Moscow against the Estonian embassy.
Most importantly the dissent between the two fractions culminated in the
2007 (Davis, 2009; Shakarian, Shakarian and Ruef, 2013, p.16; Iasiello,
2013).
From one side, to the ethnic Estonians, the bronze soldier was
symbolic of Soviet tyranny. But from the other side, to the ethnic Russian
19
“Ethnic Russians make up about a quarter of Estonia's population of 1.3 million” (The BBC,
2008).
20
See Appendix 2.
40
minority group is likely to encourage a nationalist counter-attack as
Reich, took to the streets to show their grievance against the government’s
decision to relocate the statue. There were violent disputes between security
forces and rioters that continued for days (Franklin et al., 2007; Shakarian,
It was reported that 1,300 people were arrested during the street
disputes in Estonia, 100 people were injured and one person was reported
dead (Traynor, 2007). The street riots in Tallinn were transferred into
cyberspace when in the late hours of Friday on April 27 th, the websites of
the Estonian government institutions and news portals were targeted. The
cyber attacks against both public and private sector websites lasted in stages
of varying intensity, for three weeks (Landler and Markoff, 2007). The
episode has since been labelled the world’s first cyber war, or “Cyber War
I”, as it marked the first time that a persistent, extensive, and politically
infrastructure was carried out by somewhat simple means, thus earning the
21
See glossary.
41
with certain restrictions on the Microsoft (MS) Windows command line
executable.bat files22 onto their computers and then started to carry out
Vihul, 2010, p.19). The unexpected attacks were so organised that they were
2010, p.19).
The main means of attack utilised in the three week cyber warfare
against Estonia were as mentioned in chapter one: denial of service (DoS) 23,
spam. For instance, the DDoS attacks were directed against leading
governmental and private sector websites (Tikk, Kaska and Vihul, 2010,
hacker(s) successfully broke into the Estonian Reform Party’s website and
22
See glossary.
23
See glossary.
24
See Appendix 3.
42
posted a forged ‘formal’ apology signed by the Estonian Prime Minister,
interestingly the Russian language which was the chosen language used for
the rest of the hacked website (Ruus, 2008; Shakarian, Shakarian and Ruef,
2013, p.18).
The forged apology was possibly a backlash since in the early days
of the cyber war, the Estonian Foreign Minister, Urmas Paet, claimed that
addition, there was a flood of spam e-mails against government servers and
individual e-mail accounts (RT News, 2007; Tikk, Kaska and Vihul, 2010,
p.21). By the 30th of April, the Estonian government began blocking all
Internet traffic from the adversary, Russia, by filtering out web addresses
During the night of May 4rth, DDoS attacks continued against websites
parts of Estonia and were distinctly more intensified due to the use of
botnets. The attackers also cleverly covered their tracks through the use of
proxy servers and possibly by spoofing their IP addresses (Tikk, Kaska and
Vihul, 2010, p.19; Sridhar, 2011). The Estonian banks were continuously
assailed by DDoS attacks from May 9th to 11th and succeeded in taking down
43
Estonia’s major banks such as Hansapank25 and SEB Eesti Ühispank along
with government websites and news portals (Tikk, Kaska and Vihul, 2010,
Attacks Date
21 2007-05-03
17 2007-05-04
31 2007-05-08
58 2007-05-09
1 2007-05-11
25
Hansapank has had losses of at least $1 million (Landler and Markoff, 2007).
26
See Appendix 4 for table 1, 2 and 3.
44
Table 3: DDoS attacks on Estonian websites
Attacks Date
17 Less than 1
minute
78 1min- 1 hour
16 1 hour- 5
hours
8 5 hours to 9
hours
7 10 hours or
more
cyber warfare, bank cards and cellular phones were not operable within the
nation (Tikk, Kaska and Vihul, 2010, p.22; Keating, 2012). By making a
banking website for clients unavailable, the cyber aggressors divest the
clients of the means to carry out some critical actions or receive some
(Tikk, Kaska and Vihul, 2010, p.18). As a result, the cyber attacks were
(Keating, 2010; Keating, 2012; Shakarian, Shakarian and Ruef, 2013, p.16).
In an interview, James Lewis of the CSIS, stated that like most other
Western states Estonia is dependent on the World Wide Web for its entire
45
operations, electric power grids, financial services and even Tallinn’s water
the World Wide Web since 2001 has effectively transformed it into a
66% of the populace uses the World Wide Web, 55% of households have a
computer at home, and 91% of the computers are connected to the internet
country equally heavily wired like Lichtenstein the cyber attacks on the
and even some emergency services “being offline” could lead to a national
operations both for the public and private domain. Thus, the Estonian
consequently made them more vulnerable and turned them into prey for
warfare against Georgia occurred within the timeline and in the context of a
wider armed conflict that took place in August 2008 between the Russian
46
Federation and Georgia over South Ossetia. South Ossetia is considered an
borders with Russia (Tikk, Kaska and Vihul, 2010, p.67). Additionally,
(Bremer, 2008).
