Last week's
mass defacement of over 300 Lithuanian sites hosted on the same ISP, an upcoming attack that was largely anticipated due to the on purposely escalated online tensions out of Lithuan's accepted legislation banning communist symbols across the counry, once again demonstrates information warfare building capabilities in action.
Moreover, the attack is again relying on common prerequisites for a successful information warfare campaign, used in the
Russia vs Estonia cyberattack last year. These very same
Internet PSYOPS tactics ensure the success of the information warfare as a whole :
- start publicly justifying upcoming attacks based on nationalism sentiments, which in a bandwidth empowered (botnets) collectivist society ensures a decent degree of cyber mobilization. In Lithuania's case, the discussions across web forums were on purposely escalated to the point where "if you don't take action, you're not loyal to your country"
- the media as the battleground for winning the hearts and minds of the bandwidth empowered botnet masters, and position the insult against loyal nationalists next to the daily basis, thereby putting the nationalists in a "stand by" mode prompting them to take actions and to break even. In Estonia's case for instance, news broadcasts of the riots on the streets were on purposely broadcast as often as possible, mostly emphasizing on the nationalist sentiments within the crowds
- prioritizing the attack targets, distributing the targets list and ensuring the coordination in terms of the exact time and data for the attacks to take place is something that didn't happen in the public domain for the mass defacement of Lithuanian sites, the way it happened in the Estonia attack
- utilizing a
people's information warfare tactic known as the malicious culture of participation, when everyone's consciously contributing bandwidth to be used/abused by those coordinating the attacks
Also, it's important to point out that by the time they announced their ambitions to attack Lithuania and other countries such as Latvia, Ukraine, and again Estonian sites, they literally put these countries in a "stay tune" mode.
Here's a translated statement :
"
All the hackers of the country have decided to unite, to counter the impudent actions of Western superpowers. We are fed up with NATO's encroachment on our motherland, we have had enough of Ukrainian politicians who have forgotten their nation and only think about their own interests. And we are fed up with Estonian government institutions that blatantly re-write history and support fascism," says the appeal that is being circulated on Russian Internet forums."
But why would they signal their intentions, compared to keeping them quiet and attack Lithuania surprisingly? Another relevant use of
PSYOPS, namely the biased exclusiveness and keeping a non-existent status bar for the upcoming attacks. And since they can launch a coordinated attack at the country at any time without warning about it, this warning was aiming to cause confusion prompting country officials to make public statements that could later on be analyzed and a better attack strategy formed on the basis of what they said they've done to ensure the attacks don't succeed.
If they did launch DDoS attacks compared to
defacing over 300 sites hosted on a single ISP, and had warned about the upcoming attacks about a week earlier, successfully shutting down the country's Internet infrastructure would have achieved a double effect, since they did warn them about the attacks, and despite that they countries couldn't prepate to fight back even though fighting back was futile right from the very beginning.
At least, that's the level of confidence they've build into capabilities.
Related posts:Right Wing Israeli Hackers Deface Hamas's SiteMonetizing Web Site DefacementsPro-Serbian Hacktivists Attacking Albanian Web SitesThe Rise of Kosovo Defacement GroupsA Commercial Web Site Defacement ToolPhishing Tactics EvolvingWeb Site Defacement Groups Going PhishingHacktivism TensionsHacktivism Tensions - Israel vs Palestine CyberwarsMass Defacement by Turkish HacktivistsOverperforming Turkish Hacktivists
It's been two months since I analyzed the proprietary email and personal information harvesting tool targeting major career web sites - "Major career web sites hit by spammers attack", received comments from Seek.com.au and Careerbuilder.com, communicated all the actionable intelligence in terms of the bogus accounts used and the related IPs to the career web sites that bothered to show interest in the attack, to come across a ghost story today - Jobsite hack used to market identity harvesting services :
