Ukraine and Russia seems to be at the moments on both traditional and cyber war. We could call that hybrid warfare. We are at a cyber war. Countless examples exist of damage to infrastructure from hostile acts via computer attacks. Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar. On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. Russia started to conduct attacks to Ukraine on February 24. Before physical attacks Russia did several cyber attacks towards IT systems in Ukraine.
Here are links to some material on the cyber side of this war:
How the Eastern Europe Conflict Has Polarized Cyberspace
https://blog.checkpoint.com/2022/02/27/how-the-eastern-europe-conflict-polarized-cyberspace/
The war between Russia and Ukraine is advancing. People everywhere are deciding who they will support. The same dynamic happens in the cyberspace. Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices. Historically, Russia has had superiority over Ukraine in the cyberspace. And last week, Ukraine was attacked by destructive wiping malware. However, the situation is starting to change, as most of the non-nation cyber state actors are taking the side of Ukraine. To defend itself, the Ukrainian government has created an international IT army of hacktivists.
As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
https://techcrunch.com/2022/03/02/as-war-escalates-in-europe-its-shields-up-for-the-cybersecurity-industry/
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns. We are fielding a growing number of inquiries about these aspects and our work, and therefore we are putting in one place a short summary about them in this blog. This includes four areas: protecting Ukraine from cyberattacks; protection from state-sponsored disinformation campaigns; support for humanitarian assistance; and the protection of our employees.. Also:
https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/
Ukraine: Cyberwar creates chaos, ‘it won’t win the war’
https://www.dw.com/en/ukraine-cyberwar-creates-chaos-it-wont-win-the-war/a-60999197
There have been at least 150 cyberattacks in Ukraine since Russia’s invasion. Their effect is mainly psychological, and experts say they won’t decide the war.
Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar.
The global technology company Microsoft has said its Threat Intelligence Center (MSTIC) detected “destructive cyberattacks directed against Ukraine’s digital infrastructure” hours before the first launch of missiles or movement of tanks on February 24.
Those attacks, which Microsoft dubbed FoxBlade, included so-called wipers — malicious software or malware — that make their way inside computer networks and literally wipe the data from all connected devices.
Cybersecurity experts in Germany have said there have been over a hundred cyberattacks, in various forms, since then. But their effect has mainly been psychological.
Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine
https://time.com/6153902/russia-major-cyber-attacks-invasion-ukraine/
In the relatively short and rapidly evolving history of cyber conflict, perhaps nothing has been established with greater certainty and more widely accepted than the idea that Russia has significant cyber capabilities and isn’t afraid to use them—especially on Ukraine. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and the virus quickly spread across the globe costing businesses billions of dollars in damage and disruption.
As tensions escalated between Russia and Ukraine, many people were expecting the conflict to have significant cyber components.
But as the invasion continues with few signs of any sophisticated cyber conflict, it seems less and less likely that Russia has significant cyber capabilities in reserve, ready to deploy if needed. Instead, it begins to look like Russia’s much vaunted cyber capabilities have been neglected in recent years, in favor of developing less expensive, less effective cyber weapons that cause less widespread damage and are considerably easier to contain and defend against. For instance, many of the cyberattacks directed at Ukraine in the past month have been relatively basic distributed denial-of-service attacks.
Given Russia’s past willingness to deploy cyberattacks with far-reaching, devastating consequences, it would be a mistake to count out their cyber capabilities just because they have so far proven unimpressive. And it’s all but impossible to prove the absence of cyber weapons in a nation’s arsenal. But the longer the conflict goes on without any signs of sophisticated cyber sabotage, the more plausible it becomes that the once formidable Russian hackers are no longer playing a central role in the country’s military operations.
Crowd-sourced attacks present new risk of crisis escalation
https://blog.talosintelligence.com/2022/03/ukraine-update.html
An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques.
Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well. Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine. Based on data from our fellow researchers at Cisco Kenna, customers should be most concerned about threat actors exploiting several recently disclosed vulnerabilities, highlighting the importance of consistently updating software and related systems.
Russia, Ukraine and the Danger of a Global Cyberwar
https://www.securityweek.com/russia-ukraine-and-danger-global-cyberwar
On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. At the time of writing, it is not yet a full invasion of Ukraine, but Russia did conduct attacks on February 24, hitting cities with airstrikes and artillery in what was called a “special military operation” by Russian President Vladamir Putin.
Russia has been waging its own cyberwar against Ukraine for many years.
Since the beginning of 2022, however, it seems that Russian cyber activity against Ukraine has increased. This includes evidence that wiper malware has again disrupted some Ukrainian government networks, and attacks from the FSB-linked Gamaredon have targeted around 5,000 entities, including critical infrastructure and government departments. So far, however, there has not been the same scale of disruption as occurred in 2015, 2016 and 2017.
The purpose of such cyber activity is to weaken critical infrastructure, damage government’s ability to respond to any aggression, and to demoralize the population.
The U.S. has been warning the rest of the world against a potential widening scope of Russian cyber activity, and that cyber defenses generally should be tightened.
“Part of the worry,” said Willett, “is that cyberattacks against Ukraine might bleed over, like NotPetya, to affect other countries and cause wider damage unintentionally. There is some concern that the Russians may intentionally do stuff more widely, but that would probably be in retaliation for something that the U.S. or NATO might do.
This raises the whole question of ‘attribution’. The received belief is it is impossible to do accurate cyber attribution. ““It would be a mistake for any one nation to think it could attack another without being known,” said Willett.That is absolutely wrong,” said Willett.
But accidents happen. The two iconic cyberweapons have been Stuxnet and NotPetya. It is assumed that the U.S. developed Stuxnet (although this has never been admitted). NotPetya has been confidently attributed to the Russian government. Both malwares escaped from their assumed targets into the wider world. This was probably accidental – but similar accidents could lead to wider implications during a period of global geopolitical tension.
On the morning of February 24, 2022, Russian troops invaded Ukraine. This was accompanied by a further increase in cyber activity.
Ukraine Digital Army Brews Cyberattacks, Intel and Infowar
https://www.securityweek.com/ukraine-digital-army-brews-cyberattacks-intel-and-infowar
Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence.
Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.
The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.
The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.
It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.
Ukraine Cyber Official: We Only Attack Military Targets
https://www.securityweek.com/ukraine-cyber-official-we-only-attack-military-targets
A top Ukrainian cybersecurity official said Friday a volunteer army of hundreds of hackers enlisted to fight Russia in cyberspace is attacking only what it deems military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
Victor Zhora, deputy chair of the state special communications service, also said that there had been about 10 hostile hijackings of local government websites in Ukraine to spread false text propaganda saying his government had capitulated. He said most of Ukraine’s telecommunications and internet were fully operational.