Georgian side and the Russian side (Päevaleht, 2008; Council for Europe
separatist forces which took the Russian fraction off guard. Nevertheless, on
mission of forcing out the Georgian Army from South Ossetia (Shakarian,
47
Most importantly, the armed conflict was accompanied with cyber
attacks just like the Estonian incident. The major difference nonetheless was
that Georgia’s case represented the first incident of an attack on two fronts,
and a large scale cyber invasion (Shakarian, Shakarian and Ruef, 2013,
p.24).
armed conflict and cyber attacks were seriously threatening national security
and state sovereignty (Press release of the President of Georgia, 2008). Even
though the military conflict ended on the 12th of August, the cyber warfare
against Georgia lasted throughout August (The BBC, 2008). “And last year
we had a glimpse of the future face of war...As Russian tanks rolled into
Obama, 2009).
48
attack.27
defacements of public sites and the carrying out of DDoS attacks against
several public and private (financial and media) targets. The BBC and CNN
methods were used in the cyber warfare against Estonia in 2007 (Bumgarner
and Borg, 2009, pp.5-6; Tikk, Kaska and Vihul, 2010, p.71).
website (Adair, 2008, as cited in Tikk, Kaska and Vihul, 2010, p.71).
(Danchev, 2008).28
websites and blogs which could only be created with the intention to attack
Georgian websites (Adair, 2008, as cited in Tikk, Kaska and Vihul, 2010,
p.73). Comparably, a similar method was used in the first phase of the cyber
and thereby ‘flood’ Estonian websites both by DNS and IP was displayed on
28
See Appendix 6.
50
boards along with lists of Georgian websites defenceless to remote SQL
infrastructure (Shakarian, Shakarian and Ruef, 2013, p.25). This again can
2008). This technique of overloading with comment and spam was used in
the same way against Estonian private and governmental websites and email
Many believe that the primary goal of the cyber warfare on Georgia
was to prevent the Georgian media from “telling their side of the story”
(Corbin, 2009). As such Corbin argues that the goals of the Russian cyber
warfare against Georgia were to “isolate and silence” them (Corbin, 2009).
equally that the cyber attacks on Georgia were successful in limiting the
29
Russian is a minority language in both Estonia and Georgia (CIA, The World Factbook, 2014).
51
Notably, a major dissimilarity is that Georgia unlike Estonia is
not very sophisticated so the service disruption was not as complex as in the
on Estonia, since these attacks combined DDoS using botnets and SQL
“injections” that are more difficult to detect because they require less
computers than botnets. The SQL “injection” also requires a cyber aggressor
of a superior calibre and sophistication than the ones observed in the cyber
The Estonian and Georgian cyber warfare case studies are frequently
they are still comparably very different (Iasiello, 2013). One major
Internet accessibility as a basic human right from the year 2000 does not
52
minimal. Contrary to Estonia, Georgia happens to be a technological
“laggard”. For instance, the Foreign Ministry was not able to immediately
websites became remote during the cyber attacks. In 2006, the UN gathered
Wide Web users per 100 compared to 55 in Estonia (Morozov, 2009; Tikk,
Georgia?
released. Although, seeing that a single hour of interrupted service made one
million, it would logically make sense that the cost of the three-week cyber
storm could have been considerable (Landler and Markoff, 2007). Iasiello
(2013) highlights that the cyber operations can also be viewed as a digital
‘smack’ to put Estonia “back in the line”. The fact that the cyber attacks’
duration was only three weeks indicates that the attacks were trying to make
Georgia’s banking system was inoperable for ten days in the three-
and Borg, 2009; Corbin, 2009). The cyber aggressors evaded inflicting
(Bumgarner and Borg, 2009). The cyber aggressors possibly did not intend
53
briefly “isolate and silence” them (Shakarian, 2011, p.66). Nonetheless, the
2011, p.54). The government CERT of Estonia was established from 2006.
