IT Compliance and Controls

Converging Business, Information, and Controls

IT Compliance and Controls header image 2

Hackers attack Georgia

August 13th, 2008 · No Comments

In the Wall Street Journal and on several online resources there is documented evidence that an information attack was launched against the country of Georgia and its government systems.  This attack coincided with the Russian offensive.  The implications of this attack are tremendous and shift the theory beyond information cyberwarfare to practical lessons.  A few specifics that are known:

  • The attacks are specifically Denial of Service on the public government websites
  • Government databases are being breached and data is being stolen / destroyed
  • The sources of the attacks are hard to lock-down, but are believed to orginate within Russia

The response and possible lessons:

  • Critical information sites should be resilient to Denial Service Attacks – Grid and Distributed hosting solutions would help
  • International assistance (Estonia, private firms, U.s., and others) is necessary to help diagnose and develop plans of remediation – it is nearly impossible to figure out how one is being attacked if the computers are inoperable and the network pipelines are bogged down.

I am certain more lessons will emerge as this story matures (as this is only a few days in the making thus far).  Other comments and perspectives are welcomed!

Best,

James DeLuccia IV

Executive and managers please join me in New York City at the CSO Executive Seminar Series on PCI Compliance & Application Security this September 10th!

Additional References are here, here, and here.

Tags: Incident Response Capability · Monitoring and Performance Reviews · Operations Resiliency · Risk Awareness · Security and Assurance · Sustain Operations

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment