Date: Tue, 20 May 2008 09:27:01 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org.>
To: [email protected]Subject: An account of the Estonian Internet War
Message-ID: <Pine.LNX.4.62.0805200855440.22643@linuxbox.org.>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.7.5 (linuxbox.org [127.0.0.1]); Tue, 20 May 2008 09:27:05 -0500 (CDT)
X-Virus-Scanned: antivirus-gw at tyumen.ru
About a year ago after coming back from Estonia I promised I'd send in an
account of the Estonian "war". The postmortem analysis and recommendations
I later wrote for the Estonian CERT are not yet public.
A few months ago I wrote an article for the Georgetown Journal of
International Affairs, covering the story of what happened there, in
depth. The journal owns the copyright so I had no way of sending that
along either. I wasn't about to email saying "go buy a copy".
Mostly silly articles kept popping up with misguided to wrong information
about what happened in Estonia, and when an Estonian student was arrested
for participating, some in our community even jumped up to say "it was
just some student". Ridiculous.
This is the "war" that made politicians aware of cyber security and entire
countries scared, NATO to "respond" and the US to send in "help".
It deserved a better understanding for that alone, whatever actually
happened there.
I was there to help, but I just deliver the account. The heroes of the
story are the Estonian ISP and banking security professionals and the
CERT (Hillar Aarelaid and Aivar Jaakson).
Apparently the Journal made my article available in PDF form by a third
party:
Battling Botnets and Online Mobs
Estonia's Defense Efforts during the Internet War
URL: http://www.ciaonet.org/journals/gjia/v9i1/0000699.pdf
It is not technical, I hope you find it useful.
Gadi Evron.