Yet Estonia’s CERT called on fellow CERT countries for support, namely
from Germany, Israel, Slovenia and Finland in order to reinstate its standard
even if there was no direct impact on their nation; Estonia was still
Sanctions were one of the few punishment options that received overall
SCADA system (Landler and Markoff, 2007; Lewis, 2009, p.8). Article V
states that all actions taken by alliance must be immediately reported to the
UN Security Council and that: “such measures shall be terminated when the
Security Council has taken the measures necessary to restore and maintain
where its CERT specialists joined the Georgian efforts to counter the attacks
(DPA, 2008, as cited in Ashmore, 2009, p.9; Taimre, 2008). This example
demonstrates how Estonia as the NATO CCD CoE headquarters was adept
the professed source of the attacks was Russia-based simply because the
surprise that the Russian government in their defence added that both cyber
attack incidents on Georgia and Estonia might have been plausibly isolated
take matters into their own hands (EU-Russia Forum, 2008, p.27; Clarke
unanswered the question of why the Russian government would not try to
stop the dissent from various fronts and the cyber onslaught carried out
Schneier, 2014, p.93). Russian officials also “turned a blind eye” as pro-
numerous days during the cyber attacks (Ruus, 2008). Not to mention that
56
the Russian officials possibly encouraged the cyber aggressors by blaming
Tallinn for altering history, glorifying fascism and violating human rights.
They also insisted that the Prime Minister Andrus Ansip ought to apologise
The EU and NATO technical experts were not able to find any
incontestable proof that the culprit behind the Estonian cyber warfare was
indeed originating from Russia. Thus, there was no justification for any
more finger-pointing other than the assured understanding that these were
NATO official: “I won’t point fingers...but these were not things done by a
periods indicate that they were rented. The level of organization displayed
in the cyber attacks against Estonia and the funding required to coordinate
party, made a brusque remark to a journalist two years after the cyber
warfare, in 2009, stating that one of his staff members had been supposedly
57
“About the cyber attack on Estonia...don’t worry, that attack was carried out
by my assistant. I won’t tell you his name, because then he might not be
able to get visas” (Markov, 2009, as cited in Coalson, 2009). This remark by
p.134).
Russia can still exercise control over its former Soviet nations (Wilson,
2009). The cyber attacks might have been carried out to show that both
NATO and EU would not be able to defend Estonia from the Russians and
that the Russians did not need conventional military operations to inflict
part of the Russian government, the Pro-Putin regime group’s agenda was to
person of such political faith and past would be disposed to lead to purely
political and vengeful acts since he is in a position that could afford him the
means and the power to execute cyber attacks (Singer and Friedman, 2014,
cyber attacked Estonia: “as part of a reaction from civil society” (cited in
Coalson, 2008).
would hardly be the feat of one man, namely the assistant, bearing in mind
the complexity and magnitude of the cyber attacks as reported on the news,
58
which raises questions over the possible involvement of the Russian
Interestingly enough, the person who was convicted was not Konstantin
living in Estonia); he was blamed and arrested for the cyber attacks against
by cyber analyst Jeffery Carr. He and his team of analysts undertook the
Russian government or groups loosely linked to it, carried out the cyber
alone (Project Grey Goose Phase II Report, 2009, as cited in Heickeroe and
based on semantic analysis of hacker blogs where the Grey Goose team
map out the process from preparation to execution: the recruitment and the
Russian hacker forums as the organizers of the attacks and the centres of
31
See glossary.
59
set up within hours of the Russian military operations invading South
Petersburg and is notorious for their illegal cyber activities. Don Jackson,
the director of Threat Intelligence at Secure Works, states that the criminal
group was behind a few of the cyber attacks on Georgia (Markoff, 2008;
stated that he was able to find the actual “copies of the attack script” which
were available under the reader comments section of every story of the
Georgian conflict which was covered by the Russian media. The script had
been verified to the present day, but the certainty that they were involved
Times, 2007, as cited in Ashmore, 2009, p.8). Iasiello (2013) states that if
the Russian government was indeed involved in the cyber operations against
Estonia, then the cyber weaponry was an extended instrument of its foreign
60
policy. Similarly as with the Estonian incident, even though the attacks on
2013, p.31).
warfare against Estonia and Georgia, it certainly benefited from the overall
Chapter Conclusion
lies in the fact that they can be made untraceable, and can disseminate
cyber warfare advances and evolves and cyberspace will in the future
websites were offline, but Georgia as a nation was severed from worldwide
61
online communication. Even though the attacks cannot be directly linked to
evident and warrant careful consideration since the future has cyber
p.31).
whose malware tools were then expertly applied in the Georgian incident
their cyber warfare strategies employing their full potential with debilitating
results. To apply the old proverb: “Wise men learn from their mistakes, but
really wise men learn from the mistakes of others” (cited in Tikk, Kaska and
employed for political means and spread to a nation’s fibre, society with its
civilians one by one potentially ‘infected’ (Tikk, Kaska and Vihul, 2010,
p.32).
