million packets per second.42 The attacks lasted from anywhere between one to 10 hours, and originated in as diverse of countries as Egypt, Peru, and Russia.
The cyber attack on Estonia is not the first time that DDOS attacks have been used against a country. The “Apolo Ohno” controversy at the 2002 Salt Lake City Olympics resulted in several U.S.-based servers being hit from machines that appeared to be based in South Korea.43 Another episode involved the so-called “Titan Rain” series of cyber attacks on U.S. computer systems ongoing since 2003. These attacks were believed by the SANS Institute, a computer security training company, to be Chinese in origin and were the result of military hackers trying to garner information on U.S. defense systems.44 While the so-called “Solar Sunrise” attack involved a 1998 breach of the DOD computer systems, hidden through United Arab Emirates accounts. Yet it was not the UAE behind the attacks, but an Israeli teenager and two high school students from Cloverdale, California.45 During the Kosovo Crisis, three days after NATO bombings on March 30, 1999, hackers initiated a coordinated program to disrupt NATO’s email
42 A packet is the unit of data that is routed between an origin and a destination on the Internet. When any file is sent on the Internet, the Transmission Control Protocol (TCP) layer of TCP/IP divides the file into “packets” of an efficient size for routing. Each of these packets is separately numbered and includes the Internet address of the destination. The individual packets for a given file may travel different routes through the Internet. When they have all arrived, they are reassembled into the original file. Definition from Whatis.com, available at: . Last visited: 4/18/2008.
43 In 2002 at the Salt Lake City Games, Ohno won the gold medal in the 1,500-meter speed-skating race after South Korean Kim Dong-Sung was disqualified; soon after, several United States-based servers were hit with a DDOS. Robert Vamosi, Cyberattack in Estonia – what it really means, CNETnews.com, May 29, 2007.
45 Solar Sunrise was a series of DOD computer networks attacks which occurred from 1-26 February 1998. The attack pattern was indicative of a preparation for a follow-on attack on the DII. DOD unclassified networked computers were attacked using a well-known operating system vulnerability. The attackers followed the same attack profile: (a) probing to determine if the vulnerability exists, (b) exploiting the vulnerability, (c) implanting a program (sniffer) to gather data, and (d) returning later to retrieve the collected data. At least eleven attacks followed the same profile on Air Force, Navy, and Marine Corps computers worldwide. Attacks were widespread and appeared to come from sites such as: Israel, the United Arab Emirates (UAE), France, Taiwan, and Germany. Porter Goss, An Introduction to the Impact of Information Technology on National Security, 9 Duke J. of Comp. & Int'l L. 391 (1999).