Ukraine-Russia cyber war

Ukraine and Russia seems to be at the moments on both traditional and cyber war. We could call that hybrid warfare. We are at a cyber war. Countless examples exist of damage to infrastructure from hostile acts via computer attacks. Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar. On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. Russia started to conduct attacks to Ukraine on February 24. Before physical attacks Russia did several cyber attacks towards IT systems in Ukraine.

Here are links to some material on the cyber side of this war:

How the Eastern Europe Conflict Has Polarized Cyberspace
https://blog.checkpoint.com/2022/02/27/how-the-eastern-europe-conflict-polarized-cyberspace/
The war between Russia and Ukraine is advancing. People everywhere are deciding who they will support. The same dynamic happens in the cyberspace. Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices. Historically, Russia has had superiority over Ukraine in the cyberspace. And last week, Ukraine was attacked by destructive wiping malware. However, the situation is starting to change, as most of the non-nation cyber state actors are taking the side of Ukraine. To defend itself, the Ukrainian government has created an international IT army of hacktivists.

As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
https://techcrunch.com/2022/03/02/as-war-escalates-in-europe-its-shields-up-for-the-cybersecurity-industry/
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”

Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns. We are fielding a growing number of inquiries about these aspects and our work, and therefore we are putting in one place a short summary about them in this blog. This includes four areas: protecting Ukraine from cyberattacks; protection from state-sponsored disinformation campaigns; support for humanitarian assistance; and the protection of our employees.. Also:
https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/

Ukraine: Cyberwar creates chaos, ‘it won’t win the war’
https://www.dw.com/en/ukraine-cyberwar-creates-chaos-it-wont-win-the-war/a-60999197
There have been at least 150 cyberattacks in Ukraine since Russia’s invasion. Their effect is mainly psychological, and experts say they won’t decide the war.
Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar.
The global technology company Microsoft has said its Threat Intelligence Center (MSTIC) detected “destructive cyberattacks directed against Ukraine’s digital infrastructure” hours before the first launch of missiles or movement of tanks on February 24.
Those attacks, which Microsoft dubbed FoxBlade, included so-called wipers — malicious software or malware — that make their way inside computer networks and literally wipe the data from all connected devices.
Cybersecurity experts in Germany have said there have been over a hundred cyberattacks, in various forms, since then. But their effect has mainly been psychological.

Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine
https://time.com/6153902/russia-major-cyber-attacks-invasion-ukraine/
In the relatively short and rapidly evolving history of cyber conflict, perhaps nothing has been established with greater certainty and more widely accepted than the idea that Russia has significant cyber capabilities and isn’t afraid to use them—especially on Ukraine. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and the virus quickly spread across the globe costing businesses billions of dollars in damage and disruption.
As tensions escalated between Russia and Ukraine, many people were expecting the conflict to have significant cyber components.
But as the invasion continues with few signs of any sophisticated cyber conflict, it seems less and less likely that Russia has significant cyber capabilities in reserve, ready to deploy if needed. Instead, it begins to look like Russia’s much vaunted cyber capabilities have been neglected in recent years, in favor of developing less expensive, less effective cyber weapons that cause less widespread damage and are considerably easier to contain and defend against. For instance, many of the cyberattacks directed at Ukraine in the past month have been relatively basic distributed denial-of-service attacks.
Given Russia’s past willingness to deploy cyberattacks with far-reaching, devastating consequences, it would be a mistake to count out their cyber capabilities just because they have so far proven unimpressive. And it’s all but impossible to prove the absence of cyber weapons in a nation’s arsenal. But the longer the conflict goes on without any signs of sophisticated cyber sabotage, the more plausible it becomes that the once formidable Russian hackers are no longer playing a central role in the country’s military operations.

Crowd-sourced attacks present new risk of crisis escalation
https://blog.talosintelligence.com/2022/03/ukraine-update.html
An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques.
Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well. Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine. Based on data from our fellow researchers at Cisco Kenna, customers should be most concerned about threat actors exploiting several recently disclosed vulnerabilities, highlighting the importance of consistently updating software and related systems.

Russia, Ukraine and the Danger of a Global Cyberwar
https://www.securityweek.com/russia-ukraine-and-danger-global-cyberwar
On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. At the time of writing, it is not yet a full invasion of Ukraine, but Russia did conduct attacks on February 24, hitting cities with airstrikes and artillery in what was called a “special military operation” by Russian President Vladamir Putin.
Russia has been waging its own cyberwar against Ukraine for many years.
Since the beginning of 2022, however, it seems that Russian cyber activity against Ukraine has increased. This includes evidence that wiper malware has again disrupted some Ukrainian government networks, and attacks from the FSB-linked Gamaredon have targeted around 5,000 entities, including critical infrastructure and government departments. So far, however, there has not been the same scale of disruption as occurred in 2015, 2016 and 2017.
The purpose of such cyber activity is to weaken critical infrastructure, damage government’s ability to respond to any aggression, and to demoralize the population.
The U.S. has been warning the rest of the world against a potential widening scope of Russian cyber activity, and that cyber defenses generally should be tightened.
“Part of the worry,” said Willett, “is that cyberattacks against Ukraine might bleed over, like NotPetya, to affect other countries and cause wider damage unintentionally. There is some concern that the Russians may intentionally do stuff more widely, but that would probably be in retaliation for something that the U.S. or NATO might do.
This raises the whole question of ‘attribution’. The received belief is it is impossible to do accurate cyber attribution. ““It would be a mistake for any one nation to think it could attack another without being known,” said Willett.That is absolutely wrong,” said Willett.
But accidents happen. The two iconic cyberweapons have been Stuxnet and NotPetya. It is assumed that the U.S. developed Stuxnet (although this has never been admitted). NotPetya has been confidently attributed to the Russian government. Both malwares escaped from their assumed targets into the wider world. This was probably accidental – but similar accidents could lead to wider implications during a period of global geopolitical tension.
On the morning of February 24, 2022, Russian troops invaded Ukraine. This was accompanied by a further increase in cyber activity.

