Cyber warfare refers to a massively coordinated digital assault on a government by another, or by large groups of citizens.
Estonia was subject to this kind of attack in 2006. The conflict apparently stemmed from a decision by the Estonian government to move a Soviet-era monument to another location, an action resented and protested against by many of the country's ethnic Russian citizens. Although the conflict had seemingly been resolved by mid-April, Estonia internet security experts were still wary about a cyber-assault.
How the Estonian Cyber-Attack was Carried Out
Cyber-attacks started on the Estonian systems on April 26, 2006 with data-flooding attacks on key government websites, especially those of the President, Prime Minister and Parliament. These included a flood of data which shut down the Parliamentary email system, as well as hackers breaking into the website of Estonia's Reform Party where a fake letter of apology from the Prime Minister was posted.
The culmination of the cyber-attacks, however, were massive, coordinated Distributed Denial of Service (DDoS) attacks on key government, financial and media sites with the most serious assault on May 9 (coincidentally, "Victory Day" – a major holiday for the Russians which celebrates their victory over Nazi Germany).
The attacks involved an estimated one million botnet "zombie" computers coming from places as far away as the United States and Asia, which cascaded data on to Estonian websites at a fantastic rate. The attacks were supposedly planned online and attackers coordinated through Russian-language chat groups and forums.
Moreover, the May 9-10 assault involved a 'network' of botnets. Many of these 'guns for hire' or botnet operators who 'rented out' their zombie networks to whoever was behind the cyber-assault for a specific number of hours. At the end of ten hours, the data cascade tapered off and the attacks returned to pre-May 9 levels. The involvement of hired operators indicated the level of financial resources behind the attackers, which, in turn, has led many to believe that this was a government-sanctioned attack.
Many news organizations believed that what happened to Estonia was the first instance of cyber-warfare against a specific government. Russia was suspected as the instigator of the digital assault, a charge the Russian government denied, but there was no reliable evidence to prove this.
Internet security experts are divided on the issue, many pointing out that such DDoS attacks had happened before, seemingly triggered by political or other events. The latest such incident involved a DDoS attack on US servers from what appeared to be Korean computers after a South Korean contestant to the 2002 Winter Games in Salt Lake City was disqualified.
The cyber-attack against Estonia could have been orchestrated by private individuals sympathetic to the Russian government or ethnic Russian citizens in Estonia, although the obviously large financial resource made available for the May 9-10 DDoS attacks places this in some doubt.
Whoever initiated the attack against Estonia, experts agree that it was a "cyber-war " because of the amount of resources and coordination that was put into the attack.