Georgian President's Web Site Attacked
The politically oriented DDoS attack seems to have originated from Russian hackers, according to a volunteer security watchdog organization.
The Web site of President Mikhail Saakashvili of Georgia was inaccessible on Sunday as a result of a distributed denial-of-service (DDoS) attack, according to the Shadowserver Foundation, a volunteer security watchdog organization.
Tensions between Georgia and Russia have been running high in recent years. Abkhazia, a region of Georgia, has been seeking recognition as an independent republic, a goal Georgia rejects and Russia supports.
Echoing the more serious politically oriented DDoS attack conducted against Estonian government sites last summer, Shadowserver's Steven Adair said it appeared that Russian hackers were behind the attack.
"Recent DDoS attacks against various other neighbors of Russia, [such as Estonia], have been quite popular in the last few years," he said in an online post. "We do not have any solid proof that the people behind this [Command & Control] server are Russian. However, the HTTP-based botnet C&C server is a MachBot controller, which is a tool that is frequently used by Russian bot herders. On top of that the domain involved with this C&C server has seemingly bogus registration information but does tie back to Russia."
"This attack appears to have a political motivation," said Jose Nazario, CTO of Arbor Networks, in a blog post.
Attacks with apparent political motivations are now fairly common. In late June, some 300 Web sites associated with the government of Lithuania were defaced with pro-Russian slogans. In March, supporters of Tibetan protesters were targeted with malware. In April, CNN was threatened with a DDoS attack for its coverage of unrest in Tibet.
As of Monday afternoon on the West Coast, President Saakashvili's Web site appeared to be functioning normally.
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022