Ukraine Digital Army Brews Cyberattacks, Intel and Infowar
https://www.securityweek.com/ukraine-digital-army-brews-cyberattacks-intel-and-infowar
Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence.
Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.
The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.
The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.
It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.

Ukraine Cyber Official: We Only Attack Military Targets
https://www.securityweek.com/ukraine-cyber-official-we-only-attack-military-targets
A top Ukrainian cybersecurity official said Friday a volunteer army of hundreds of hackers enlisted to fight Russia in cyberspace is attacking only what it deems military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
Victor Zhora, deputy chair of the state special communications service, also said that there had been about 10 hostile hijackings of local government websites in Ukraine to spread false text propaganda saying his government had capitulated. He said most of Ukraine’s telecommunications and internet were fully operational.
Zhora told reporters in a teleconference that presumed Russian hackers continued to try to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — trying to infect the devices of individual citizens.

Army of Cyber Hackers Rise Up to Back Ukraine
https://www.securityweek.com/army-cyber-hackers-rise-back-ukraine
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other “hacktivists” to stay out of a potentially very dangerous computer war.
According to Livia Tibirna, an analyst at cyber security firm Sekoia, nearly 260,000 people have joined the “IT Army” of volunteer hackers, which was set up at the initiative of Ukraine’s digital minister Mykhailo Fedorov.
The group, which can be accessed via the encrypted messaging service Telegram, has a list of potential targets in Russia, companies and institutions, for the hackers to target.
It’s difficult to judge the effect the cyber-army is having.

Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Russia Blocks Access to Facebook Over War
https://www.securityweek.com/russia-blocks-access-facebook-over-war
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine.
The agency, Roskomnadzor, said Friday it decided to cut access to Facebook over its alleged “discrimination” of the Russian media and state information resources. It said the restrictions introduced by Facebook owner Meta on the RT and other state-controlled media violate the Russian law.

Cyberattack Knocks Thousands Offline in Europe
https://www.securityweek.com/cyberattack-knocks-thousands-offline-europe
Thousands of internet users across Europe have been thrown offline after what sources said Friday was a likely cyberattack at the beginning of Russia’s offensive in Ukraine.
According to Orange, “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a “cyber event” on February 24 at Viasat, a US satellite operator of which it is a client.
Eutelsat, the parent company of the bigblu satellite internet service, also confirmed to AFP on Friday that around one-third of bigblu’s 40,000 subscribers in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were affected by the outage on Viasat.
In the US, Viasat said on Wednesday that a “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
Viasat gave no further details, saying only that “police and state partners” had been notified and were “assisting” with investigations.
General Michel Friedling, head of France’s Space Command said there had been a cyberattack.

Cybercriminals Seek to Profit From Russia-Ukraine Conflict
https://www.securityweek.com/cybercriminals-seek-profit-russia-ukraine-conflict
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations.
Just over a month ago, soon after the destructive WhisperGate attacks on multiple government, IT, and non-profit organizations in Ukraine, threat actors started to advertise on the dark web access to both breached networks and databases that allegedly contained personally identifiable information (PII).
Amid Russian invasion, Ukraine granted formal role with NATO cyber hub https://therecord.media/amid-russian-invasion-ukraine-granted-formal-role-with-nato-cyber-hub/
Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col.
Jaak Tarien, the institution’s director, said in a statement.

This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
In the days following Russia’s invasion of Ukraine, dozens of hacking groups have taken sides in the conflict, launching attacks on various organizations and government institutions. Cyber Unit Technologies, a Kyiv-based cybersecurity startup, has been particularly outspoken on Tuesday, the company started a campaign to reward hackers for taking down Russian websites and pledged an initial $100, 000 to the program.

High Above Ukraine, Satellites Get Embroiled in the War
https://www.wired.com/story/ukraine-russia-satellites/
While the Russian invasion rages on the ground, companies that operate data-collecting satellites find themselves in an awkward position.
Some researchers are worried that the reliance on satellite imagery has given too much power to the companies that control this technology. “There’s companies like Maxar and Planet that are privately owned and they have the final say on whether or not they want to share the information, ” says Anuradha Damale. The role of private companies in conflicts such as Ukraine means commercial satellites could become targets. In the days before Russia invaded, US space officials warned satellite companies that the conflict could extend into space.

CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations
CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.
Alert: https://www.cisa.gov/uscert/ncas/alerts/aa22-057a

US firms should be wary of destructive malware unleashed on Ukraine, FBI and CISA warn – CNNPolitics
https://www.cnn.com/2022/02/26/politics/ukraine-malware-warning-cybersecurity-fbi-cisa/index.html
EU Activates Cyber Rapid Response Team Amid Ukraine Crisis

https://www.bankinfosecurity.com/eu-activates-cyber-rapid-response-team-amid-ukraine-crisis-a-18584

Amid rapid escalation in the Russia-Ukraine conflict derived from historical grievances and qualms with Ukraine’s plan to join the military alliance NATO, the world’s network defenders remain on high alert. And on Tuesday, the European Union confirmed that it will activate its elite cybersecurity team to assist Ukrainians if Russian cyberattacks occur.

UK alludes to retaliatory cyber-attacks on Russia
https://therecord.media/uk-alludes-to-retaliatory-cyber-attacks-on-russia/
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.

Amazon: Charities, aid orgs in Ukraine attacked with malware
https://www.bleepingcomputer.com/news/security/amazon-charities-aid-orgs-in-ukraine-attacked-with-malware/
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia’s war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.

