As they say in the NFL, "On further review." First, it appears that the attacks did not appear to originate from government operators, but a group of civilian hackers. According to Shadowserver, a volunteer group that monitors internet hacking activity, the attack linked to a group of servers previously corresponding with hackers known for hacking pornography and gambling websites.
It is important to note that, as with any attack, the ability to pin the rose on any particular group, government or individual is extremely difficult. The attack may originate in Russia, but that does not mean it came from their government. On the other hand, you cannot remove government-sponsored operators from consideration regardless of their own spokespeople.
Do not think that the Georgian hackers are sitting idle while their country takes a pounding. Apparently, they responded, by taking down sites that provided news about the Russian-backed Georgian breakaway province of South Ossetia and in one case replacing the Web site´s content with a news feed from a pro-Georgian service.
Now that the cyber dust is settling, what did we learn? Here is a great PCWorld article by Andreas Antonopoulos. His point: "There were no reports of attacks against critical infrastructure, electronic jamming of stock exchanges, SCADA-hack explosions in substations or anything like that. This was not a battalion of elite army-trained hackers from the Russian Southern Command of Cyber Warfare. In all likelihood it was groups of run-of-the-mill script kiddies with control of a botnet, stroking their egos with the higher cause of injured nationalism."
Personally, I believe the lessons learned lies somewhere in the middle. While the cyber attacks in Georgia proved anything buy decisive, they received considerable attention from an international press fascinated by cyber-warfare. Hackers were able to draw the attention of Georgian officials already decisively engaged by attacking Russian forces. Like it or not, they were a factor albeit not a decisive one.