Zhora told reporters in a teleconference that presumed Russian hackers continued to try to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — trying to infect the devices of individual citizens.
Army of Cyber Hackers Rise Up to Back Ukraine
https://www.securityweek.com/army-cyber-hackers-rise-back-ukraine
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other “hacktivists” to stay out of a potentially very dangerous computer war.
According to Livia Tibirna, an analyst at cyber security firm Sekoia, nearly 260,000 people have joined the “IT Army” of volunteer hackers, which was set up at the initiative of Ukraine’s digital minister Mykhailo Fedorov.
The group, which can be accessed via the encrypted messaging service Telegram, has a list of potential targets in Russia, companies and institutions, for the hackers to target.
It’s difficult to judge the effect the cyber-army is having.
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Russia Blocks Access to Facebook Over War
https://www.securityweek.com/russia-blocks-access-facebook-over-war
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine.
The agency, Roskomnadzor, said Friday it decided to cut access to Facebook over its alleged “discrimination” of the Russian media and state information resources. It said the restrictions introduced by Facebook owner Meta on the RT and other state-controlled media violate the Russian law.
Cyberattack Knocks Thousands Offline in Europe
https://www.securityweek.com/cyberattack-knocks-thousands-offline-europe
Thousands of internet users across Europe have been thrown offline after what sources said Friday was a likely cyberattack at the beginning of Russia’s offensive in Ukraine.
According to Orange, “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a “cyber event” on February 24 at Viasat, a US satellite operator of which it is a client.
Eutelsat, the parent company of the bigblu satellite internet service, also confirmed to AFP on Friday that around one-third of bigblu’s 40,000 subscribers in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were affected by the outage on Viasat.
In the US, Viasat said on Wednesday that a “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
Viasat gave no further details, saying only that “police and state partners” had been notified and were “assisting” with investigations.
General Michel Friedling, head of France’s Space Command said there had been a cyberattack.
Cybercriminals Seek to Profit From Russia-Ukraine Conflict
https://www.securityweek.com/cybercriminals-seek-profit-russia-ukraine-conflict
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations.
Just over a month ago, soon after the destructive WhisperGate attacks on multiple government, IT, and non-profit organizations in Ukraine, threat actors started to advertise on the dark web access to both breached networks and databases that allegedly contained personally identifiable information (PII).
Amid Russian invasion, Ukraine granted formal role with NATO cyber hub https://therecord.media/amid-russian-invasion-ukraine-granted-formal-role-with-nato-cyber-hub/
Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col.
Jaak Tarien, the institution’s director, said in a statement.
This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
In the days following Russia’s invasion of Ukraine, dozens of hacking groups have taken sides in the conflict, launching attacks on various organizations and government institutions. Cyber Unit Technologies, a Kyiv-based cybersecurity startup, has been particularly outspoken on Tuesday, the company started a campaign to reward hackers for taking down Russian websites and pledged an initial $100, 000 to the program.
High Above Ukraine, Satellites Get Embroiled in the War
https://www.wired.com/story/ukraine-russia-satellites/
While the Russian invasion rages on the ground, companies that operate data-collecting satellites find themselves in an awkward position.
Some researchers are worried that the reliance on satellite imagery has given too much power to the companies that control this technology. “There’s companies like Maxar and Planet that are privately owned and they have the final say on whether or not they want to share the information, ” says Anuradha Damale. The role of private companies in conflicts such as Ukraine means commercial satellites could become targets. In the days before Russia invaded, US space officials warned satellite companies that the conflict could extend into space.
CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations
CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.
Alert: https://www.cisa.gov/uscert/ncas/alerts/aa22-057a
US firms should be wary of destructive malware unleashed on Ukraine, FBI and CISA warn – CNNPolitics
https://www.cnn.com/2022/02/26/politics/ukraine-malware-warning-cybersecurity-fbi-cisa/index.html
EU Activates Cyber Rapid Response Team Amid Ukraine Crisis
https://www.bankinfosecurity.com/eu-activates-cyber-rapid-response-team-amid-ukraine-crisis-a-18584
Amid rapid escalation in the Russia-Ukraine conflict derived from historical grievances and qualms with Ukraine’s plan to join the military alliance NATO, the world’s network defenders remain on high alert. And on Tuesday, the European Union confirmed that it will activate its elite cybersecurity team to assist Ukrainians if Russian cyberattacks occur.
UK alludes to retaliatory cyber-attacks on Russia
https://therecord.media/uk-alludes-to-retaliatory-cyber-attacks-on-russia/
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.
Amazon: Charities, aid orgs in Ukraine attacked with malware
https://www.bleepingcomputer.com/news/security/amazon-charities-aid-orgs-in-ukraine-attacked-with-malware/
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia’s war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.
Ransomware Used as Decoy in Destructive Cyberattacks on Ukraine
https://www.securityweek.com/ransomware-used-decoy-destructive-cyberattacks-ukraine
Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine
https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine
Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
The new malware, dubbed “HermeticWiper” by the cybersecurity community, is designed to erase infected Windows devices. The name references a digital certificate used to sign a malware sample — the certificate was issued to a Cyprus-based company called Hermetica Digital.
“At this time, we haven’t seen any legitimate files signed with this certificate. It’s possible that the attackers used a shell company or appropriated a defunct company to issue this digital certificate,” explained endpoint security firm SentinelOne, whose researchers have been analyzing the new malware.
The malware has also been analyzed by researchers at ESET and Symantec. Each of the companies has shared indicators of compromise (IoCs) associated with HermeticWiper.
ESET first spotted HermeticWiper on Wednesday afternoon (Ukraine time) and the company said hundreds of computers in Ukraine had been compromised.
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/
On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. Our analysis shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure. This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack. This sample is actively being used against Ukrainian organizations, and this blog will be updated as more information becomes available. Also:
https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/
HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine https://blog.malwarebytes.com/threat-intelligence/2022/03/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine/
The day before the invasion of Ukraine by Russian forces on February 24, a new data wiper was unleashed against a number of Ukrainian entities. This malware was given the name “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd. This wiper is remarkable for its ability to bypass Windows security features and gain write access to many low-level data-structures on the disk. In addition, the attackers wanted to fragment files on disk and overwrite them to make recovery almost impossible.
In Ukraine, Online Gig Workers Keep Coding Through the War
https://www.wired.com/story/gig-work-in-ukraine/
Freelancers or gig workers who piece together work on online platforms are a hidden engine of the Ukrainian economyand the world’s. They work as software engineers, project managers, IT technicians, graphic designers, editors, and copywriters. And they work for everyone.
Invading Russian forces have plunged freelancers’ home offices into chaos and uncertainty. Vlad, a video editor in southern Ukraine, says he’s grown accustomed to the air alarm signal, and hiding until it has passed. Now there are battles 30 miles from his home. “But as long as there is water, electricity, and internet, I can work, ” he says.
