DEL.ICIO.USTulip Systems tries to keep other Georgia’s Web sites safe
The Atlanta Journal-Constitution
Tom Burling, chief financial officer of Internet hosting company Tulip Systems, figured something was up when his pager started going haywire last weekend.
His boss, Nino Doijashvili, was traveling in her home country of Georgia when Russian troops began invading Georgia’s breakaway region of South Ossetia and captured its capital city. But it was the cyberattack on two of Georgia’s Web sites — president.gov.ge and rustavi2.com — that had caught Doijashvili’s eye. She contacted the Georgian government and then Burling and had the sites moved to Tulip, which operates out of a tiny, nondescript office in downtown Atlanta.
Justyna Mielnikiewicz/New York Times
When Republic of Georgia soldiers (above) clashed with invading Russian forces last week, a state of Georgia Internet host transferred sites to its control and keep the Web pages running.
Now, Tulip’s employees in Atlanta and in Georgia are working, sometimes on little sleep, to keep the government sites running and to protect them from further cyber warfare. The attacks are known as denial of service — hundreds or thousands of computers blitzing the Georgian government’s Web sites with requests for information, rendering them unusable. Because the attacks come from so many computers, it is nearly impossible to find the source.
Q: What happened in cyberspace, exactly?
A: The Internet is the Internet. It is available to anybody who wants to get on it. This started about a day and a half after hostilities broke out: the Georgian government Web site came under cyberattack. There are Russian-based IP (Internet protocol) addresses that are coming in.
Q: How did Tulip find out about this?
A: The CEO, with her husband and two children, happened to be on a vacation/business trip. When the attack occurred, she contacted the president’s office to host over here where it would be safer and easier to defend.
We have an office over there. It was a situation where she has friends over there. When George Bush visited Georgia, we were one of the sponsors. There is some personal contact.
Q: What was Tulip able to do?
A: We brought the site into our data center and our servers. We are broadcasting three TV stations out of here, and we also brought over another Web site, rustavi2, the largest TV network.
We transferred the sites here Saturday [Aug. 9]. They were being attacked over there Tuesday and Wednesday. … We moved things midafternoon.
Q: Did it really play out that way?
A: We all have pagers and alarms that go off when somebody takes our systems down.
We have thwarted some 300 million attacks over the last day. We’re still getting 68,000 attacks at any given time. The source is thousands of Web sites. Every time we block 500 of them, another 500 go up.
Q: It looks like they were going after any site in that country.
A: They are going after any Web site that is a .ge, which means it’s a Georgian-based Web site. But they are finding other sites — rustavi is rustavi.com, so they are now attacking that [.coms] on our servers, too.
Q: How do you know that this is happening?
A: It’s like any other network; ours is fully monitored. We host 1.5 million sites and can call one up, and it will show you the traffic on it. The monitors basically alarm when the traffic gets really out of hand. We’re getting nailed, and it has not stopped.
Q: Are these attacks unprecedented?
A: [Last year], they shut down the country of Estonia. They have been attacking the Georgian Web site since July of this year. It’s interesting that the cyberattacks started before the shooting.
Q: Does Tulip have a sense that it, for the lack of a better phrase, saved the day?
A: I don’t think we have a sense that we saved the day. When we first took [over], it became a matter of technology. Now it’s a matter of principle.
Q: Principle?
A: The Internet, it’s kind of like the Olympics, which are supposed to be above politics. The Internet is supposed to be above politics. When people use it for political reason, a nationalistic venture to silence other people, it disrupts the entire Internet and is a violation of the principles behind it. Members of the cyber community get extremely upset when things like this happen.
Q: Will this help business, or would you rather just fly under the radar?
A: It’s kind of in-between. Everybody in the world likes the, “I don’t care what you call me, as long as you spell my name right,” saying. But at the same time we have people over there, and we are worried about their safety and their health.
This has kind of blown up on itself. The wider that it’s publicized, the more that we become a target, especially because we have been defeating these attacks. Internet hackers look at their inability to penetrate a system as a challenge.
Q: OK, so what are the differences in operating a business in the United States vs. in Georgia?
A: The size of the infrastructure that’s involved and also the technology that’s involved. We have offices over here and over there. They do development for us and monitor our sites at night.
Georgia is a smaller country and has interconnections through Russia and Turkey. We probably have more capacity in this building than they have in an entire country.
Q: What do these cyberattacks tell you? This isn’t some kid hanging out in a basement messing around on the computer.
A: A while back, they had a virus coming out, and they caught some kid. This kind of a bot attack, this is extremely well-organized. In order to set it up, you have had to hijack computers. This is intentional. This is a huge effort.
Part of the problem is, it costs nothing for somebody to do.
In the new warfare, it’s a cheap way of firing the shot.
Services »