they could have been significantly worse. If in the foreseeable future cyber
aggressors and cyber terrorists decide to target a state’s water supply, power
grids, traffic lights, air traffic controls and military weapon systems, there
62
Main Conclusion & Recommendations
warfare illustrations like the Estonian and Georgian case studies. The
research paper has demonstrated that the more former Soviet bloc nations
demonstrations of the new 21st century state of the art weaponry employed
63
soldiers. Their expertise is to subvert, manipulate and disrupt in order to
enmeshed into the Internet as thoroughly as, say, the State of California, the
entities can build stronger defences against the threat of cyber warfare.
processes not only to raise their defences against cyber attacks, but also to
64
large-scale DDoS attacks (Wilson, 2009). In order to evade becoming a prey
organisations are required: to cope with patches 32 and to update their anti-
p.12).
2013).
2013, p.15).
dissertation is that not all of the sources (both primary and secondary) which
were used were in the English-language. The fact that some sources were
32
See glossary.
65
translated from Russian and Estonian could mean that the translation
evidence is available but inaccessible as this thesis only dealt with English
much more evidence is available but has not been translated. Future research
can build on this fact by collaborating with academics that are familiar with
evade future cyber threats. There are practical problems of cyber threats that
These flaws could ease in increasing code execution (the cyber aggressor’s
these problems are giving solid motives for cyber security professionals to
2014, p.268).
66
Appendices
Appendix 1
Appendix 2
Figure 2. Daily Mail (2011) The ultimate geek squad: Estonia trains army of
trains-army-experts-protect-cyber-attacks.html#ixzz3AphbPcMM
67
Appendix 3
Figure 3. Lesniak, J. (2011) Create a Text or Batch file from the Command line in
Windows [Image]
the-command-line-in-windows/d/d-id/1098821?
Appendix 4
[Tables]
a-summary-to-date/
Appendix 5
Figure 4. The Jawa Report (2008) Update: Georgian Government Websites Under
Appendix 6
progress [Image]
68
Available at: http://www.zdnet.com/blog/security/coordinated-russia-vs-georgia-
cyber-attack-in-progress/1670
Glossary
2013, p. 171).
Botnet: “a ‘robot network’ is a large group of infected computers who are under
69
Computer forensics: “Specialism within forensic science that focuses upon the
acquisition of legal evidence derived from computer systems and their associated
disrupts normal operations to such an extent that legitimate users can no longer
DNS (Doman Name System): “...a protocol within the set of standards for how
computers exchange data on the Internet and on many private networks, known as
Executive bat files (Batch files): “A batch file is a text file that contains a
(Webopedia, 2014).
70
Internet: “The publicly accessible network of computers that emerged in the 1970s
and came to span the globe by the late 1990s” (Jewkes and Yar, 2010, p.634).
down and/or to erase all data or software on the network” (Clarke and Knake,
2010, p.287).
Patch: “A software code update. Vendors are security patches to mitigate or fix
connection to it.
websites, to which victims can be directed and where they will unknowingly
SQL (Structured Query Language) injection: “an attack where an invalid SQL
query is sent to a database with malicious executable code attached at the end. The
71
system then fails to execute the invalid query and crashes, leading to the system
executing the malicious executable code” (Shakarian, Shakarian and Ruef, 2013,
p.311).
unauthorized entry into a network or into the software program...” (Clarke and
Trojans/ Trojan Horses: “Malicious software programs which are infiltrated into
p.636).
Virus: “Pieces of computer code that can ‘infect’ computer systems causing
72
Y2K bug (The Millennium bug): “A defect in the code of a computer program
caused when a year is represented by its last two digits only and the program
interprets that year as falling inclusively between 1900 and 1999 instead of
between 2000 and 2099” (The American Heritage Dictionary of the English
Language, 2003).
Bibliography
278.