“Because we all need to live for something, eat
Leaving Russia? Experts Say Wipe Your Phone Before You Go
https://www.forbes.com/sites/thomasbrewster/2022/03/04/russians-escaping-putins-repression-urged-to-wipe-their-phones/
Russians fleeing President Vladimir Putin’s regime as it cracks down on anti-war sentimentand rumors of martial law grow louderare being advised to wipe their phones, especially of any traces of support for Ukraine. If they don’t, experts say they may face detention. They’re starting by deleting messages on Signal, Telegram or any app that promises security. For those leaving the country, they’re deleting the apps themselves, and urging others to do the same. Russian media has first-hand accounts of lengthy interrogations at the border, along with phone and laptop searches, though Forbes could not corroborate those claims.
Why ICANN Won’t Revoke Russian Internet Domains
The organization says cutting the country off would have “devastating” effects on the global internet system.
https://www.wired.com/story/why-icann-wont-revoke-russian-internet-domains/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
Ukraine on Monday asked ICANN to revoke Russian top-level domains such as .ru, .рф, and .su; to “contribute to the revoking for SSL certificates” of those domains; and to shut down DNS root servers in Russia. Fedorov argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
Ukraine’s request to cut Russia off from core parts of the internet has been rejected by the nonprofit group that oversees the Internet’s Domain Name System (DNS). CEO Göran Marby of the Internet Corporation for Assigned Names and Numbers (ICANN) said the group must “maintain neutrality and act in support of the global internet.”
“Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the internet—regardless of the provocations,” Marby wrote in his response to Ukraine Vice Prime Minister Mykhailo Fedorov.
https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf
TikTok Was Designed for War
As Russia’s invasion of Ukraine plays out online, the platform’s design and algorithm prove ideal for the messiness of war—but a nightmare for the truth.
https://www.wired.com/story/ukraine-russia-war-tiktok/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
2,362 Comments
Tomi Engdahl says:
Former Estonian president on defending against Russian cyberattacks https://therecord.media/former-estonian-president-on-defending-against-russian-cyberattacks/
The former president of Estonia is sounding the alarm that, even if after Russia’s war on Ukraine comes to end, the U.S. and the rest of the world cannot ignore the threat posed by Moscow. “We cannot let our attention wane just when the fighting ends. Neither in cyber, nor in conventional, ” Kersti Kaljulaid told The Record on Thursday after her fireside chat at the Vanderbilt University Summit on Modern Conflict and Emerging Threats. Kaljulaid, whose country was the victim of landmark digital assault by Russia in 2007 that rocked the former Soviet satellite state for weeks, came to the conference with two recent examples of the danger:. Estonia’s government services experienced increased cyberattacks during the recent “Locked Shields”
digital exercise organized by the NATO Cooperative Cyber Defence Centre of Excellence. A wall of the Tallinn-based hub was also defaced with graffiti.
Tomi Engdahl says:
UK sanctions Russian microprocessor makers, banning them from ARM https://www.bleepingcomputer.com/news/technology/uk-sanctions-russian-microprocessor-makers-banning-them-from-arm/
The UK government added 63 Russian entities to its sanction list on Wednesday. Among them are Baikal Electronics and MCST (Moscow Center of SPARC Technologies), the two most important chip makers in Russia.
The two sanctioned entities will now be denied access to the ARM architecture since Arm Ltd., the licensee, is based in Cambridge, England, and will have to comply with the sanctions.
Tomi Engdahl says:
Russia hammered by pro-Ukrainian hackers following invasion https://arstechnica.com/information-technology/2022/05/russia-hammered-by-pro-ukrainian-hackers-following-invasion/
For years, Dmitriy Sergeyevich Badin sat atop the FBI’s most-wanted list. The Russian government-backed hacker has been suspected of cyberattacks on Germany’s Bundestag and the 2016 Olympics, held in Rio de Janeiro. A few weeks into Russia’s invasion of Ukraine, his own personal informationincluding his email and Facebook accounts and passwords, mobile phone number, and even passport detailswas leaked online.
Tomi Engdahl says:
US Cyber Command Team Helps Lithuania Protect Its Networks
https://www.securityweek.com/us-cyber-command-team-helps-lithuania-protect-its-networks
The Pentagon’s cyber arm says a team spent months working with officials in Lithuania to help protect government networks there from cyberattacks.
The U.S. Cyber Command mission, known as a hunt forward operation, involved a specialized team that worked to identify vulnerabilities and counter malicious cyber activity affecting the networks of Lithuania’s foreign affairs ministry and defense systems. It ended this month.
Tomi Engdahl says:
Ghostwriter in the Shell: Expanding on Mandiant’s Attribution of UNC1151 to Belarus
https://www.recordedfuture.com/ghostwriter-in-the-shell/?__hstc=156209188.c8ff4f77b79eecac2dec4077778e3ab4.1649913118632.1649913118632.1652076867062.2&__hssc=156209188.1.1652076867062&__hsfp=2577339389
This research expands on Mandiant’s public attribution of UNC1151 and Ghostwriter activity to entities in Belarus and describes Russian military organizational influence in Minsk, substantiating a likely nexus to Russian interests. The time frame for our research spans between March 2017 through the present and employs data from the Recorded Future Platform with open source enrichment.
Tomi Engdahl says:
https://therecord.media/former-estonian-president-on-defending-against-russian-cyberattacks/
Tomi Engdahl says:
Sergiu Gatlan / BleepingComputer:
Google Play bans “downloading of paid apps and updates to paid apps” in Russia over sanctions, after halting purchases of paid apps and subscriptions in March — Google is now blocking Russian users and developers from downloading or updating paid applications from the Google Play Store starting Thursday due to sanctions.
Google Play now blocks paid app downloads, updates in Russia
https://www.bleepingcomputer.com/news/google/google-play-now-blocks-paid-app-downloads-updates-in-russia/
Google is now blocking Russian users and developers from downloading or updating paid applications from the Google Play Store starting Thursday due to sanctions.
“As part of our compliance efforts, Google Play is blocking the downloading of paid apps and updates to paid apps in Russia starting May 5, 2022,” the company said in an update on its support website.
Russian developers can still publish and update free apps, with users still allowed to download them from the store.
However, all updates to paid apps will be automatically blocked for compliance reasons according to the new changes.
While users can no longer pay for subscriptions, Google suggests that developers can grant subscription billing grace periods and free trials, which will work “subscription billing grace periods and any free trials.”
They can also defer renewals for as long as one year, allowing the users to continue accessing the content without being charged during this deferral period.
