Earlier this month, the country of Estonia experienced a large-scale and devasting cyber attack. This is important because it demonstrates how effective a large-scale attack can be in shutting down an entire country. It also may be an example of one country attacking another through cyber channels, or it may represent an organized effort within one country doing the attack. What would happen to North American networks should they be attacked in such a way?
Estonian Attacks Raise Concern Over Cyber ‘Nuclear Winter’ — Estonia — InformationWeek
The cyberattacks against Estonia, mainly in the form of Distributed Denial of Service (DDoS) attacks, primarily targeted the Estonian government, banking, media, and police sites. “Private sector banking and online media were also heavily targeted and the attacks affected the functioning of the rest of the network infrastructure in Estonia,” the European Network and Information Security Agency, or ENISA, reported Thursday on its Web site. As a result, the targeted sites were inaccessible outside of Estonia for extended periods in order to subdue the attacks and to maintain services within the country.
…
A major hurdle that nations face in defending their critical infrastructures is working with the entities that actually own their countries’ telecommunications networks, electrical grids, and transportation systems. This is a major issue in the United States, given that the private sector owns more than 85% of the critical infrastructure and doesn’t take kindly to government demands that shareholder money be invested in protection rather than expansion.
The US government is now helping out with the investigation into what happened. Their motivation is to learn about how they might defend against similar attacks:
http://www.networkworld.com/news/2007/070307-after-attacks-us-government-sending.html
Here is another follow-up article. Investigators and finding out more about the attacks and it appears that they were probably akin to mob unrest, rather than a coordinated action by a state or group.
Three months after May’s “information warfare” attacks on Estonia, computer security experts continue to scrutinize the event for clues to the future of digital conflicts.
Israeli security expert Gadi Evron, who helped the Estonians with their response, argued here at Chaos Communication Camp, following similar speeches at other recent gatherings, that the attacks were far more akin to a “cyber-riot” than to actual warfare.
http://blog.wired.com/27bstroke6/2007/08/stonias-lesson-.html