http://www.foreignpolicy.com/articles/2013/06/10/inside_the_nsa_s_ultra_secret_
china_hacking_group
73
Andress, J., and Winterfield, S. (2011) Cyber Warfare: Techniques, Tactics and
http://www.bdcol.ee/files/files/documents/Research/BSDR2009/1_%20Ashmore
%20-%20Impact%20of%20Alleged%20Russian%20Cyber%20Attacks%20.pdf
http://www.bloomberg.com/video/71431086-fireeye-ceo-says-cybergeddon-is-a-
possiblity.html
Barnard-Wills, D., and Ashenden, D. (2012) ‘Securing Virtual Space: Cyber war,
frontiers/2012/03/20/the-coming-cyberwar-with-iran/
Bodeen, C., Meghani, S., and Robertson, J. (2011) ‘U.S. report blasts China,
http://usatoday30.usatoday.com/news/washington/story/2011-11-03/china-russia-
cybersecurity/51065010/1
http://bosco.foreignpolicy.com/posts/2011/11/16/nato_cybersecurity_center_gets_
a_superpower_boost
Brain, M., and Crawford, S. (2000) ‘How Domain Name Servers Work’, How
http://www.howstuffworks.com/dns.htm
75
Bremer, C. (2008) ‘Nicaragua recognises South Ossetia, Abkhazia’, Reuters, 3
georgia-ossetia-nicaragua-idUSN0330438620080903
Brenner, B. (2007) ‘Black Hat 2007: Estonian attacks were a cyber riot, not
http://searchsecurity.techtarget.com/news/1266728/Black-Hat-2007-Estonian-
attacks-were-a-cyber-riot-not-warfare
British Broadcasting Corporation (2008) Estonia fines man for ‘cyber war’.
76
(Accessed: 1 September 2014).
Bryman, A. (2012) Social research methods. 4th edn: Oxford University Press.
Bumgarner, J., and Borg, S. (2009) ‘Overview by the US-CCU of the Cyber
http://www.registan.net/wp-content/uploads/2009/08/US-CCU-Georgia-Cyber-
Campaign-Overview.pdf
Central Intelligence Agency (2014) ‘The World Factbook’ [Online]. Available at:
https://www.cia.gov/library/publications/the-world-factbook/fields/2098.html
Clarke, R. A., and Knake, R.K. (2010) Cyber War: The Next Threat to National
Coalson, R. (2009) ‘Behind the Estonia Cyberattacks’, Radio Free Europe / Radio
http://www.rferl.org/content/Behind_The_Estonia_Cyberattacks/1505613.html
77
Colarik, A.M. (2006) Cyber Terrorism: Political and Economic Implications.
Science: The State of the Discipline II, Washington, D.C.: The American Political
17/estonia-cyber-superpowerbusinessweek-business-news-stock-market-and-
financial-advice
at: http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm
http://www.internetnews.com/government/article.php/3810011/Lessons+From+the
+RussiaGeorgia+Cyberwar.htm
78
(Accessed: 1 August 2014).
at:http://assembly.coe.int/Main.asp?
link=/Documents/AdoptedText/ta08/ERES1633.htm
Curran, K., Concannon, K., and McKeever, S. (2008) ‘Ten Information Warfare
Trends’, in Janczewski, L., and Colarik, A.M. (eds.) Cyber Warfare and Cyber
http://www.zdnet.com/blog/security/coordinated-russia-vs-georgia-cyber-attack-
in-progress/1670
Davis, J. (2009) ‘Hackers Take Down the Most Wired Country in Europe’, Wired
http://archive.wired.com/politics/security/magazine/15-09/ff_estonia?
currentPage=all
79
(Accessed: 1 August 2014).
military-industrial-complex/article573990/
cyberspace: Information shaping and denial in the 2008 Russia- Georgia war’,
http://www.stealth-iss.com/documents/pdf/CYBERTERRORISM.pdf
Denning, D.E. (2010) ‘Terror’s web: how the Internet is transforming terrorism’,
in Jewkes, Y., and Yar, M. (eds.) Handbook of Internet Crime. Uffculme: Willan,
pp.194-210.
80
EU Russia Forum (2008) ‘The Bilateral Relations of EU Member States with
http://www.heraldofeurope.co.uk/Issues/5/European
%20Affairs/THE_BILATERAL_Relations/THE_BILATERAL_Relations.pdf
2014/malmstrom/pdf/news/internal_security_strategy_in_action_en.pdf
Feakin, T., and Schreer, B. (2014) ‘Australia and “cyberwar”: time for a measured
http://www.aspistrategist.org.au/australia-and-cyberwar-time-for-a-measured-
debate/
Finn, P. (2007) ‘Cyber Assaults on Estonia Typify a New Battle Tactic’, The
81
http://www.washingtonpost.com/wp-
dyn/content/article/2007/05/18/AR2007051802122.html
cybersecurity-attack-idUSTRE7AH2C320111121
information technology is rapidly lowering the barrier between war and peace’.