“If you wish, you can choose to offer your app for free or remove your paid subscription during this pause,” Google advised in the case of apps offering critical services that keep users safe or provide them with access to information.
Billing system paused last month
Google first paused its Google Play billing system in Russia on March 10 due to sanctions, preventing them from buying apps and games, paying for subscriptions or any in-app purchases.
On March 23, Russia banned Alphabet’s news aggregator service Google News and blocked access to news.google.com for providing access to “unreliable information” regarding the ongoing war in Ukraine.
Roskomnadzor, Russia’s telecommunications regulator, also asked Google to stop ad campaigns spreading misinformation on Russia’s invasion of Ukraine in YouTube videos.
In reply, Google took action against disinformation campaigns regarding Russia’s invasion, blocking the YouTube channels of Russia Today (RT) and Sputnik in Europe at the European Union’s request.
Tomi Engdahl says:
Matt Burgess / Wired:
How small, commercial drones in Ukraine are letting militias and others conduct cheap airborne surveillance and collect footage for war crimes investigations
Small Drones Are Giving Ukraine an Unprecedented Edge
From surveillance to search-and-rescue, consumer drones are having a huge impact on the country’s defense against Russia.
https://www.wired.com/story/drones-russia-ukraine-war/
Tomi Engdahl says:
Anthony Faiola / Washington Post:
A look at the rise of VPNs in Russia following its war in Ukraine; Apptopia: daily downloads of the top ten VPNs jumped from 15K before the war to 475K in March
How millions of Russians are tearing holes in the Digital Iron Curtain
https://www.washingtonpost.com/world/2022/05/06/russia-vpn-putin-censorship-disinformation/
A surge in virtual private network downloads is a challenge to Vladimir Putin and his version of the war
RIGA, Latvia — When Russian authorities blocked hundreds of Internet sites in March, Konstantin decided to act. The 52-year-old company manager in Moscow tore a hole in the Digital Iron Curtain, which had been erected to control the narrative of the war in Ukraine, with a tool that lets him surf blocked sites and eyeball taboo news.
Konstantin turned to a virtual private network, an encrypted digital tunnel commonly known as a VPN. Since the war began in late February, VPNs have been downloaded in Russia by the hundreds of thousands a day, a massive surge in demand that represents a direct challenge to President Vladimir Putin and his attempt to seal Russians off from the wider world. By protecting the locations and identities of users, VPNs are now granting millions of Russians access to blocked material.
Downloading one in his Moscow apartment, Konstantin said, brought back memories of the 1980s in the Soviet Union, when he used a shortwave radio to hear forbidden news of dissident arrests on Radio Liberty, which is funded by the United States.
Tomi Engdahl says:
Bill Toulas / BleepingComputer:
UK sanctions Baikal Electronics and MCST, Russia’s most important chipmakers, denying them access to the ARM architecture
UK sanctions Russian microprocessor makers, banning them from ARM
https://www.bleepingcomputer.com/news/technology/uk-sanctions-russian-microprocessor-makers-banning-them-from-arm/
The UK government added 63 Russian entities to its sanction list on Wednesday. Among them are Baikal Electronics and MCST (Moscow Center of SPARC Technologies), the two most important chip makers in Russia.
The two sanctioned entities will now be denied access to the ARM architecture since Arm Ltd., the licensee, is based in Cambridge, England, and will have to comply with the sanctions.
Tomi Engdahl says:
Russia sanctions:
The authorities will spend 3.2 trillion rubles on the largest national project in the field of electronics
https://digitnews.in/the-authorities-will-spend-3-2-trillion-rubles-on-the-largest-national-project-in-the-field-of-electronics/
The government has prepared a preliminary concept for a new national project in the field of electronics, for which 3.19 trillion rubles will be spent by 2030.
The implementation of the national project will go in four directions: product, infrastructure, demand, personnel. Separate federal projects will be prepared for them. Responsible for the implementation of the project are Deputy Prime Ministers Yuri Borisov and Dmitry Chernyshenko.
In 2022, the authorities will launch a program to reengineer foreign solutions and transfer their production to the Russian Federation and China, as well as a program for the development of electronic engineering. By 2024, they will provide 100% import substitution in all areas, and by 2030 they will “complete the formation of a product portfolio of Russian technologies.” 1.14 trillion rubles will be spent on this. (column “Product”).
The column “Infrastructure” includes the launch of the production of microelectronics according to the 90 nm standards, and by 2030 the serial production of electronics according to the 28 nm technology. By 2030, they plan to increase the number of Russian design centers from 70 to 300. 460 billion rubles will be allocated for these purposes. until 2030.
Tomi Engdahl says:
Putinin digitaalinen rautaesirippu murtuu – näin miljoonat venäläiset kiertävät valtion sensuurin
Venäjällä halutaan päästä länsimaisiin palveluihin ja nettisivuille.
https://www.iltalehti.fi/digiuutiset/a/6ccd341f-2e44-4e8b-95ad-2260482507c0
How millions of Russians are tearing holes in the Digital Iron Curtain
https://www.seattletimes.com/nation-world/how-millions-of-russians-are-tearing-holes-in-the-digital-iron-curtain/
When Russian authorities blocked hundreds of internet sites in March, Konstantin decided to act. The 52-year-old company manager in Moscow tore a hole in the Digital Iron Curtain, which had been erected to control the narrative of the Ukraine war, with a tool that lets him surf blocked sites and eyeball taboo news.
Konstantin turned to a virtual private network, an encrypted digital tunnel more commonly known as a VPN. Since the war began in February, VPNs have been downloaded in Russia by the hundreds of thousands a day — a massive surge in demand that represents a direct challenge to President Vladimir Putin’s attempt to seal Russians off from the wider world. By protecting the locations and identities of users, VPNs are now granting millions of Russians access to blocked material.
Downloading one in his Moscow apartment, Konstantin said, brought back memories of the 1980s in the Soviet Union — when he used a shortwave radio to hear forbidden news of dissident arrests on U.S.-funded Radio Liberty.
“We didn’t know what was going on around us, and that’s true again now,” said Konstantin, who, like other Russian VPN users, spoke on the condition that his last name be withheld for fear of government retribution. “Many people in Russia simply watch TV and eat whatever the government is feeding them. I wanted to find out what was really happening.”
Tomi Engdahl says:
Venäläisen satelliittitelevision ohjelmavalikko hakkeroitiin voitonpäivänä – ”Teillä on käsissänne ukrainalaisten verta” https://www.is.fi/digitoday/art-2000008804086.html
Tomi Engdahl says:
https://www.dailymail.co.uk/news/article-10796113/Elon-Musk-claims-hes-threatened-Russian-space-agency-head-providing-Ukraine-internet.html?ito=social-facebook
Tomi Engdahl says:
Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware https://thehackernews.com/2022/05/ukrainian-cert-warns-citizens-of-new.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems. The mass email campaign carries the subject line “chemical attack” and contains a link to a macro-enabled Microsoft Excel file, opening which leads to computers getting infected with Jester Stealer.
