August 24, 2007
In this talk we will discuss what is now referred to as "The first Internet War" where Estonia was under massive online attacks for a period of three weeks, following tensions with the local Russian population. Following a riot in the streets of Tallinn, an online assault began, resulting in a large-scale coordination of the Estonian defenses on both the local and international levels. We will demonstrate what in hind-sight worked for both the attackers and the defenders, as well as what failed. Following the chronological events and technical information, we will explore what impact these attacks had on Estonia's civil infrastructure and daily life, and how they impacted its economy during the attacks. Once we cover that ground, we will evaluate what we have so far discussed and elaborate on lessons learned from Gadi's experience in Estonia and from the post-mortem he wrote for the Estonian CERT (Computer Emergency Response Team). We will conclude our session with case studies on the strategic level that can be deduced from the incident and studied in preparation for future engagements in cyber-space.
Gadi Evron is Security Evangelist for Beyond Security, chief editor of the SecuriTeam portal and recognized globally for his work and leadership in Internet security operations. He is the founder of the Zeroday Emergency Response Team (ZERT), organizes and chairs worldwide conferences, working groups and task forces. He is considered an expert on corporate security and counterespionage, botnets, e-fraud and phishing. Previously, Gadi was CISO at the Israeli government ISP (eGovernment project) and founded the Israeli Government CERT. Gadi authored two books on information security and is a frequent lecturer.