

Government and independent investigators are still trying to figure out who, exactly, hit Georgia’s websites during its August war with Russia. Now, one of the hackers who claims to be behind some of the cyberattacks is telling all.

When the online assaults against Georgia began, everyone from the Russian government to a defunct, Moscow-based criminal consortium was blamed. A recent, preliminary report from the "Grey Goose" collection of online sleuths alleged that nationalistic Russian hackers, working largely on their own, bore a great deal of responsibility for the cyberstrikes.

The account from Leonid "R0id" Stroikov, in the latest edition of Xakep ("Hacker") magazine, appears to confirm the Grey Goose hypothesis. In the article, Stroikov talks about how he hit the website of the Georgian parliament — and why he decided to do it.

Countries today, Stroikov writes, "actively use the Internet for transmitting their point of view." So when Stroikov’s "peaceful drink of beer" was "unexpectedly interrupted with the news of the developing situation in the Georgian-Ossetian conflict," he decided to strike a blow for Russia in the information war.

Stroikov wasn’t able to break into his first few targets: the news site presa.ge and the search engine internet.ge. But he says he found better luck at parliament.ge, the website of the Georgian assembly.

First, he used an SQL injection (junk code that confuses a website’s back-end database) to get into parliament.ge’s list of users. Then, Stroikov employed a brute force attack to get an administrative password for the site.

"What happened next, I think, doesn’t make much sense to go into. Let’s just call It my little secret," he writes.

According to reports in the Sydney Morning Herald and elsewhere, hackers posted to parliament.ge a slideshow comparing Georgia’s president to Adolf Hitler. The site claimed it was "hacked by the South Ossetia Hack Crew."

Rafal Rohozinski, a principal at the SecDev Group, cautions that

Stroikov’s story can’t be taken as completely authoritative. "This assumes, of course, is that the account as truthful, and not just after-the-fact boasting. The problem with magazines like ‘Hacker’ is that often they are a method of self promotion and self-aggrandizement, rather than a truthful rendition of facts," he tells Danger Room. But Stroikov’s article the most explicit, most detailed public claim of responsibility for the Georgia electronic attacks I’ve seen so far.