Tomi Engdahl says:
Russian TV listings hacked with messages about war crimes in Ukraine https://www.bitdefender.com/blog/hotforsecurity/russian-tv-listings-hacked-with-messages-about-war-crimes-in-ukraine/
Tomi Engdahl says:
https://www.theguardian.com/world/2022/may/09/russian-journalists-pro-kremlin-site-lenta-anti-war-articles
Two Russian journalists working for a popular pro-Kremlin website filled it with anti-war articles on Monday morning in a rare act of dissent as the country celebrated the Soviet Union’s victory over Nazi Germany.
The articles on Lenta.ru called President Vladimir Putin a “pitiful paranoid dictator” and accused him of waging “the bloodiest war of the 21st century”.
Pointing to recent laws introduced by Russia aimed at stifling anti-war dissent, Polyakov said he was now “worried” for his safety.
“Of course I am afraid,” Polyakov said. “I am not ashamed to admit that. But I knew what I was doing, what the consequences could be.”
Tomi Engdahl says:
https://www.thedrive.com/the-war-zone/fake-david-attenborough-voice-narrates-the-natural-death-of-a-russian-tank
Tomi Engdahl says:
U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actor https://www.cisa.gov/uscert/ncas/current-activity/2022/05/10/us-government-attributes-cyberattacks-satcom-networks-russian
CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory,. Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial satellite communications networks to disrupt Ukrainian command and control during the Russia invasion, and those actions had spillover impacts into other European countries.
Tomi Engdahl says:
Russia pummelled by pro-Ukrainian hackers following invasion
Cyber attacks lead to ‘avalanche’ of secret data from state-backed groups and private companies
https://www.ft.com/content/3391bf8c-e431-415c-b7c5-9eeee08b3374
For years, Dmitriy Sergeyevich Badin sat atop the FBI’s most wanted list. The Russian government-backed hacker has been suspected of cyber attacks on Germany’s Bundestag and the 2016 Olympics, held in Rio de Janeiro.
A few weeks into Russia’s invasion of Ukraine, his own personal information — including his email and Facebook accounts and passwords, mobile phone number and even passport details — was leaked online.
Another target since the war broke out two months ago has been the All-Russia State Television and Radio Broadcasting Company, known as a voice of the Kremlin and home to Vladimir Solovyov
On March 30, almost a million emails spanning 20 years of the broadcaster’s history were leaked on to the internet.
The unveiling of their secrets was part of a widespread assault taking place in cyberspace, as Russian companies and government bodies were swarmed by hordes of pro-Ukrainian hackers, many of them new and previously unknown players to cyber-security experts.
The result has been hundreds of millions of documents spilling out from targets as varied as Transneft, a huge oil pipeline operator close to the Russian government; Russia’s Ministry of Culture; Belarusian power supplier Elektrotsentrmontazh; and an arm of the Russian Orthodox Church that has backed the war in Ukraine.
“Russia is being hacked at an unprecedented scale by a lower tier of attacker, and there are tens of terabytes of data that’s just falling out of the sky,”
“Historically, [Russia] was being systematically popped by a higher tier — the Five Eyes [intelligence alliance comprising the US, UK, Canada Australia and New Zealand] and Chinese government — but right now, the breadth of leaks is just breathtaking,”
For more than a decade, Ukrainian government, financial and other systems were pummelled by Russian state-backed hackers.
Now, Russia itself is being hunted in the cyber arena by pro-Ukraine hackers, opportunistic criminal groups and, as some security researchers suspect, government-backed entities from western countries.
But Lorax B Horne at Distributed Denial of Secrets, a whistleblower news site seen as a successor to WikiLeaks, said they have watched both the quality and the quantity of datasets being submitted anonymously to the group build into an “avalanche”.
“We’ve seen more data from Russia that is of higher value than we have seen before,”
One hack by a Belarusian dissident group called the Cyber Partisans was modelled on the sabotage of Nazi railway lines in the second world war. It combined electronic subterfuge with physical damage to slow freight trains carrying Russian war equipment through Belarus to northern Ukraine in the first days of the invasion, said Yuliana Shemetovets, a US-based spokeswoman for the group.
At one point, the slowdowns in the rail network, which targeted the automatic signalling systems for freight trains and the ticketing system for passengers, were sufficiently widespread that western intelligence officials credited the disruption with bogging down Russian forces en route to Ukraine’s capital, Kyiv
The hack had been planned even before the war began, such as by deleting some databases that required railway employees to manually check all freight.
Yet the widespread assault on Russian targets has had the unintended result of disturbing a carefully maintained equilibrium between the world’s major cyber powers — the US, China and Russia — according to Guy Golan, a former Israeli military intelligence officer.
the three countries had for decades penetrated the computer networks behind each other’s civilian infrastructure but had not attempted more widespread disruptions.
The sudden onslaught of cyber assaults on Russia threatens that détente.
“These armies of hackers will be a great story to tell our children years from now, but it is dangerous as hell,” said Golan. “They may think they are doing a heroic thing, but imagine a general in Russia who has to respond to losing water supply to Moscow? Suddenly, that level of equilibrium can be disturbed in a disastrous way.”
Tomi Engdahl says:
Venäjän autoilu kriisissä: autoja ei saada korjattua, vaikka takuu on voimassa
https://www.iltalehti.fi/autouutiset/a/3016f37b-2934-4a3a-a84d-301de518d832
Autoala toivoo lakimuutosta, etteivät kuluttajat voisi hakea korvauksia, kun heidän takuun alaiset autonsa jäävät korjaamoille.
Teknologia-alan toimijat ovat joutuneet vaikeuksiin Venäjällä, kun pakotteet ja globaali komponenttipula ovat aiheuttaneet tilanteen, ettei varaosia ole enää saatavilla. Asia koskee luonnollisesti esimerkiksi kodinkoneita, tietokoneita ja puhelimia, mutta on erityisen hankala juuri autoalalle, kun vähänkin monimutkaisempia tarvikkeita ei saada maahan.
Venäjän kuluttajansuojalakien mukaan takuuseen menevät korjaukset on tehtävä tuotteesta riippuen 30-45 päivän kuluessa ja mikäli tähän ei päästä, kuluttajalle on maksettava korvauksia jokaisesta päivästä, jolla korjaus viivästyy.
