[only half OT] A socio-psychological analysis of the first internet war (Estonia)

Gadi Evron ge at linuxbox.org
Wed Apr 28 22:50:57 CDT 2010


In the past year I have been working in collaboration with psychologists 
Robert Cialdini and Rosanna Guadagno on a paper analyzing some of what I 
saw from the social perspective in Estonia, when I wrote the post-mortem 
analysis for the 2007 attacks, but didn't understand at the time.

Aside to botnets and and flood-based attacks, many of the attacks were 
"live mobs", or an "online riot" if you like, where individuals simply 
sent pings toward Estonian addresses. While it doesn't seem like pings 
would cause so much damage -- en masse they certainly did. Then of 
course, there is also the psychological aspect...

... When everyone and their grandmother attacked with pings, spammers, 
professionals and others who know what they are doing then got involved, 
attacking using more sophisticated tools.

We analyze how the Russian-speaking population online was manipulated to 
attack Estonia (and Georgia) in the "cyber war" incidents, and how it 
could happen again (regardless of if any actor is behind it).

The psychological aspect of this is indeed off-topic to NANOG, but the 
attack is analogous to network peak usages with user interest in 
high-bandwidth content, and how large networks prepare for such peaks.

This is about the DDoS attacks, and how a human DDoS has been and can be 
initiated again. It also under-scores the power of individual activism 
on the internet, and how it can also be abused.

I hope some here would find the research useful for their own interest, 
if nothing else. Otherwise, sorry for wasting your bandwidth and thanks 
for your time.

Article on El Reg:

Paper (for download with pay :( ):

Thanks, and any comments appreciated. If on psychology, please do it 
off-list, though.


Gadi Evron,
ge at linuxbox.org.

Blog: http://gevron.livejournal.com/

More information about the NANOG mailing list