http://www.agentura.co.uk/text/biblio/view.txt
Franklin, J., Perrig, A., Paxson, V., and Savage, S. (2007) ‘An inquiry into the
Nature and Causes of the Wealth of Internet Miscreants’ [Online]. Available at:
http://www.cs.cmu.edu/~jfrankli/acmccs07/ccs07_franklin_eCrime.pdf
report.pdf
Gellman, B. (2002) ‘U.S. Fears Al Qaeda Cyber Attacks’, Security Focus, 26 June
C., Tyugu, E., and Wingfield, T. (eds.) 3rd International Conference on Cyber
http://www.ccdcoe.org/publications/2011proceedings/InformationTroopsARussian
CyberCommand-Giles.pdf
Goble, P.A. (2009) ‘Defining Victory and Defeat: The Information War between Russia
and Georgia’, in Cornell, S. E., and Starr, F. (eds.) The Guns of August 2008: Russia’s
83
Goddard, W., and Melville, S. (2004) Research Methodology: An Introduction. 2nd
Gorman, S., and Barnes, J.E. (2011) ‘Cyber Combat: Act of War- Pentagon Sets
Stage for U.S. to respond to Computer Sabotage with Military Force’, The Wall
http://online.wsj.com/news/articles/SB10001424052702304563104576355623135
782718
estonia-tech-security08-cx_ag_0514attacks.html
Haddick, R. (2011) ‘This Week at War: Lessons from Cyberwar I: How Russia
http://www.foreignpolicy.com/articles/2011/01/28/this_week_at_war_lessons_fro
m_cyberwar_i
Media/2013/10/09/Estonian-President-Cyber-Expert-Toomas-Hendrik-Ilves-
Addresses-Tufts
Harris, S. (2014) ‘It’s Not Beijing’s Hackers You Should Be Worried About, It’s
http://complex.foreignpolicy.com/posts/2014/04/22/it_s_not_beijing_s_hackers_y
ou_should_be_worried_about_it_s_moscow_s
Heickeroe, R., and Peterson, M. (2012) The Dark Sides of the Internet: On Cyber
http://kingston.eblib.com/patron/FullRecord.aspx?p=1129082
Hersh, S.M. (2010) ‘The Online threat: Should we be worried about a cyber war’,
85
http://www.newyorker.com/reporting/2010/11/01/101101fa_fact_hersh?
currentPage=all
Herzog, S. (2011) ‘Revisiting the Estonian Cyber Attacks: Digital Threats and
http://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1105&context=jss
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/317
481/Cyber_Essentials_Requirements.pdf
content/Hughes.pdf
Huh, T.H., Lee, S., and Chang, W.Y. (2007) ‘Contemporary Information Warfare
and National Strategy: Korea’s Military Cyber Security Issues and Tasks’,
Podins, K., Stinissen, J., and Maybaum, M. (eds.) 5th International Conference on
Cyber Conflict. Tallinn: NATO CCD COE Publications [Online]. Available at:
http://www.ccdcoe.org/publications/2013proceedings/d3r1s3_Iasiello.pdf
Jewkes, Y., and Yar, M. (2010) ‘Glossary’, in Jewkes, Y., and Yar, M. (eds.)
id=_H8lAgAAQBAJ&printsec=frontcover#v=onepage&q&f=false
at: http://www.doubleshotsecurity.com/pdf/NANOG-eesti.pdf
(1), pp.161-177.
Kass, M. (2008) ‘Riots during the Reform Party’s website was attacked by a
http://www.postimees.ee/1751045/rahutuste-ajal-reformierakonna-kodulehte-
runnanud-noormees-sai-trahvi
http://blog.foreignpolicy.com/posts/2008/05/14/estonia_will_host_nato_cybercom
mand
Keating, J. E. (2010) ‘Who was behind the Estonia cyber attacks?’, Foreign
http://wikileaks.foreignpolicy.com/posts/2010/12/07/who_was_behind_the_estoni
a_cyber_attacks
88
Keating, J. E. (2011) ‘WikiLeaks: Putin has a personal gripe with Estonia’,
http://blog.foreignpolicy.com/posts/2011/09/06/wikileaks_putin_has_a_personal_
gripe_with_estonia
Keating, J.E. (2012) ‘Shots Fired: The 10 worst cyberattacks’, Foreign Policy, 27
http://www.foreignpolicy.com/articles/2012/02/24/shots_fired
Knapp, K.J., and Boulton, W.R. (2008) ‘Ten Information Warfare Trends’, in
Janczewski, L., and Colarik, A.M. (eds.) Cyber Warfare and Cyber Terrorism.