Ransomware Used as Decoy in Destructive Cyberattacks on Ukraine
https://www.securityweek.com/ransomware-used-decoy-destructive-cyberattacks-ukraine
Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine

https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine

Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
The new malware, dubbed “HermeticWiper” by the cybersecurity community, is designed to erase infected Windows devices. The name references a digital certificate used to sign a malware sample — the certificate was issued to a Cyprus-based company called Hermetica Digital.
“At this time, we haven’t seen any legitimate files signed with this certificate. It’s possible that the attackers used a shell company or appropriated a defunct company to issue this digital certificate,” explained endpoint security firm SentinelOne, whose researchers have been analyzing the new malware.
The malware has also been analyzed by researchers at ESET and Symantec. Each of the companies has shared indicators of compromise (IoCs) associated with HermeticWiper.
ESET first spotted HermeticWiper on Wednesday afternoon (Ukraine time) and the company said hundreds of computers in Ukraine had been compromised.

HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/
On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. Our analysis shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure. This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack. This sample is actively being used against Ukrainian organizations, and this blog will be updated as more information becomes available. Also:
https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/

HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine https://blog.malwarebytes.com/threat-intelligence/2022/03/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine/
The day before the invasion of Ukraine by Russian forces on February 24, a new data wiper was unleashed against a number of Ukrainian entities. This malware was given the name “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd. This wiper is remarkable for its ability to bypass Windows security features and gain write access to many low-level data-structures on the disk. In addition, the attackers wanted to fragment files on disk and overwrite them to make recovery almost impossible.

In Ukraine, Online Gig Workers Keep Coding Through the War
https://www.wired.com/story/gig-work-in-ukraine/
Freelancers or gig workers who piece together work on online platforms are a hidden engine of the Ukrainian economyand the world’s. They work as software engineers, project managers, IT technicians, graphic designers, editors, and copywriters. And they work for everyone.
Invading Russian forces have plunged freelancers’ home offices into chaos and uncertainty. Vlad, a video editor in southern Ukraine, says he’s grown accustomed to the air alarm signal, and hiding until it has passed. Now there are battles 30 miles from his home. “But as long as there is water, electricity, and internet, I can work, ” he says.
“Because we all need to live for something, eat

Leaving Russia? Experts Say Wipe Your Phone Before You Go
https://www.forbes.com/sites/thomasbrewster/2022/03/04/russians-escaping-putins-repression-urged-to-wipe-their-phones/
Russians fleeing President Vladimir Putin’s regime as it cracks down on anti-war sentimentand rumors of martial law grow louderare being advised to wipe their phones, especially of any traces of support for Ukraine. If they don’t, experts say they may face detention. They’re starting by deleting messages on Signal, Telegram or any app that promises security. For those leaving the country, they’re deleting the apps themselves, and urging others to do the same. Russian media has first-hand accounts of lengthy interrogations at the border, along with phone and laptop searches, though Forbes could not corroborate those claims.

Why ICANN Won’t Revoke Russian Internet Domains
The organization says cutting the country off would have “devastating” effects on the global internet system.
https://www.wired.com/story/why-icann-wont-revoke-russian-internet-domains/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
Ukraine on Monday asked ICANN to revoke Russian top-level domains such as .ru, .рф, and .su; to “contribute to the revoking for SSL certificates” of those domains; and to shut down DNS root servers in Russia. Fedorov argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
Ukraine’s request to cut Russia off from core parts of the internet has been rejected by the nonprofit group that oversees the Internet’s Domain Name System (DNS). CEO Göran Marby of the Internet Corporation for Assigned Names and Numbers (ICANN) said the group must “maintain neutrality and act in support of the global internet.”
“Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the internet—regardless of the provocations,” Marby wrote in his response to Ukraine Vice Prime Minister Mykhailo Fedorov.
https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf

TikTok Was Designed for War
As Russia’s invasion of Ukraine plays out online, the platform’s design and algorithm prove ideal for the messiness of war—but a nightmare for the truth.
https://www.wired.com/story/ukraine-russia-war-tiktok/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi

2,362 Comments

  1. Tomi Engdahl says:

    Mikko Hyppöseltä painava viesti Ukrainalle: “Kun sota on ohi…”
    https://www.tivi.fi/uutiset/tv/e019bfe4-5054-47f8-8ad8-e838af90625f
    Länsimielisten hakkereiden saavutukset ovat tietoturvagurun mielestä uskomattomia.

    Reply
  2. Tomi Engdahl says:

    Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/
    This week our analysts discovered a new campaign that plays on these concerns by trying to lure Germans with a promise of updates on the current threat situation in Ukraine. The downloaded document is in fact decoy for a Remote Access Trojan (RAT) capable of stealing data and executing other malicious commands on a victim’s computer.

    Reply
  3. Tomi Engdahl says:

    Russian cyber attack on Eurovision foiled by Italian authorities https://www.bitdefender.com/blog/hotforsecurity/russian-cyber-attack-on-eurovision-foiled-by-italian-authorities/
    The day after the contest Reuters reported that Italian police had “thwarted attacks by pro-Russian groups” during the Eurovision semi-final on May 10, and the ultimate final on Saturday. Police say that they infiltrated pro-Russian hacker Telegram channels to gather information, help prevent attacks against network infrastructure being used by Eurovision, and identify the geographic location of attacks.

    Reply
  4. Tomi Engdahl says:

    Uber-style technology helped Ukraine to destroy Russian battalion
    https://www.thetimes.co.uk/article/uk-assisted-uber-style-technology-helped-ukraine-to-destroy-russian-battalion-5pxnh6m9p

    Reaaliaikainen tiedustelu ja paikkatiedot sekä strategia mihin isku kohdistetaan.

    Reply
  5. Tomi Engdahl says:

    https://bykvu.com/eng/bukvy/left-in-ashesh-ukrainian-scientist-bemoans-loss-of-kharkiv-gene-bank-destroyed-by-russian-troops/

    Reply
  6. Tomi Engdahl says:

    Evaluation of cyber activities and the threat landscape in Ukraine https://securelist.com/evaluation-of-cyber-activities-and-the-threat-landscape-in-ukraine/106484/
    When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in the cyber domain did not match their predictions. Since the beginning of the fighting, new cyberattacks taking place in Ukraine have been identified every week, which lead to a variety of interpretations – and indeed a global feeling of confusion. In this report, we aim to provide a strategic technical assessment of our understanding of current events.

