The so-called "Estonian cyberwar" was a large-scale DDOS attack against the Baltic nation of Estonia, allegedly by Russia, that caused some drama from late April to mid-May of 2007. Though said at the time to have been the most sophisticated cyberattack evar, this claim may have been the overexcited puffery of tech writers, who for a few crazy weeks actually fancied themselves to be 'war correspondents' like their colleagues in Iraq. Silly nerds...!
Though small, Estonia is said to be one of the most wired nations in the world, tech-integrated to the point that it's government is described as 'paperless'. Citizens use the intertubes for all kinds of shit other than porn (!), including shopping, banking, paying their taxes and even voting. In retrospect, some cynics might conclude that by becoming so dependent on the net for their daily lives, they were only begging for trouble...
Background: it was over a fucking statue
Until they gained independence in 1991, when the Soviet Union finally collapsed under the relentless prodding of the United States, Estonia was totally owned by Russia. As such, a not-insignificant portion of Estonians are of Russian descent, and like Mexicans in the U.S., some reject the language and culture of their host country. Their lingering feelings of butthurt were inflamed over the proposed relocation of a Soviet-era WWII memorial in the capital city of Tallinn called the Bronze Soldier and some dead soldiers buried there.
Considered by native Estonians to be a symbol of Russian occupation and repression, the Bronze Soldier was never especially popular; the earliest incarnation of the memorial was blown up in the 1940s by two lulzy Estonian loli (one was sent to the gulag for this win). Ongoing offense was stoked in the present day by yearly services at the memorial in which Russian-speaking Estonians would drink, sing and parade ye olde hammer-and-sickle flag and other hated symbols of the former Occupation; of late, these services had attracted Estonian counter-trolling, and Parliament debated relocating the monument to a less central location to keep the peace.
Fire, meet Gasoline!
Against the already-tense backdrop of vigils by young Russians (now clad in old Soviet army uniforms), newly-elected Prime Minister Andrus Ansip began to exercise his mandate of moving the memorial. While discussing ongoing research into the origins of the Red Army soldiers buried there, Ansip mentioned in passing some of the urban legends concerning them- namely, that they were executed for looting or were drunk and got their asses run over by a tank. The Russian press (aka 'the publishing arm of the Kremlin/Russian mob', amirite?) sensationalized the living shit out of his remarks with headlines like 'ESTONIAN PRIME MINISTER: DRUNKEN LOOTERS ARE BURIED UNDER THE BRONZE SOLDIER MONUMENT' which could hardly have escaped the notice of Russophone Estonians.
In short, the table was laid. Soup was served mere days later, when the memorial was closed to the public. Mobs fueled with stolen alcohol began Juggalo-like rioting, looting and vandalism rampages all over Tallinn, with well over 1000 arrests in a few nights. The cyberattacks began simultaneously. Coincidence? I think not, comrade...
Hacked to pieces
The 404nication of the Estonian tubes began with assaults on government websites, pretty much all of them except the ministries of Culture and Agriculture would be hit in the next few weeks. Initially, junk mail, access attacks, and waves of SYN and ping-flooding were directed at their targets in Parliament, Finance, police, etc. These would spread to schools and certain Estonian media outlets who had urged citizens to send picture of looters to the police.
Up until this point, this was all just an annoying cyber-riot, a seemingly uncoordinated reflection of what was going on in the streets of Tallinn. But as the government began regaining control of the situation by rejecting traffic from .ru domains, the insurgents stepped up their game and launched a rented botnet lollercaust.
These were attacks that really brought the butthurt, over a hundred of them. An estimated one million zombie computers from countries as far-flung as the US, Vietnam, China, Egypt, and Peru increased traffic thru Estonian routers to thousands of times normal capacity. Parliament's e-mail server would go down for four days total, the longest stretch being 12 hours.