Knott, B.A., Mancuso, V.F., Bennett, K., Finomore, V., McNeese, M., McKneely,
89
F4C&printsec=frontcover&dq=research+methods&hl=en&sa=X&ei=ttIAVLXrBd
L07AalpoGYCQ&redir_esc=y#v=onepage&q=research%20methods&f=false
Threat That Never Was’, The Polish Institute of International Affairs, 4 (40), pp.1-
Landler, M., and Markoff, J. (2007) ‘In Estonia, what may be the first war in
http://www.nytimes.com/2007/05/28/business/worldbusiness/28iht-
cyberwar.4.5901141.html?pagewanted=all&_r=0
Landler, M., and Markoff, J. (2007) ‘Digital Fears Emerge After Data Siege in
http://www.nytimes.com/2007/05/29/technology/29estonia.html?
pagewanted=all&_r=0
90
Landman, T. (2006) Studying Human Rights [Online]. Available at:
http://books.google.co.uk/books/about/Studying_Human_Rights.html?
id=6s6YeF5oGAwC
Lesniak, J. (2011) ‘Create a Text or Batch File from the Command Line in
http://www.informationweek.com/create-a-text-or-batch-file-from-the-command-
line-in-windows/d/d-id/1098821?
http://isis-europe.eu/wp-content/uploads/2014/08/ESR_70.pdf
Lewis, J.A. (2002) ‘Assessing the Risks of Cyber Terrorism, Cyber War and Other
http://csis.org/files/media/csis/pubs/021101_risks_of_cyberterror.pdf
91
Lewis, J. A. (2009) ‘The “Korean” Cyber Attacks and Their Implications for
http://csis.org/files/publication/091023_Korean_Cyber_Attacks_and_Their_Implic
ations_for_Cyber_Conflict.pdf
Lewis, J. A. (2009) ‘Cyber War: Sabotaging the system’, CBS News, 6 November
system-06-11-2009/
Press.
Limno, A.N., and Krysanov, M.F. (2003) ‘Information Warfare and Camouflage,
Markoff, J. (2008) ‘Before the Gunfire, Cyberattacks’, The New York Times, 12
adxnnl=1&adxnnlx=1396788307-BZjRA58pi/Bn/Cf11G6Gng&_r=0
Matthews, W. (2008) ‘New Ways of War: Cyber attacks likely in any military
Maurer, T. (2011) ‘The Case for Cyberwarfare: Why the electronic wars of the
future will actually save lives’, Foreign Policy, 19 October [Online]. Available at:
http://www.foreignpolicy.com/articles/2011/10/19/the_case_for_cyberwar
http://www.foreignpolicy.com/articles/2012/09/10/breaking_bad
lang_id=ENG&sec_id=461&info_id=7193&date=2008-08-
08&new_month=08&new_year=2008
93
Morozov, E. (2009) ‘Cyber-Scare: The exaggerated fears over digital warfare’,
http://www.bostonreview.net/us/cyber-scare-evgeny-morozov
http://neteffect.foreignpolicy.com/posts/2009/06/18/notes_from_natos_cyberwarfa
re_conference_in_tallinn
Moses, A. (2008) ‘Georgian websites forced offline in “cyber war”’, The Sydney
http://www.smh.com.au/news/technology/georgian-websites-forced-
offline/2008/08/12/1218306848654.html
http://www.rferl.org/articleprintview/2345202.html
94
Murphy, M. (2010) ‘Cyberwar War in the fifth domain: Are the mouse and
september/Cyber-Threads/EN/index.htm
NATO (1949) NATO - The North Atlantic Treaty [Online]. Available at:
http://www.nato.int/cps/en/natolive/official_texts_17120.htm
http://www.arbornetworks.com/asert/2007/05/estonian-ddos-attacks-a-summary-
to-date/
95
Nicholson, A., Webber, S., Dyer, S., Patel, T., and Janicke, H. (2012) ‘SCADA
Nye, J. (2011) ‘Nuclear lessons for cyber security?’, Strategic Studies Quarterly, 5
(4), pp.18–38.
Infrastructure’, The White House Office of the Press Secretary, 29 May [Online].
securing-our-nations-cyber-infrastructure
id=73&type=98&L=0&tx_ttnews[tt_news]=262&tx_ttnews[backPid]=214&cHash
=4de7396400
96
Portilho-Shrimpton, T. (2008) ‘Battle for South Ossetia fought in cyberspace’, The
http://www.independent.co.uk/news/world/europe/battle-for-south-ossetia-fought-
in-cyberspace-899772.html
20.
