In an unprecedented event, nearly 2,000 websites in Georgia were hit by a massive cyberattack. According to digital forensics specialists, the organizations most affected include government institutions, digital media platforms and broadcasting companies and even some financial institutions.
It all started this Monday morning, with reports of some service failures from some Georgian government websites. Over the hours, the number of reports increased to nearly 2,000 shut down websites. In most cases, the hacked websites displayed an image of Mikheil Saakashvili, former president of Georgia, in addition to the phrase “I’ll be back”.
Affected websites include those of:
- Three TV channels: Imedi, TV Maestro and Pirveli
- The National Bank of Georgia
- The Office of the Presidency
- Two online news platforms: Tabula and Georgia Today
In this regard, Roman Gotsiridze of the United National Movement Party (UNM) says it is the very same Georgian government that is behind these attacks, by hiring a bot service. “The government’s intention is to hold UNM or Ukraine accountable for these attacks,” says the parliament member.
On the other hand, Irakli Chikhladze, director of the TV channel Imedi, mentioned through a Facebook post: “Today, around 15:00, we detected that our networks were inactive and could not receive any signal. Our digital forensics teams mention that this is the result of a cyberattack.” Soon after, the official TV Maestro page confirmed that their networks had also been compromised.
A couple of hours later, the Georgia National Bank and some digital media platforms also reported flaws on their websites. The administrators of the Tabula online news portal mentioned that it was a cyberattack, although they claimed to be unaware of additional details.
The digital forensics specialist and former head of the cybersecurity office of the Georgian Ministry of Defense, Andro Gotseridze, says it is very difficult to find out who is responsible for these attacks. “Even though these attacks are actually unsophisticated, their range can be massive; although they do not cause loss of information, their main intention is to send a message,” he adds. Previously the existence of conventional Internet sites, as well as on dark web, that offer denial of service (DoS) attacks for hire has been reported; Although authorities around the world have tried to contain this activity, it is relatively easy for some hacker groups to reassemble such structures.
The Georgian Ministry of the Interior has begun investigating the incident, which a spokesperson called an “unauthorized access to multiple public and private IT systems.” If they found those responsible, they would face up to six years in prison.
This is not the first time that massive cyberattacks are reported in this Eastern European country. According to digital forensics specialists from the International Institute of Cyber Security (IICS) just a month ago, the TV channel Pirveli revealed an incident that significantly limited its broadcasting capacities. Georgia authorities were unable to find traces of those responsible for this attack.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.