    Reply
  7. Tomi Engdahl says:

    Mikko Hyppönen: Verkkorikollisista tulee liian rikkaita
    https://etn.fi/index.php/13-news/13593-mikko-hyppoenen-verkkorikollisista-tulee-liian-rikkaita

    WithSecuren tutkimusjohtaja Mikko Hyppönen oli yksi viime viikolla järjestetyn Cyber Security Nordcin pääpuhujista. Hyppönen kiinnitti huomionsa siihen, että kyberrikollisryhmistä on tulossa liian varakkaita. – He kisaavat pian samoista tekoäly- ja koneoppimisosaajista kuin kyberturvayritykset.

    Kyberrikosten roolia ei pidä liioitella sodankäynnissä, mutta vaikutusta sillä ilman muuta on. Hyppönen muistutti Venäjän hyökkäyssodan ensimmäisen viikonlopun uutisista, joissa kerrottiin ukrainalaisten naisten ja lasten joutuneen jonottamaan rajalla maasta poispääsyä jopa 36 tuntia, koska venäläiset onnistuivat pyyhkimään pois rajavalvonnan tietokannat Hermetic Viper -haittaohjelmalla. – Raja oli auki, mutta kaikki jouduttiin tekemään käsin, kun tietokoneet eivät toimineet.

    Myös länsi on ollut hämmästyttävän tehokas kyberiskuissaan, sillä verkosta löytyy tänäänkin satoja gigatavua venäläisten viranomaisten, regulaattorien ja öljy- ja kaasuyritysten dataa. – Tälläkin on merkitystä erityisesti pakotteiden kannalta. Täytyy tietää, missä raha on, Hyppönen sanoi.

    Heti sodan alkamisen jälkeen 25. huhtikuuta rikollisryhmä Conti ilmoitti tor-verkossa olevansa sodassa mukana Venäjän hallituksen tukena. Tämän jälkeen Conti on käynnistänyt esimerkiksi Ransomware-kampanjoita yrityksiä kohtaan Euroopassa. Hyppösen mukaan yksi uhreista on Nordex, joka operoi suuria tuulivoimapuistoja Euroopassa.

    - Jos näitä lunnaita maksetaan, ne maksetaan sanktioimattomissa valuutoissa. Bitcoinit eivät perustu poliittisiin päätöksiin vaan matematiikkaan. Matematiikka ei välitä sanktioista tai regulaatiosta. Kryptovaluuttaa ei voi sanktioida.

    Reply
  8. Tomi Engdahl says:

    US, NATO dangerously aim to destroy Russia’s military
    https://asiatimes.com/2022/05/us-nato-dangerously-aim-to-destroy-russias-military/

    It is now official US and NATO policy to damage Russia’s armed forces to a degree that it will take a very long time to recover

    Nothing like a coherent strategy emerged from 20 years of NATO’s war in Afghanistan; at best there were long lists of aspirations with no clear objectives or assessments of the resources needed to achieve them.

    But, two months after the Russian invasion, it looks very much as if the US and NATO are beginning to develop a coherent plan for Ukraine. Military strategy has been described as a synthesis of ends, ways and means. Last week, senior US and UK officials clarified the objectives – the ends.

    For some time the US and NATO spoke of defending the sovereignty and territorial integrity of Ukraine. On April 25, in a speech pledging to defend the “rules-based international order”, Lloyd Austin, the US defense secretary, announced that the US wanted Russia “weakened to the point that it can’t do things like invade Ukraine.”

    There should be no ambiguity about this. It is now US (and therefore NATO) policy to damage the Russian armed forces to a degree from which it will take a very long time to recover.

    There are dangers in this strategic approach. For example, it is by no means clear that all NATO countries are entirely bought into Ukrainian (and US and UK) aims of completely restoring Ukrainian territorial integrity, let alone removing the Russian armed forces as a going concern.

    This provides the opportunity for Russia to open and widen rifts as the war drags on and a diplomatic settlement continues to appear remote. This was Serbia’s strategy during the far shorter and less intense Kosovo war. Then there is always the danger of Russian nuclear strikes in the event of “catastrophic” Ukrainian success – a small but increasing danger.

    To place this in context, the entire Russian defense budget for the current year is $65.9 billion. Some believe that the Lend-Lease Act is an open-ended commitment by “the arsenal of democracy” to Ukraine which might encourage Russia to the negotiating table.

    Finally, how will the West and Ukraine achieve their objectives? The first imperative on the battlefield, of course, is to secure success in the current main effort in the Donbas region. Russia is making local gains there, but is unlikely to achieve the breakthrough necessary to destroy Ukrainian forces.

    After that, it seems likely that the Russian army will be in no state to resume the offensive any time soon. This will remain so, even if President Vladimir Putin announces a mass mobilization, as some – including the British defense secretary, Ben Wallace – believe he will.

    Russia will find it very difficult to replace the troops and equipment it has lost in the short and medium terms.

    Bolstering Ukraine’s defenses
    Further, a remarkable transformation is taking place in Ukraine’s army amounting to its de facto military integration into NATO. As Western equipment filters through to the frontline, NATO-standard weaponry and ammunition will be brought into Ukrainian service.

    We have already seen the effect of superior NATO weapons systems on Russia’s tanks and aircraft. The die will really be cast for the Russians when they lose their traditional dominance in artillery.

    detection radar have been designed to accomplish exactly this

    In the air itself, it is questionable whether introducing Western fighter aircraft will take place in the short term, given the lead times for supply and lengthy training requirements of at least six weeks. It is clear, though, that such transfers are no longer ruled out.