Rhoades, C. (2007) ‘Cyber Attack Vexes Estonia, Poses Debate’, The Wall Street
http://online.wsj.com/news/articles/SB117944513189906904
http://www.rockefeller.senate.gov/public/index.cfm/press-releases?ID=71036a37-
e4d0-468c-8cc4-754671488c8f
97
(Accessed: 1 September 2014).
http://searchwindowsserver.techtarget.com/definition/batch-file
http://www.foreignpolicy.com/posts/2011/03/17/where_fukushima_meets_stuxnet
_the_growing_threat_of_cyber_war
at: http://on.rt.com/kedf04
Ruus, K. (2008) ‘Cyber War I: Estonia Attacked from Russia’, European Affairs,
http://www.europeaninstitute.org/2007120267/Winter/Spring-2008/cyber-war-i-
estonia-attacked-from-russia.html
98
Sanger, D. E., Barboza, D., and Perlroth, N. (2013) ‘Chinese Army Unit Is Seen as
Tied To Hacking Against U.S.’, The New York Times, 18 February [Online].
seen-as-tied-to-hacking-against-us.html?pagewanted=all
http://www.cyberdefenseagency.com/publications/Defending_Cyberspace.pdf
https://www.acsac.org/2008/program/keynotes/saydjari.pdf
Scanlon, M., and Kechadi, M.T. (2010) ‘Online Acquisition of Digital Forensic
Springer, pp.122-131.
99
Schott, B. (2009) ‘Cybergeddon: The potentially catastrophic effect of a major
http://schott.blogs.nytimes.com/2009/01/19/cybergeddon/?
_php=true&_type=blogs&_php=true&_type=blogs&_r=1
http://www.secureworks.com/company/press_releases/13627/
https://www.academia.edu/1110559/The_2008_Russian_Cyber_Campaign_Again
st_Georgia
Shakarian, P., Shakarian, J., and Ruef, A. (2013) Introduction to Cyber Warfare:
100
Singer, P.W., and Friedman, A. (2014) Cybersecurity and Cyberwar: What
http://www.jewishpolicycenter.org/4924/russian-cyber-capabilities
Sridhar, S. (2011) Denial of Service attacks and mitigation techniques: Real time
http://www.sans.org/reading-room/whitepapers/detection/denial-service-attacks-
mitigation-techniques-real-time-implementation-detailed-analysi-33764
Stytz, M.R., and Banks, S.B. (2010) ‘Addressing Stimulation Issues Posed by
http://www.scs.org/magazines/2010-07/index_file/Files/Article_Stytz.pdf
101
Szakonyi, D. (2007) ‘The Rise of Economic Nationalism under Globalisation and
the Case of Post-Communist Russia’, The School of Russian and Asian Studies,
http://www.sras.org/economic_nationalism_under_globalization
Taimre, S. (2008) ‘Estonia sends experts to Georgia to help combat cyber attacks’,
http://www.balticbusinessnews.com/?PublicationId=4a7f1bf9-9f26-4066-b219-
2803bdacb11c
The Economist (2010) ‘NATO and Russia- Trust, but make military plans’, The
http://www.economist.com/node/16693761
102
The Security Council of the Russian Federation (2000) ‘Information Security
http://www.scrf.gov.ru/documents/6/5.html
Thomas, T.L. (2004) ‘Russian and Chinese Information Warfare: Theory and
http://www.dtic.mil/dtic/tr/fulltext/u2/a467510.pdf
Tikk, E., Kaska, K., and Vihul, S. (2010) ‘International Cyber Incidents: Legal
http://www.ccdcoe.org/publications/books/legalconsiderations.pdf
http://www.theguardian.com/world/2007/may/17/topstories3.russia
103
(Accessed: 1 August 2014).
Tudor, A. (1989) Monsters and Mad Scientists: A Cultural History of the Horror
UN Data (2006) ‘Internet users per 100 inhabitants’ [Online]. Available at:
http://data.un.org/Data.aspx?d=MDG&f=seriesRowID:605
Valeriano, B., and Maness, R.C. (2014) ‘The dynamics of cyber conflict between
http://jpr.sagepub.com/content/early/2014/03/31/0022343313518940
what-it-really-means/152212
104
Verton, D. (2003) Black Ice: The Invisible Threat of Cyber-Terrorism. U.S.A:
McGraw-Hill/Osborne.
http://www.webopedia.com/TERM/F/Flooding.html
Wentworth, T. (2008) ‘How Russia May Have Attacked Georgia’s Internet’, News
attacked-georgias-internet-88111
http://fas.org/sgp/crs/terror/RL32114.pdf
http://www.darkreading.com/government/cybersecurity/study-of-russia-georgia-
cyber-conflict-brings-warnings-to-us-businesses-citizens/d/d-id/1131759?
https://www.academia.edu/348746/Critical_Realism_and_International_Relations_
Causal_Explanations_for_Liberal_War
Y2K bug (2003) The American Heritage Dictionary of the English Language. 4th
http://www.thefreedictionary.com/Y2K+bug
106