Cyberwars Redux
There’s already a new chapter in the story of the alleged confession that Russia was behind the cyber attacks on Estonia in 2007. (See http://www.chaosprg.com/blog/2009/03/the-coming-cyberwars/) for previous discussion. In that post I discussed the (improbable, I thought) claim of a Russian official that his assistant had started the attacks for purely patriotic reasons. Now there’s a new story that the previously unnamed assistant has come forward and said it’s true, and added some fascinating details.
In an article by Charles Clover in the Financial Times (Kremlin-backed group behind Estonia cyber blitz), the assistant in question, a Mr. Konstantin Goloskokov, is quoted as claiming not only that he started the attacks but – and this is the really interesting part – that he enlisted members of a group called Nashe to carry them out. He insists that the decision to do this was spontaneous, not something prompted by orders from the Russian government and that there was nothing illegal about it. It wasn’t a denial of service attack, it was just more service requests than the Estonian servers could handle. The article does not say if he used air quotes or an “end sarcasm” tag when explaining this.
Nashe is described in an article at heise online (Russian youth movement claims to have carried out cyber attacks on Estonia) as “a largely defunct Nashe (“Ours”) Russian youth movement.” It is said to have been founded in 2005 as an arm of Vladimir Putin’s United Russia party but, after people began to worry that it was “too nationalistic” funding dried up. Whether this means they have ceased operations or simply gone underground may be a very important question in the future.
Heise online had a link to Nashe’s home page, so I took a look to see if I could find out about their perfectly legal righteous cyber request submitting members. I thought maybe there was a training program or something. I ran in to some slight difficulty with the Russian language, however. After most of a year of intense study, I can understand almost 6 words of Russian on a good day but only if spoken. My command of the alphabet is not quite that good (That’s a true story btw). So I ran Nashe’s home page (http://www.nashi.su/) and a couple other pages on the site through Google’s language tools to see if I could find out something about this organization.
Some tidbits:
- Nashe means “our” or possibly “ours.” The title of the entire website as it shows in the upper border of the browser (after translation) says “Youth anti-democratic movement of our.” Anti-democratic sounds very ominous but I suppose that could be a quirk of translation.
- From the DMD page: “The crime rate in the youth and teen media continues to grow. … The project «Voluntary youth militia» designed and effectively implemented with the support of law enforcement agencies in 13 regions of Russia, a program of safety on city streets.” A lot of the stuff on this website reads like perfectly reasonable and basically meaningless boilerplate – mere PR about how wonderful the organization is and how they are going to improve everything about society. It’s not even very good PR.
- Another page, Staffing for the modernization of the country, mentions training students in technology and science in order to help modernization of the country. Nothing objectionable there but could this be where the pool of computer-skilled perfectly legal request senders came from? From the web pages I saw, there is nothing to imply that the students know anything about computers, the Internet or much of anything else. But they really really want to make Russia even better!
While this is interesting enough, it doesn’t answer any of the really interesting questions, starting with: Was Mr. Goloskokov telling the truth about using members of Nashe to set up the DoS conditions against Estonia?
If Nashe really was involved, where are the little hacker-children now? More importantly, if you were a quasi-official arm of government with access to highly patriotic people capable of shutting down the networks of an entire country (albeit a small one), would you just forget about them when the funding was cut? Or would you keep in touch, just in case you needed them again?
More importantly, is it believable that this youth organization just happened to have a bunch of people with those skills who just happened to spontaneously use them? With hacker-types, it is, in fact, possible. Organized or semi-organized hacktivism is a very attractive force to some. On the other hand, it’s possible that this Nashe organization was used by some elements as a cover for recruiting people to more interesting pursuits than anything listed on the School of Entrepreneurship page or the page describing the imperative of military service.
There are allegations of less savory things in Nashe’s history than shows on any of their web pages, too. See Kremlin Kids: We Launched the Estonian Cyber War and especially Nashi Youth Leader Reveals Existence of Kremlin-financed Spy Program. More and more the stories contradict the bland nature of the informaiton on the web site. And it seems strange that the kind of mind that would invent an organization like this would simply let it disappear. It also seems more and more likely that if they did anything without direct orders, it was because they had standing orders to engage in such behavior.
Maybe I’m too paranoid. The truth is though, that as the story stands it is, at best, incomplete and very unlikely. What does seem likely is that the youthful Russian students of perfectly legal cyberwar will be heard from again.
linkedin
Technorati Favorites