Estonian cyber war
Yes, we said we were clearing out the DDoS dross in the introduction, but what happened to Estonia in 2007 was no ordinary DDoS attack.
Kicking off at 10pm on 26 April, the Baltic state suffered three weeks of DDoS attacks, which completely crippled its IT infrastructure.
The attackers first targeted the website of the ruling Reform Party and, over the course of the first week, went on to take down the sites of most other political parties, the official site of the Estonian Parliament and other government entities.
In the second week, the attack spread to the websites of Estonian news outlets, universities, schools and businesses.
But it was in the third week that the real hammer blow fell. At the stroke of midnight, Moscow time, on 9 May a huge torrent of traffic - peaking at over 4 million data packets per second - slammed into Estonia's banking infrastructure. This was a critical attack for a country that had pioneered online banking and where, at the time, around 97 percent of all banking transactions took place online.
Within 24 hours Hansapank, the country's largest bank, took the drastic step of shutting off all its internet-based operations. This not only disrupted online transactions, but also severed the connection between the bank and its cash machines, rendering them inoperable.
Perhaps worse, Estonians outside of the country suddenly found their debit cards wouldn't work, as the bank's actions cut it off from the rest of the world.
The attacks eventually subsided on 19 May.
Only one person has ever been charged in relation to what has since been termed the first cyber war, a 20-year-old ethnic Russian Estonian called Dmitri Galushkevich, who was fined 7,500 kroons (approximately US$1,640).
However, it's suspected that all the perpetrators were either Russians or ethnic Russian Estonians, partly because security experts subsequently found chats and threads about the attack on Russian-language forums, partly because a significant amount of traffic from the first wave of the attack was traced to Russia, and partly because of timing.
The attack followed two days of rioting in the Estonian capital Tallinn over the relocation of a bronze war memorial dating from the Soviet era. Perhaps even more damningly, the third wave of the attack commenced on the Russian equivalent of VE Day.
Of all the lessons learnt from the Estonian cyber assault - and there were many - probably the most important was the need to put as much effort and money into protecting a country's online systems as building them up.
Estonia had earned the reputation of being "the most wired country in Europe" at the time of the attacks, with the country pouring vast amounts of money into growing its digital economy, but little into cyber defences. It was this, rather than dependence on online systems per se, that was the country's downfall when the botnets came knocking.
Next: hackers crash Bitcoin
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
