Well it seemed like the whole damn country.
Over 15,000 website have been hacked, including, not surprisingly, newspapers, government offices and TV stations.
After the sites were defaced by the hackers, they were taken offline.
Newspapers said it was the biggest attack in the country’s history, even bigger than the 2008 attack by Russia.
This attack even affected some of the country’s courts and banks.
Needless to say, and based on the history with Russia, there was some panic around.
However a web hosting company, Pro-service, admitted that their network was attacked.
By late in the day more than half of the sites were back online and they were working on the rest.
The hackers defaced the sites with a picture of former president Mikheil Saakashvili, with the text “I’ll be back” overlaid on top.
Saakashvili is in exile in Ukraine now but was generally thought to be anti-corruption, so it is unlikely that Russia did it this time, but it seems to be politically motivated.
At least two TV stations went off the air right after the attack.
Given that Georgia (formerly known as the Republic of Georgia) is not vital to you and me on an everyday basis, why should we care.
The answer is that just because hackers attacked them today — if it could be done there, it could be done here too. Oh. Wait. They already did that (see here). In that case, it was the Chinese and the damage was much greater.
The interesting part for both the Chinese attack on us and the <whoever did it> attack on Georgia is that one attack on a piece of shared infrastructure can do an amazing amount of damage.
Think about what happens when Amazon, Microsoft or Google go down – even without a cyberattack.
The folks in DC are already planning how to respond to an attack on shared infrastructure like banking, power, water, transportation and other critical infrastructure. You and I don’t have much ability to impact that part of the conversation, but we do have impact on our own infrastructure.
Apparently this attack was pretty simple and didn’t do much damage, but that doesn’t mean that some other attack will also be low tech or do little damage. What if an attack disabled one or a few Microsoft or Amazon data centers. Microsoft is already rationing VMs in US East 2 due to lack of capacity. What would happen if they lost an entire data center?
This falls under the category of disaster recovery and business continuity. Hackers are only one case, but the issue of shared infrastructure makes the impact much greater. If all of your servers were in your office like they used to be, then attacks would be more localized. But there are many advantages to cloud infrastructure, so I am not suggesting going back to the days of servers in a closet.
Maybe Microsoft or Amazon are resilient enough to withstand an attack (although it seems like self inflicted wounds already do quite a bit of damage without the help of outside attackers), but what about smaller cloud providers?
What if one or more of your key cloud providers had an outage? Are you ready to handle that? As we saw with the planned power outages in California this past week, stores who lost power had to lock their doors because their cash registers didn’t work. Since nothing has a price on it any more, they couldn’t even take cash – assuming you could find a gas station to fill your car or an ATM to get you that cash.
Bottom line is that shared infrastructure is everywhere and we need to plan for what we are going to do — not if, but when –, that shared infrastructure takes a vacation.
Plan now. The alternative may be to shut the doors until the outage gets fixed and if that takes a while, those doors may be locked forever.