    Extensive systems for training Ukrainian troops are being set up in Poland and many other NATO states.

    All of this is likely to produce a situation, perhaps as early as June or July, when the Ukrainian army can counterattack to regain some of the ground it has lost. Some analysts, including this author, believe that a reequipped Ukrainian army may be in a position to do this very successfully indeed.

    But it is important never to forget the former US secretary of defense, Marine General James Mattis, who said: “We may want a war over. We may even declare it over … But the enemy gets a vote.”

    Reply
  9. Tomi Engdahl says:

    Mauro Orru / Wall Street Journal:
    Google’s Russian subsidiary plans to file for bankruptcy, saying it is impossible to pay employees and suppliers after authorities seized its bank account

    Google Subsidiary in Russia to File for Bankruptcy
    Tech giant had already paused most of its commercial operations in the country
    https://www.wsj.com/articles/google-subsidiary-in-russia-to-file-for-bankruptcy-11652876597?mod=djemalertNEWS

    Tech giant had already paused most of its commercial operations in the country
    Russians Cope With Ukraine War’s Fallout: Bulk Buying, Jobs in Limbo
    With Ukraine War’s Fallout: Bulk Buying, Jobs in Limbo
    Hundreds of foreign companies from Pepsi to Apple to IKEA have pulled back operations in Russia as the West has hit the country with sweeping sanctions

    The Russian subsidiary of Alphabet Inc.’s GOOG -1.81%▼ Google plans to file for bankruptcy, saying it had become impossible for the company to pay employees and suppliers.

    Google LLC submitted a notice of intent to declare itself bankrupt, according to a message published Wednesday on Russia’s Fedresurs registry. A Google spokesperson separately said an earlier move by authorities to seize its bank account made continuing operations in the country impossible.

    “The Russian authorities’ seizure of Google Russia’s bank account has made it untenable for our Russia office to function, including employing and paying Russia-based employees, paying suppliers and vendors, and meeting other financial obligations,” the Google spokesperson said.

    The company had already paused most of its commercial operations in Russia, including all advertising, after the country’s communications censor accused the company’s YouTube video service of spreading misinformation and stoking protests.

    “We’ll continue to keep free services such as Search, YouTube, Gmail, Maps, Android and Play available,” the spokesperson said.

    Reply
  10. Tomi Engdahl says:

    FBI Takes Down Russian GRU Sandworm Botnet: What You Need To Know
    https://mytechdecisions.com/it-infrastructure/fbi-takes-down-russian-gru-sandworm-botnet-what-you-need-to-know/

    The FBI obtained a court order to remove Russian botnet malware from firewall devices from thousands of victims. Here’s what you need to know

    Reply
  11. Tomi Engdahl says:

    Venäjä julkaisi oman sovellus­kaupan – hakkerit iskivät heti https://www.is.fi/digitoday/tietoturva/art-2000008824661.html

    Uusi NashStore joutui heti Ukrainan hakkeriarmeijan kohteeksi.

    VENÄJÄ on avannut oman sovelluskaupan Android-puhelinsovelluksille. NashStore, suomalaisittain ”meikäläisten kauppa”, aukesi sovelluskehittäjille voitonpäivänä eli 9. toukokuuta. Suurelle yleisölle kauppa avattiin maanantaina 16.5.

    ANO Digital Platformsin kehittämän kaupan on tarkoitus tarjota venäläisille ja muille entisen Neuvostoliiton maiden kansalaisille sovelluskauppaa, johon talouspakotteet eivät vaikuta.

    NASHSTORE on joutunut heti julkistuksensa jälkeen Ukrainan koordinoiman IT Army of Ukraine -hakkerien hyökkäyksen kohteeksi. Sovelluskauppa on maalitettiin ryhmän Telegram-kanavalla eilen tiistaina eli päivää suurelle yleisölle aukeamisen jälkeen ja siihen on alettu kohdistaa vahvoja palvelunestohyökkäyksiä.

    Yleensä Ukrainan hakkeriarmeijan hyökkäykset kaatavat nopeasti kohteena olevat palvelut. Kirjoitushetkellä NashStoren verkkosivu toimii, mutta itse palvelu ei ole käytettävissä.

    SAMAAN aikaan hakkerien hyökkäyksen kohteena ovat Venäjän paikalliset tiedotusvälineet sekä digitaaliset allekirjoitukset. Jälkimmäiset ovat verkkoasioinnin mahdollistavia varmenteita ja niiden toimimattomuus estää tai vaikeuttaa sähköistä asiointia.

    Ukrainan hakkeriarmeijan tarkoitus on tuoda sota näkyväksi tavallisten venäläisten arkeen. Alkukuusta iskut kohdistettiin Egaisiin eli Venäjän keskitettyyn alkoholin tuotannon ja ostojen raportointijärjestelmään, jonka käyttö on pakollista maan alkoholialan toimijoille. Operaatio hankaloitti alkoholin myyntiä maassa.

    Reply
  12. Tomi Engdahl says:

    Venäjä julkaisi oman sovelluskaupan – hakkerit iskivät heti https://www.is.fi/digitoday/tietoturva/art-2000008824661.html
    Venäjä on avannut oman sovelluskaupan Android-puhelinsovelluksille.
    NashStore, suomalaisittain “meikäläisten kauppa”, aukesi sovelluskehittäjille voitonpäivänä eli 9. toukokuuta. Suurelle yleisölle kauppa avattiin maanantaina 16.5. Nashstore on joutunut heti julkistuksensa jälkeen Ukrainan koordinoiman IT Army of Ukraine
    - -hakkerien hyökkäyksen kohteeksi. Sovelluskauppa on maalitettiin ryhmän Telegram-kanavalla eilen tiistaina eli päivää suurelle yleisölle aukeamisen jälkeen ja siihen on alettu kohdistaa vahvoja palvelunestohyökkäyksiä. Vaikka verkkohyökkäysten toteuttaminen Ukrainan tukemiseksi saattaisi tuntua hyvältä idealta, se on laitonta.
    Toiminta paitsi rikkoo Suomen lakia, se vie tekijänsä osalliseksi konfliktia. Muun muassa WithSecuren tutkimusjohtaja Mikko Hyppönen on muistuttanut, että verkkohyökkäysten toteuttaminen on ukrainalaisille juridisesti sallittua, mutta suomalaisille ei.

