Text size

Spacing

Contrast
Settings

 

Information about cyber attacks in Georgia, sent by CERT Estonia experts from Georgia.

CERT activity

CERT Georgia is part of the GRENA, Georgian Research and Educational Networking Association, so it is basically typical university CERT. During the attacks that started on the 8th of August, the CERT Georgia started to function as national CERT and coordinated attack mitigation. CERT France and CERT Poland helped them in attack mitigation by off-loading communication and abuse notification. At the moment there are two CERT Estonia experts in Georgia, assisting the locals.

Banking

The Central bank of Georgia has ordered all banks to stop offering electronic services, this order is still effective.

Georgia’s biggest bank TBC was under attack starting from early morning of the 9th of August. According to the system administrator of the bank, they made some configuration changes and are quite sure, that they can survive when they go back on-line.

Internet Service providers

According to Caucasus, Internet connection problems caused by redirecting traffic may have affected smaller Internet providers, also routing problems may have escalated because of the physical disconnections (cable runs through the zone of war activity). Additional information suggests that the problems with routing were a little bit more complicated than it was visible from inside country.

Caucasus is building the direct link to the West-Europe, the fiber-optic cable through the Black Sea has almost completely been installed.

The router of Internet Service provider UTG was unavailable and incapable of providing service. At the moment the service is up again.

Right now Internet is functioning quite well, the mobile network still has some issues.

Most of the sites under attack have been temporarily moved to the other locations outside of the Georgia. Some examples: news site Interpress (http://www.interpress.ge) has been moved to hosting company Servage, Tulip is hosting Ministry of Defence (http://www.mod.gov.ge) and presidents site (http://www.president.gov.ge). News portal Civil (http://www.civil.ge) and Ministry of Foreign Affairs (http://www.mfa.gov.ge) are hosted in Estonia.

Affected sites

Among others were affected by DDoS:
www.president.gov.ge
www.government.gov.ge
www.parliament.ge
www.abkhazia.gov.ge
www.mfa.gov.ge
www.mod.gov.ge
www.mes.gov.ge
www.naec.gov.ge
www.interpressnews.ge
www.forum.ge
www.civil.ge
www.presa.ge
www.apsny.ge
www.rustavi2.com

Among others were defaced:
www.day.az
www.today.az
www.ans.az

Topic: CERT

Added 14.08.2008

Back to page "News"