Autojen kohdalla jälleenmyyjät joutuvat korvaamaan prosentin auton arvosta jokaiselta ylimenevältä päivältä eli esimerkiksi 50 000 euron arvoisen tuontiauton tapauksessa sakkoa juoksee 500 euroa päivässä. Summat kasvavat nopeasti suuriksi, kun jo esimerkkiauton kohdalla kahden viikon viivästyminen tarkoittaisi 7000 euron korvausta.
Venäjän teollisuudenharjoittajien ja yrittäjien liitto (RSPP) sekä Venäjän autokauppiaiden liitto (ROAD) ovat vedonneet hallintoon, että lakeja höllennettäisiin. Ne varoittavat, että kuluttajien kanteet voivat aiheuttaa valtavia kustannuksia, mikä voi puolestaan johtaa konkursseihin. Venäläismediassa tästä on käytetty termiä ”kuluttajien ääriliikkeet”.
Venäjän bisnesmaailma on suurissa vaikeuksissa pakotteiden takia ja RSPP on pyytänyt duumalta lakimuutoksia, joilla Venäjän pankki pystyisi pelastamaan yrityksiä konkurssiaallolta.
Tomi Engdahl says:
Russia hacked an American satellite company one hour before the Ukraine invasion
The attack on Viasat showcases cyber’s emerging role in modern warfare.
By Patrick Howell O’Neillarchive page
May 10, 2022
https://www.technologyreview.com/2022/05/10/1051973/russia-hack-viasat-satellite-ukraine-invasion/?truid=&utm_source=the_download&utm_medium=email&utm_campaign=the_download.unpaid.engagement&utm_term=&utm_content=05-11-2022&mc_cid=95745650e8&mc_eid=19e8287bf2
Tomi Engdahl says:
Ukraine said Tuesday it was close to exhausting its gas supply. The crisis is taking shape after a Russian attack, the Wall Street Journal reported.
Russian attacks on a key Ukrainian refinery have created drastic shortages that have left the public with almost no fuel
https://markets.businessinsider.com/news/commodities/ukraine-nearly-exhausts-civilian-gas-supply-after-russian-attack-2022-5?utm_medium=social&utm_source=facebook.com&utm_campaign=sf-bi-main
Ukraine said Tuesday it has nearly exhausted its civilian fuel supply, the Wall Street Journal reported.
The country’s Economy Minister, Yulia Svyrydenko, said Ukraine would ration purchases to 10 liters.
Svyrydenko added that Ukraine was looking elsewhere to offset shortages, including the US and Poland.
Ukraine is days away from exhausting its civilian fuel supply, the Wall Street Journal first reported.
Yulia Svyrydenko, Ukraine’s Economy Minister, said Tuesday the country would limit purchases to 10 liters per tank. WSJ also reported that some gas lines are already nearing one mile in length.
Svyrydenko pointed to a recent Russian attack on Kremenchuk oil refinery, which supplies Ukraine with 50% of its petrol and diesel fuel, as driving the crisis. She said the country has 92,500 tons of gasoline and 81,400 tons of diesel in reserve.
Tomi Engdahl says:
https://www.uusisuomi.fi/uutiset/nyt-tuli-ilmoitus-ukraina-sulkee-kaasuputken-venajalta-eurooppaan/5495a4fd-021c-476b-9538-87f6be2f51a9
Tomi Engdahl says:
Putinin digitaalinen rautaesirippu murtuu – näin miljoonat venäläiset kiertävät valtion sensuurin
Venäjällä halutaan päästä länsimaisiin palveluihin ja nettisivuille.
https://www.iltalehti.fi/digiuutiset/a/6ccd341f-2e44-4e8b-95ad-2260482507c0
Venäjällä on estetty satoja nettisivustoja sekä useita palveluita, jotka ovat peräisin muun muassa Euroopasta sekä Yhdysvalloista. Tämä on saanut maan kansalaiset kiertämään rajoituksia VPN-palveluiden avulla, jotka mahdollistavat virtuaalisen sijainnin vaihtamisen toiseen.
Tomi Engdahl says:
How Starlink Scrambled to Keep Ukraine Online
Elon Musk’s intervention demonstrates how satellite internet could route around war or censorship far beyond Ukraine.
https://www.wired.com/story/starlink-ukraine-internet/
Tomi Engdahl says:
Hackers around the world have been called on by the Cyber ARMY of Ukraine to target Russia. Each day they release a new target list (at around 3am New York time, ugh!) and link to their own weapon, Death by 1,000 Needles.
This is the first time I’m aware that a national government has called on the entire world to participate in hacktivism against an invading country. It’ll be interesting to see how/if/when the FBI and other LEO’s react officially.
https://t.me/itarmyofukraine2022
Tomi Engdahl says:
https://thecryptosphere.com/2022/05/11/target-list-from-the-it-army-of-ukraine-for-may-11/
Tomi Engdahl says:
Venäjä ei murtanut Ukrainan selkärankaa eikä sen nettiyhteyttä – Nato-jäsenyyteen valmistautuvan Suomen verkoissa “tyyntä myrskyn edellä”
https://yle.fi/uutiset/3-12439958
Suomi on valmistautunut häirintään. Jos sabotaasi tai myrsky katkoo sähköt suomalaiselta tukiasemalta, akuista riittää virtaa vähintään kolmeksi tunniksi. Monissa Euroopan maissa akkuja ei ole ollenkaan.
Tomi Engdahl says:
Ukraina: Venäjän tankeista löydetty astianpesukoneista peräisin olevia siruja
Yhdysvaltain Venäjälle asettamat pakotteet ovat aiheuttaneet sen, että Venäjä on joutunut käyttämään sotakalustossaan osia tavallisista kuluttajien kodinkoneista, sanoi Yhdysvaltain kauppaministeri Gina Raimondo senaatin kuulemistilaisuudessa keskiviikkona.
Raimondon mukaan Ukrainan viranomaiset ovat kertoneet, että heidän haltuunsa saamista venäläistankeista on löydetty tietokonesiruja, jotka ovat peräisin astianpesukoneista ja jääkaapeista. Asiasta uutisoi muun muassa the Washington Post
https://yle.fi/uutiset/3-12441947
https://www.washingtonpost.com/technology/2022/05/11/russia-sanctions-effect-military/
Tomi Engdahl says:
Ukraine war: Don’t underestimate Russia cyber-threat, warns US
https://www.bbc.com/news/technology-61416320
There has been a sustained cyber-conflict over Ukraine which could still escalate, a senior US intelligence official has told the BBC.
Despite warnings, major cyber-attacks on the West have so far not materialised.
But Russia shouldn’t be underestimated, Rob Joyce, director of cyber-security at the National Security Agency said.
Meanwhile independent hackers targeting Russia in support of Ukraine could also spark escalation, he warned.
Meanwhile independent hackers targeting Russia in support of Ukraine could also spark escalation, he warned.
