Russia 'not behind attacks' on Estonia

The biggest news in Estonia this week may be the visit of the England football team. But last month, screaming headlines claimed the Baltic state was under attack from cybercriminals at the behest of Russia. Behind the headlines, the story was rather different


From alleged poisonings to organised crime, Russia has been getting a lot of bad press lately. But this time the country - or at least, the government - may be in the clear.

The string of crippling distributed denial of service (DDOS) attacks against Estonia did not appear to be a coordinated attack by one entity within Russia, according to Jose Nazario, senior security engineer with Arbor Networks.

Estonia, a former satellite of the Soviet Union with a population of 1.3m, came under intense electronic attacks around 27 April, jamming up commercial and government websites. The attacks came as Estonia moved a World War II memorial of a statue of a Soviet soldier, igniting fierce protests.

Although Russia was quickly accused, Russian government officials denied involvement. Difficulties in tracing the source of the DDOS attacks left more suspicions than facts.

But further analysis throws doubt on whether a single agency alone was involved, given that the attacks came from computers around the world, Nazario wrote in a commentary on the attacks.

While it is possible to spoof the origin of a DDOS attack, "none of the sources we have analysed from around the world show a clear line from Moscow to Tallin", Estonia's capital, Nazario wrote.

But although the Russian government may have not been the single source, there is evidence that a number of Russian-speaking computer gurus may have joined in.

Several Russian-language web forums have information and scripts that would allow others to rig their computers to join in a DDOS attack, which involves sending massive streams of data to a website, causing it to crash. The scripts would cause a computer to send data to a website.

"We see signs of Russian nationalism at work here, but no Russian government connection," Nazario wrote.

This week has been fairly quiet, said Hillar Aarelaid, chief security officer for Estonia's Computer Emergency Response Team.

"We have seen some attacks, but they are quite easy to handle," Aarelaid said, adding that the DDOS attacks remain under investigation.

"Recommended For You"

Russian cyber-militia blamed for knocking Kyrgyzstan offline Spammers prepare new anti-Georgia botnet onslaught