    Reply
  13. Tomi Engdahl says:

    Kun Venäjä hyökkäsi Ukrainaan, metsäkoneyhtiö Ponsse menetti viidenneksen markkinoistaan nyt yhtiöön on kohdistettu kyberhyökkäyksiä idästä
    https://yle.fi/uutiset/3-12447070
    Ponsse on joutunut tänä keväänä lukuisten kyberhyökkäysten kohteeksi.
    Yhtiön toimitusjohtajan Juho Nummelan mukaan asiaa seurataan tarkasti.
    Osa hyökkäyksistä on ollut yrityksiä päästä yhtiön tietoihin. Osa hyökkäyksistä on pyrkinyt pääsemään yhtiön tietojärjestelmiin, mikä voisi aiheuttaa vakavampiakin ongelmia, esimerkiksi tehtaan toiminnalle. – Hyökkäyksiä tulee eri puolilta maailmaa, mutta kyllähän se näyttää, että idästä tulee tällä hetkellä voimakkaimmin, Nummela sanoo.

    Reply
  14. Tomi Engdahl says:

    Turvallisuuskriittisen teknologian trendit 2022 -katsaus https://www.erillisverkot.fi/turvallisuuskriittisen-teknologian-trendit/
    Erillisverkkojen toisessa teknologiatrendit -katsauksessa aiheena on erityisesti Ukrainan sota tietoliikenteen ja mobiiliverkkojen näkökulmasta. Tarkastelemme myös erilaisia kehittyviä avaruuspalveluja ja niiden mahdollisuuksia viranomaisille ja turvallisuustoimijoille.

    Reply
  15. Tomi Engdahl says:

    Venäjän sotapropagandan levittäminen Suomen kautta ei ole hyväksyttävää, sanovat mepit – Sarvamaa sulkisi Yandexin konesalit heti
    https://yle.fi/uutiset/3-12447551
    Suomalaisten europarlamentaarikkojen mukaan Kyberturvallisuuskeskuksen pitäisi tehdä selvitys yhtiön toiminnasta. Mepit aikovat edistää Yandexin joutumista EU:n pakotelistalle. Yandexin datakeskustoimintojen johtaja ihmettelee, että yhtiö on joutunut Suomessa suurennuslasin alle. Liikenne- ja viestintäministeri Timo Harakka (SDP) kertoi Ylelle toissa viikolla, että Yandex on erityistarkkailussa. – Emme ymmärrä taustalla olevaa perustetta, koska Yandex on kansainvälinen yritys, eikä sitä kohtaan ole asetettu pakotteita, toteaa datakeskustoimintojen johtaja Zhumykin sähköpostivastauksessaan.

    Reply
  16. Tomi Engdahl says:

    Kyberisku vei verkon liki 6000 tuulivoimalalta – Korjaamiseen meni kuukausia
    https://www.tivi.fi/uutiset/tv/ad692ccc-5964-4373-9b15-4b2d49285bb9
    Saksalaisen median mukaan maan tuulivoimatuottajiin on kohdistunut useita kyberiskuja viime kuukausina. Maassa epäillään, että kyberiskuja tekevät venäläiset mutta varmuutta asiasta ei ole. Suomen tuulivoimayhdistyksen mukaan Suomessa alaan ei ole kohdistunut tavallista enempää kyberiskuja tai niiden yrityksiä viime kuukausina.

    Reply
  17. Tomi Engdahl says:

    Chinese Space Pirates’ are hacking Russian aerospace firms https://www.bleepingcomputer.com/news/security/chinese-space-pirates-are-hacking-russian-aerospace-firms/
    A previously unknown Chinese hacking group known as ‘Space Pirates’
    targets enterprises in the Russian aerospace industry with phishing emails to install novel malware on their systems. The threat group is believed to have started operating in 2017, and while it has links to known groups like APT41 (Winnti), Mustang Panda, and APT27, it is thought to be a new cluster of malicious activity. Russian threat analysts at Positive Technologies named the group “Space Pirates” due to their espionage operations focusing on stealing confidential information from companies in the aerospace field.

    Reply
  18. Tomi Engdahl says:

    Näyttääkö tutulta? Lännen suosikkilimuja muistuttavat pullot ilmestyivät myyntiin Venäjällä
    Itänaapurissa paikataan lännen pakotteiden luomia aukkoja luovin tavoin.
    https://www.iltalehti.fi/ulkomaat/a/fc4ed770-a051-4378-91fb-6b63b900c36e

    Venäläinen juomatehdas Otšakova tiedottaa nimittäin tuovansa myyntiin uudet Coolcola-, Fancy- ja Street-juomat. Asiasta uutisoi riippumaton venäläismedia The Moscow Times.

    CoolCola: Russia Launches Coca-Cola, Fanta and Sprite Alternatives After Soda Exodus
    https://www.themoscowtimes.com/2022/05/16/russia-unveils-domestic-rivals-to-coca-cola-fanta-and-sprite-a77694

    A Russian beverage maker has unveiled a new range of soft drinks to replace the iconic brands that have left the Russian market in the wake of its invasion of Ukraine.

    In lieu of Coca-Cola, Fanta and Sprite, Russians will be able to choose from CoolCola, Fancy and Street, Russian drink producer Ochakovo announced Monday.

    CoolCola has the “iconic taste of cola,” Ochakovo wrote online. Meanwhile, the brand’s bottles of orange-flavored Fancy and lemon-lime Street mimic the color schemes of Fanta and Sprite.

