Cyberwar, Economic Espionage, and Advanced Persistent Threats
August 2008 — Russian military forces move into Georgia, citing requests for help from ethnic Russian communities in Georgian breakaway regions of South Ossetia and elsewhere. At the same time, DDOS attacks orchestrated out of Russia blocked access to Georgian government web sites. I don't know everyone's feeling on this, but if armored vehicles are rolling down the street in front of my home, and I see combat aircraft overhead and hear incoming artillery rounds, my inability to look at the Georgian equivalent of whitehouse.gov is going to be of relatively little concern...
This seemed to be another case of "Russian patriotic citizens rise up" and do the attack on their own, where the government does not direct them but neither does it stop them or even disapprove. Wired.com described how a Russian coder took credit for hacking Georgian sites including www.parliament.ge, the Georgian parliament's site.
Also see "Russian Hacker Forums Fueled Georgia Cyber Attacks", Washington Post, 16 Nov 2008.
October-November 2008 — Major news organizations started seriously questioning the accepted view of the military action is nothing but Russian aggression and Georgian self-defense, as Georgian targeting of civilians and other details come to light. See these reports:
See the "Russian Cyberwar on Georgia" report for lots of details on the military action, the Internet attacks, and the coverage: http://hostexploit.com/
September 2009 — Aviation Week and Space Technology ran an article (14 Sep 14 2009 pp 54-55) titled: "Cyberwar is Official" and subtitled: "Network attack, digital time bombs and information exploitation are now combat standards", quoting an analysis from the U.S. Cyber Consequences Unit (US-CCU), "only parts of which are available to the public". The article describes US-CCU as "an independent organization that does cyber-forensics and analysis for private organizations and government, including the National Security Agency and CIA." It's a non-profit research group with some affiliation to the Tufts University law school, the domain is registered to a guy in Vermont with an AOL e-mail address:
% whois usccu.us Domain Name: USCCU.US Domain ID: D7129910-US [....] Registrar URL (registration services): whois.schlund.de Domain Status: ok Registrant ID: SPAG-33246501 Registrant Name: Scott Borg Registrant Address1: PO BOX 1390 Registrant City: NORWICH Registrant State/Province: VT Registrant Postal Code: 05055 Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.8026493849 Registrant Email: email@example.com