March 24, 2009 - 7:28am
The Register reported the conclusions made by the Greylogic that suggest there is some circumstantial evidence proving the involvement of the Russian authorities into the cyber attacks on Georgia which coincided with a ground war between the two countries in July and August last year.
Researchers from Greylogic draw a conclusion that it was Russia's Foreign Military Intelligence agency (the GRU) and Federal Security Service (the FSB), rather than patriotic hackers, who stood behind the scenes while coordinating and organizing the attacks.
According to the Greylogic’s findings the Stopgeorgia.ru forum, which was the nucleus for attacks of key Georgian websites last year, uses an ISP located a few doors down from GRU headquarters. The researchers suppose that the government used this site to attack Georgia under the mask of cyber crime. The StopGeorgia.ru forum was included into the bulletproofed network that relied on shell companies and false WHOIS data to (a) prevent its closure through Terms of Service violations, and (b) to conceal the involvement of the Russian FSB/GRU. It imitates the structure of the Russian Business Network, a cyber criminal enterprise, and creates plausible deniability that it is a Kremlin-funded Information Operation.
Greylogic's study concludes: "The available evidence supports a strong likelihood of GRU/FSB planning and direction at a high level while relying on Nashi intermediaries and the phenomenon of crowdsourcing to obfuscate their involvement and implement their strategy."
"Nashi" (translation: “Youth Democratic Anti-Fascist Movement Ours!") is a youth group in Russia founded four years ago to counter anti-Russian and fascist tendencies in the country. The group is supposedly funded by Russian businessmen, but a pipeline from the Kremlin is suspected.
Researchers from Greylogic draw a conclusion that it was Russia's Foreign Military Intelligence agency (the GRU) and Federal Security Service (the FSB), rather than patriotic hackers, who stood behind the scenes while coordinating and organizing the attacks.
According to the Greylogic’s findings the Stopgeorgia.ru forum, which was the nucleus for attacks of key Georgian websites last year, uses an ISP located a few doors down from GRU headquarters. The researchers suppose that the government used this site to attack Georgia under the mask of cyber crime. The StopGeorgia.ru forum was included into the bulletproofed network that relied on shell companies and false WHOIS data to (a) prevent its closure through Terms of Service violations, and (b) to conceal the involvement of the Russian FSB/GRU. It imitates the structure of the Russian Business Network, a cyber criminal enterprise, and creates plausible deniability that it is a Kremlin-funded Information Operation.
Greylogic's study concludes: "The available evidence supports a strong likelihood of GRU/FSB planning and direction at a high level while relying on Nashi intermediaries and the phenomenon of crowdsourcing to obfuscate their involvement and implement their strategy."
"Nashi" (translation: “Youth Democratic Anti-Fascist Movement Ours!") is a youth group in Russia founded four years ago to counter anti-Russian and fascist tendencies in the country. The group is supposedly funded by Russian businessmen, but a pipeline from the Kremlin is suspected.