    The firm isn’t the only company to try and capitalize on Coca-Cola’s step back from the Russian market.

    https://ochakovo.ru/brand/coolcola/

    Reply
  19. Tomi Engdahl says:

    “If youʼre on the phone, you canʼt drop bombs or coordinate soldiers”

    Hackers created a robocaller to waste Russian officials time and you can listen in on the calls
    https://www.techspot.com/news/94641-hackers-created-robocaller-waste-russian-officials-time-you.html

    “If youʼre on the phone, you canʼt drop bombs or coordinate soldiers”

    Reply
  20. Tomi Engdahl says:

    Venäjää vaaditaan vastuuseen kybersotarikoksista – sotilastiedustelu kohdistaa iskujaan siviileihin
    Joakim Kullas13.5.202214:30|päivitetty13.5.202214:30KYBERSOTAUKRAINAN KRIISILAKI JA OIKEUS
    Kyseessä olisi ensimmäinen kerta, kun kansainvälinen rikostuomioistuin käsittelisi kyberhyökkäyksiä.
    https://www.tivi.fi/uutiset/venajaa-vaaditaan-vastuuseen-kybersotarikoksista-sotilastiedustelu-kohdistaa-iskujaan-siviileihin/802f45a4-4597-423a-a3a7-0a90da3a3212

    Ryhmä ihmisoikeusjuristeja ja tutkijoita Berkeleyn yliopistosta haluaa kansainvälisen rikostuomioistuimen ICC:n tutkivat Venäjän kyberiskuja Ukrainassa sotarikoksina. Juristit ja tutkijat lähestyivät ICC:n syyttäjäntoimistoa virallisella pyynnöllä, kirjoittaa Wired.

    Reply
  21. Tomi Engdahl says:

    Twisted Panda: Check Point Research unveils a Chinese APT espionage campaign against Russian state-owned defense institutes https://blog.checkpoint.com/2022/05/19/twisted-panda-check-point-research-unveils-a-chinese-apt-espionage-campaign-against-russian-state-owned-defense-institutes/
    In the past two months, Check Point Research (CPR) observed multiple APT groups attempting to leverage the Russia and Ukraine conflict and sanctions against Russian companies as baits for espionage operations.
    It comes as no surprise that Russian entities themselves became an attractive target for spear-phishing campaigns that are exploiting the sanctions imposed on Russia by western countries

    Reply
  22. Tomi Engdahl says:

    Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies
    https://www.securityweek.com/pro-russian-hackers-spread-hoaxes-divide-ukraine-allies

    As Ukrainians flooded into Poland earlier this year to flee Russian invaders, a hacking group aligned with the Kremlin sought to spread rumors that criminal gangs were waiting to harvest the organs of child refugees.

    The network, known to cybersecurity experts as Ghostwriter, seemingly aimed to sow distrust between Ukraine and Poland. It’s one of several tactics outlined in a new report that outlines how Russia has used disinformation, fear and propaganda alongside bullets, tanks and soldiers in an effort to demoralize Ukraine and divide its allies.

    The unfounded claim made its way into Russian-state media and online platforms popular with far-right groups in the U.S., where posts spreading the hoax have been shared many thousands of times on sites like Telegram and Twitter. The disinformation operation exploited legitimate concerns that Ukrainian refugees could be kidnapped by human traffickers, but no evidence of organ harvesting has surfaced.

    “Ghostwriter operations will often piggyback on news stories or recent events,” said Alden Wahlstrom, a senior analyst at Mandiant, the cyber security firm that published the report Thursday. “There are certain motives that are consistent: Undercutting trust in NATO. Creating tensions.”

    The report detailed several other Russian-aligned disinformation and propaganda campaigns, including bogus online claims that Ukrainian President Vladimir Zelenskyy had committed suicide or fled Ukraine. In some cases, the campaigns relied on Russian state media or fake social media accounts to disseminate the disinformation. Mandiant also identified cases in which groups linked to Russian intelligence disguised their disinformation as independent journalism. Russian diplomats have also emerged as a key vector for disinformation.

    In one instance in March, groups linked to Russia spread claims online that Zelenskyy had surrendered on the same day he was preparing to address the U.S. Congress.

    “Influence efforts and propaganda are used to shape public opinion, to impact the morale of participants in a conflict,” said Renee DiResta, research manager at the Stanford Internet Observatory and an expert on disinformation and social media. DiResta said Russia relies on this sophisticated network to “wage narrative warfare around the globe.”

    Ghostwriter has been linked to Belarus, a key Russian ally. The network was also blamed for attempting to hack into the social media accounts of dozens of Ukrainian officers earlier this year. That operation was revealed by Meta, the parent company of Facebook, who said the hackers were foiled before they could use the officers’ accounts to post videos of surrendering Ukrainian soldiers.

    Reply
  23. Tomi Engdahl says:

    Poliisiylijohtaja: Suomen poliisi varautuu Venäjän vastatoimiin
    https://www.is.fi/kotimaa/art-2000008831092.html

    Uhkaskenaarioissa on nostettu esiin muun muassa informaatiovaikuttaminen, provosoidut mielenosoitukset ja vahingonteot.

    Reply
  24. Tomi Engdahl says:

    Venäjä ilmoitti perustavansa uusia sotilas­tuki­kohtia maan länsiosiin
    Kyseessä on reaktio Suomen ja Ruotsin Nato-hakemuksiin.
    https://www.is.fi/ulkomaat/art-2000008831551.html

    VENÄJÄ kertoo aikovansa perustaa uusia sotilastukikohtia maan länsiosiin vastauksena Naton mahdolliseen laajentumiseen. Asiasta kertoi perjantaina Venäjän puolustusministeri Sergei Shoigu.

    Shoigun mukaan tämän vuoden loppuun mennessä Venäjän länsiosiin perustetaan kaksitoista uutta sotilasyksikköä ja divisioonaa.