“I’m still very worried about the threats emanating from around the Russia-Ukraine situation,” Mr Joyce, one of America’s most experienced cyber officials, said.
Tomi Engdahl says:
If Finland and Sweden join NATO, it’s on Russia
Putin has failed to contain the military alliance, bringing it much closer to his borders instead.
https://www.politico.eu/article/finland-sweden-join-nato-russia/
Russian President Vladimir Putin has repeatedly pointed to NATO’s encroachment on his country’s borders as a reason for invading Ukraine. But if that were, indeed, his true aim, then Putin has failed spectacularly.
Not only have NATO countries moved tens of thousands of troops closer to Russia’s border in response to his invasion and agreed to send tens of billions worth of arms to Ukraine, they are also now about to welcome Finland and Sweden as new members, bringing NATO that much closer to Russia.
Tomi Engdahl says:
The Case for War Crimes Charges Against Russia’s Sandworm Hackers https://www.wired.com/story/cyber-war-crimes-sandworm-russia-ukraine/
A group of human rights lawyers and investigators has called on the Hague to bring the first-ever “cyber war crimes” charges against Russia’s most dangerous hackers.
Tomi Engdahl says:
Italy stops wide-ranging Russian attack on websites of parliament, military, health agency https://therecord.media/italy-killnet-hacking-military-parliament-national-health-institute/
The websites of Italy’s parliament, military and National Health Institute faced disruptions on Thursday by a pro-Russian hacking group previously implicated in a similar cyberattack on the Romanian government.
Tomi Engdahl says:
Russia Pushes Law to Force Taxi Apps to Share Data With Spy Agency
https://www.securityweek.com/russia-pushes-law-force-taxi-apps-share-data-spy-agency
Russia’s government has put forward a law to force ride-hailing apps to give the FSB intelligence agency real-time access to their data.
The Russian authorities have been ramping up restrictions on public freedoms since the start of Moscow’s offensive in Ukraine on February 24.
“The document prescribes the obligation of the taxi ordering service to provide the FSB with automated remote access to the information systems and databases used to receive, store, process and transmit taxi orders,” a statement published Wednesday by the lower house State Duma said.
Lawmaker Adalbi Shkhagoshev, a member of parliament’s security committee, told state news agency RIA Novosti that “this is a very difficult measure to implement, but that doesn’t mean it’s not necessary”.
Until now, the FSB could obtain this information if it filed a formal request with the taxi services, who had the right to respond within 30 days, according to the chairwoman of the national taxi development council, Irina Zaripova.
Tomi Engdahl says:
Kännykkä ja some mullistivat sodankäynnin
https://etn.fi/index.php/13-news/13566-kaennykkae-ja-some-mullistivat-sodankaeynnin
Onnittelut tulevasta NATOon liittymisestä. Ikävä kyllä sillä ei ole niin isoa merkitystä enää, sanoi Viron entinen presidentti Toomas Hendrik Ilves eilen Helsingin messukeskuksessa Cyber Security Nordic -tapahtuman avainpuheessaan. Toki Ilves sen jälkeen perusteli laajasti, miksi NATOon liittyminen ei ole niin iso juttu kuin miksi se on meillä ymmärretty.
Syynä on sodankäynnin muuttuminen. – Sodasta on tullut digitaalista. Oikeastaan vuoteen 2000 asti sotateknologiassa oli kyse kineettisen voiman tai nopeuden kasvattamisesta. Tietokoneen käyttö aseena muutti sotia olennaisesti, Ilves perusteli.
Toki kineettinen vaikuttaa yhä, sen näemme Venäjän hyökkäyssodan uutiskuvissa. Mutta nykysodassa digitaalisuus on tullut yhä tärkeämmäksi. Se huomattiin Virossa vuonna 2007, kun he löysivät venäläisen madon sotilasjärjestelmistään. Virolaiset riensivät näyttämään löydöstään NATOlle, joka totesi vain ”Ai se on teilläkin”.
Tämä on länsimaisille liberaaleille valtioille iso ongelma. Data ei tunne valtioiden rajoja, palvelunestohyökkäykset eivät pysähdy tulleihin, joten tiedustelutiedonkaan ei pitäisi pysähtyä rajoille. Tämän Ilves näkee tulevaisuudessa isoksi kehitysalueeksi EU:n tasolla.
- Kuvaavaa on, että EU:n suurissa data-asetuksissa DMA ja DSA (Digital Markets Act ja Digital Services Act) ei puhuta sanallakaan kyberturvallisuudesta
Tomi Engdahl says:
Pakotteet kurittavat Venäjän armeijaa – USA: panssarivaunuissa varaosia pesukoneista https://www.is.fi/ulkomaat/art-2000008813808.html
Tomi Engdahl says:
Sähkökauppa Venäjältä Suomeen keskeytyy lauantaina https://www.is.fi/taloussanomat/art-2000008815814.html
Tomi Engdahl says:
Reuters: Venäläinen hakkeriryhmä yritti estää Ukrainan viisuvoiton https://www.is.fi/digitoday/tietoturva/art-2000008818311.html
Tomi Engdahl says:
https://www.reuters.com/world/europe/italian-police-prevents-pro-russian-hacker-attacks-during-eurovision-contest-2022-05-15/
Tomi Engdahl says:
Droneja ohjaavista nörteistä on tullut venäläisten kauhu – näin ovelasti Ukraina käyttää lennokkejaan taistelukentällä
https://www.mtvuutiset.fi/artikkeli/droneja-ohjaavista-norteista-on-tullut-venalaisten-kauhu-nain-ovelasti-ukraina-kayttaa-lennokkejaan-taistelukentalla/8426730#gs.08ozcu
Tomi Engdahl says:
Russia cuts off electricity to Finland; industry group sees Nato link
While Russia has only supplied a small fraction of electricity used in Finland lately, the shutoff will raise prices here.
https://yle.fi/news/3-12446050
Tomi Engdahl says:
Fingridin toimitusjohtaja: Sähkötoimitusten katkaiseminen ei ole ”venäläislähtöinen” toimenpide https://www.is.fi/taloussanomat/art-2000008817918.html
Tomi Engdahl says:
How shortwave radio is resurfacing as a tool in Ukraine
https://www.ctvnews.ca/sci-tech/how-short-wave-radio-is-resurfacing-as-a-tool-in-ukraine-1.5894366
In a world of mobile phones, satellites and the internet, some old school technology is making a major comeback. The shortwave radio, used by spies for decades to send encrypted messages, is being resurrected for the war in Ukraine.
According to Dr. Andrew Hammond, curator and historian at Washington, D.C.’s International Spy Museum, the shortwave radio “is a classic tool that was used for espionage.
After Russia attacked communication towers in Ukraine, the BBC went old school, broadcasting their news service on the shortwave frequency to counter Russian propaganda about the war.