May 9th, the day Russia celebrates victory over Hitler's Third Reich brought the worst attacks from patriotic Russian hackers. The 10 largest assaults blasted streams of 90 megabits of data a second at Estonia’s networks, lasting up to 10 hours each. This data load roughly equals you downloading the Meatspin.gif about 600 times a second or something (which would make you an enormous faggot, so please don't).
The private sector also got their meat spun; SEB Eesti Uhisbank and Hansabank (Estonia's largest) had to stop doing online business, with losses of at least $1 million for the latter. At one point, Internet providers were forced to disconnect all customers for 20 seconds to restart their systems. Attempts were also made on mobile phone networks, but apparently failed, though one public telephone exchange was briefly butt-plundered.
In addition to hot zombie-on-server DDOS action, website defacements also figured in the attack. Despite the 'dour Russian' stereotype, some were fairly lulzy, for Russians anyway; the ruling Reform Party's website was remade with a 'letter of apology' for moving the Bronze Soldier and the Prime Minister's pic given a funny little mustache. Others displayed Habbo-esque touches by quoting Martin Luther King on the necessity of resisting 'evil'. And Russian soldier pics were the order of the day, popping up all over the place.
Some Estonian counterattacks attempted to put the hurt on Vladimir Putin's website and Russian media outlets responsible for Bronze Soldier propaganda, but without the resources of their attackers, these pretty much belong in the fail column. Estonians fared better in toasty flame wars that sprung up on various forums, largely because Russian posters had naught but Godwin's Law rants or TL;DR arguments to defend their opportunistic real-life counterparts in the streets, who clearly prized chilled vodka and hot threads over lukewarm concepts like 'human rights'.
Though the Estonian Foreign Minister would accuse the Kremlin of the DOS, various government officials would back away from the statement, and months later admit they no proof whatsoever of government involvement, direct or otherwise. Russia acted very offended over this and began unscheduled 'railroad maintainence' that slowed supplies of oil and other goods from entering Estonia. Whipped up by the Russian media, Boston-styled "No Irish need apply"-type signs began appearing in Russian shops and restaurant windows and an unruly mob (is there any other kind?) blockaded the Estonian embassy. Estonian appeals to the UN and EU to declare the attacks 'terrorism' or an 'act of war' would fall on deaf ears; both bodies were in recess and thus, too busy to respond immediately.
An unlucky Russian n00b named Dimitri was arrested in Tallinn, but then released; he would eventually be fined about $1500 for the Reform Party website defacement. Other than that, no one has ever been held responsible for the attacks. It's not as though you rent a botnet with your fucking Discover card, after all...
Olde media: WWIII ! !1!
As much of a mess as it made, it's debatable whether the conflict deserved the superlatives heaped on it by news writers; contrary to claims at the time, it wasn't very sophisticated, especially compared to China's decidedly larger Titan Rain incursion on the US. At any rate, perhaps excited by the perceived power disparity between the big, bad Russian bear and it's helpless Estonian prey, they decided for the sake of a good story to pursue the 'WAR' angle, invariably describing the attack as 'by Russia' rather than 'from' it.
Some of them popped serious e-stiffys and wrote some pretty silly end-times cybershit about '"LARGE-SCALE CYBERWARFARE"', "CYBER-TERRORISM", and oh-my-gawd "CYBER 'NUCLEAR WINTER" because this was a "NEW BATTLE TACTIC" - all of which should convince anybody that Olde Media is Olde.
In the end, the government's decision to move the Bronze Soldier ASAP probably did more to restore normalcy than any electronic countermeasures. With the contentious totem relocated and the botnet rental expired, the drama fizzled out ; there have been no 'anniversary'-type internet raids and April 2008 street protests in Tallinn barely drew 100 people. Estonia's electronic borders are now protected by Norton Firewall and all citizens have since bought a dog and some curtains. And under the circumstances, who wouldn't? Would you want to live in a country known for being owned by Russia THREE times in a row?
- Technical details of the attack (in English):