“The BBC is using it to transmit it because it’s a lot harder to block those transmissions,” John Figliozzi, a shortwave radio expert and author of the book ‘The Worldwide Listening Guide,’ told CTV National News. “It’s an old technology, but it works.”
Used in conflict zones, shortwave is less complicated than other communication avenues, and travels further than TV or cell phones.
When shortwave transmissions are directed at an angle into the sky, they bounce off of a layer of atoms in the atmosphere called the ionosphere, allowing them to travel beyond the horizon, much farther than other radio waves that are limited by having to transmit in a straight line.
Over the past few months, amateur radio hobbyists have used shortwave to pick up Russian soldiers openly discussing battle plans. Anti war protestors have also used it to ‘troll’ the Russian military, by blasting the Ukrainian national anthem or jamming their channels with annoying ear worms.
But could shortwave make a difference in Ukraine?
“You know necessity is the mother of invention right?” said Figliozzi. “If you need to get through, you’re going to try anything.”
Sending signals and listening — with a tool from the past, reborn.
Tomi Engdahl says:
Suomi valmistautuu kyberhyökkäyksiin – meillä on “supervoima”, jota muilla ei ole https://www.is.fi/digitoday/tietoturva/art-2000008809079.html
Suomen verkoissa on paikkaamattomia haavoittuvuuksia, jotka avaavat oven verkkohyökkääjälle. Muualla maailmassa viranomaiset ja yrityskenttä eivät kuitenkaan kykene samanlaiseen yhteistyöhön kuin täällä. LIIKENNE- ja viestivirasto Traficomin Kyberturvallisuuskeskuksen poikkeamien hallinnan palvelukokonaisuuden johtaja Arttu Lehmuskallion mukaan teleoperaattorit ja muu elinkeinoelämä työskentelevät viranomaisten kanssa tavalla, joka on maailman mittakaavassa ainutlaatuinen. – Olen ihmetellyt muualla käytettävää termiä public private partnership (julkisen ja yksityisen sektorin yhteistyö). Se on supervoima, joka meillä Suomessa jo on, Lehmuskallio sanoo.
Tomi Engdahl says:
Suomen Nato-hakemus voi johtaa Venäjän kyberhyökkäyksiin tällaisia ne ovat
https://www.iltalehti.fi/tietoturva/a/8d64eacb-dd0e-4d31-93b1-8dbed19f1507
Kyberturvallisuuskeskuksen ylijohtaja Sauli Pahlmanin mukaan ei ole syytä ajatella, että kyberuhkien määrä lientyisi lähitulevaisuudessa.
Pahlman pitää mahdollisena, että Venäjä tulee kohdistamaan Suomeen enemmän kyberhyökkäyksiä Nato-hakemuksen lähettämisen jälkeen. – Mikäli Venäjä katsoisi Suomen Nato-jäsenyyden hakemisen toimena, joka kyberhyökkäyksien keinoin vaatisi protestin tai viestin lähettämistä, kyllähän se tarkoittaisi sitä, että kyberuhkatasossa nousu varmasti nähtäisi, hän kertoo. – Kaikki poikkeustilanteet herättävät rikollisten kiinnostuksen. Se on heidän näkökulmastaan otollinen aika iskeä. Hyökkäykset eivät välttämättä kohdistuisi vain valtionhallintoon, lisää Traficomin asiantuntija Jussi Eronen.
Tomi Engdahl says:
Russia-linked Armageddon APT using occupied Kherson as a lure in attacks targeting Ukraine https://www.cybersecurity-help.cz/blog/2643.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has detected a new cyber-espionage campaign that is delivering the GammaLoad malware via phishing emails allegedly containing information related to Ukraine’s Kherson region, which has been occupied by Russia since February 2022.
Tomi Engdahl says:
Google Chrome updates failing on Android devices in Russia https://www.bleepingcomputer.com/news/security/google-chrome-updates-failing-on-android-devices-in-russia/
A growing number of Android Google Chrome users in Russia are reporting errors when attempting to install the latest update for the web browser. The number of complaints is increasing every day but so far, the cause of the problem remains unknown and is still unsolved.
Tomi Engdahl says:
Eurovision 2022 FinalRussian Hackers Say They Can Stop Ukraine Kalush Orchestra Win https://www.forbes.com/sites/daveywinder/2022/05/14/eurovision-2022-final-russian-hackers-say-they-can-stop-ukraine-kalush-orchestra-win/
The same Russian threat actors that this week targeted Italian parliamentary and military websites and threatened to disrupt U.K.
National Health Service (NHS) services, could now have the Eurovision Song Contest 2022 final in their crosshairs. The Killnet threat group has threatened to “send 10 billion requests” to the Eurovision online voting system and “add votes to some other country.”
Tomi Engdahl says:
Kännykkä ja some mullistivat sodankäynnin
https://etn.fi/index.php?option=com_content&view=article&id=13566&via=n&datum=2022-05-13_16:50:47&mottagare=30929
Onnittelut tulevasta NATOon liittymisestä. Ikävä kyllä sillä ei ole niin isoa merkitystä enää, sanoi Viron entinen presidentti Toomas Hendrik Ilves eilen Helsingin messukeskuksessa Cyber Security Nordic -tapahtuman avainpuheessaan. Toki Ilves sen jälkeen perusteli laajasti, miksi NATOon liittyminen ei ole niin iso juttu kuin miksi se on meillä ymmärretty.
Syynä on sodankäynnin muuttuminen. – Sodasta on tullut digitaalista. Oikeastaan vuoteen 2000 asti sotateknologiassa oli kyse kineettisen voiman tai nopeuden kasvattamisesta. Tietokoneen käyttö aseena muutti sotia olennaisesti, Ilves perusteli.
Toki kineettinen vaikuttaa yhä, sen näemme Venäjän hyökkäyssodan uutiskuvissa. Mutta nykysodassa digitaalisuus on tullut yhä tärkeämmäksi. Se huomattiin Virossa vuonna 2007, kun he löysivät venäläisen madon sotilasjärjestelmistään. Virolaiset riensivät näyttämään löydöstään NATOlle, joka totesi vain ”Ai se on teilläkin”.
Tämä on länsimaisille liberaaleille valtioille iso ongelma. Data ei tunne valtioiden rajoja, palvelunestohyökkäykset eivät pysähdy tulleihin, joten tiedustelutiedonkaan ei pitäisi pysähtyä rajoille. Tämän Ilves näkee tulevaisuudessa isoksi kehitysalueeksi EU:n tasolla.
- Kuvaavaa on, että EU:n suurissa data-asetuksissa DMA ja DSA (Digital Markets Act ja Digital Services Act) ei puhuta sanallakaan kyberturvallisuudesta.