    Uutistoimisto Reuters kertoo puolustusministerin varoittaneen lisääntyneistä turvallisuusuhista maan raja-alueilla. Shoigu sanoi Moskovan ryhtyvän seurauksena ”asianmukaisiin vastatoimiin”.

    Suomi ja Ruotsi jättivät hakemuskirjeet Natoon keskiviikkona. Uusien Nato-jäsenten hyväksymiseksi tarvitaan vielä kaikkien jäsenmaiden ratifiointi.

    Reply
  25. Tomi Engdahl says:

    Syöttinä Ukrainan sota: Kiina vakoili Venäjän sotilas­salaisuuksia https://www.is.fi/digitoday/tietoturva/art-2000008831119.html

    Reply
  26. Tomi Engdahl says:

    Russia Picks a Slow Chinese x86 CPU to Replace Intel/AMD Chips
    Intel and AMD chips are no longer available, so Russia looked to China for an alternative.
    https://uk.pcmag.com/components/140465/russia-picks-a-slow-chinese-x86-cpu-to-replace-intelamd-chips

    If both Intel and AMD stop selling processors in your country, what do you do? Russia decided to look to China.

    The mounting sanctions Russia faces following its invasion of Ukraine include both AMD and Intel halting chip sales in the country. Finding a replacement x86 chip that can run all the same software is a tough proposition, but one that seems to have been solved.

    As Tom’s Hardware reports, motherboard maker Dannie just launched a new micro-ATX motherboard in Russia capable of running the KaiXian KX-6640MA system-on-chip. It’s developed by Chinese fabless semiconductor company Zhaoxin,

    CPU Benchmark tested a four-core, four-thread version of the chip running at 3GHz with a 70W TDP and it scored 1,566 points on CPU Mark for multi-threaded operations. For comparison, the Core i3-12100F scores 14,427, and a Ryzen 5 5500 scores 19,885. There’s a similarly-large gap in performance for single-threaded operations—722 points compared to 3,525 for the Core i3, and 3,084 for the Ryzen 5.

    It’s safe to say that the KaiXian KX-6640MA is a chip the Russian government can claim replaces the Western alternatives, but that by no means guarantees it will be able to cope with all the tasks thrown at it. In fact, anything beyond running an operating system and office suite may be a push. With Russia set to legalize software piracy, they can at least experiment a lot to see what will run without spending any cash on applications.

    Reply
  27. Tomi Engdahl says:

    Putinin sota käy Venäjälle kalliiksi – Rahaa palaa 15 miljoonaa euroa tunnissa
    https://www.kauppalehti.fi/uutiset/putinin-sota-kay-venajalle-kalliiksi-rahaa-palaa-15-miljoonaa-euroa-tunnissa/5dddb9a3-e306-4042-90d7-aebc963df635

    Venäjän sota Ukrainassa syö valtion pahan päivän säästöjä. Ukrainan vastarinta maksaa Venäjälle jopa miljardi ruplaa tunnissa.

    Reply
  28. Tomi Engdahl says:

    RETIRED GENERAL ACCIDENTALLY TWEETS VIDEO GAME FOOTAGE THINKING IT’S REAL
    https://futurism.com/the-byte/retired-general-video-game-footage

    Retired US four star general Barry McCaffrey, who also served as the Director of the Office of National Drug Control Policy under the Bill Clinton administration and makes regular TV appearances as an expert on military affairs, shared a video yesterday of what he said was a “Russian aircraft getting nailed by [Ukraine] missile defense” on Twitter — only to realize minutes later that the choppy footage came from a video game.

    “Russians are losing large numbers of attack aircraft,” McCaffrey argued in the now-deleted tweet. “Ukraine air defense becoming formidable.”

    Reply
  29. Tomi Engdahl says:

    https://futurism.com/ukraine-russia-war-hackers-vodka

    Reply
  30. Tomi Engdahl says:

    Putin May Be Winning the Information War Outside of the U.S. and Europe
    https://time.com/6179221/putin-information-war-column/

    Is Vladimir Putin losing the information war with Ukraine?

    Well, it depends on who you ask.

    It’s never easy to measure such things, but here are a few numbers.

    While 141 countries in the UN voted to condemn Russia’s aggression, the number of African, Middle Eastern and South American countries who have imposed sanctions on Russia is 0.

    Yes, Putin is losing the information war in Europe and America, but he’s holding his own elsewhere.

    According to the Economist Intelligence Unit, two-thirds of the world’s population live in countries who are neutral about the war or support Russia. While China is an ally of Russia, the big non-aligned nations—Brazil, South Africa, Saudi Arabia, the United Arab Emirates—voted against Russia in the UN, but resolutely refuse to criticize Putin.

    Part of the reason for this is that two-thirds of the world doesn’t see the war that we see. That is due to the balkanization of the internet, which Russia is in part responsible for. Today, there are three internets. There’s the American and Western internet which we think of as the internet. There’s the unfree internet in places like Russia, Turkey, and India where content is restricted and policed. And then there’s the Chinese internet, which is censored and not at all free. The Chinese internet—used by one out of five of the world’s internet users—is pro-Russian.

    In the unfree internet of Turkey and India and the rest, they get much of their information about the war from Russian state media. They are not seeing Zelensky’s nightly invocations to democracy. They are seeing images of noble Russian soldiers. Two of the most popular hashtags on the Indian internet are #IStandWithPutin and #IStandWithRussia.

    In the first few weeks after the invasion, there were a spate of stories in America and Western media about how Ukraine was triumphing in the information war with Russia.

    Zelensky’s inspiring nightly speeches; the destroyed Russian tanks on Instagram and TikTok; the Ukrainian social media influencers decrying Putin’s invasion. The Ukrainians were nimble and modern and authentic and had a powerful story to tell.

    By contrast, Russia’s messaging efforts were top-down, clumsy and slow—a little like their invading army. In 2014, when Russia annexed Crimea, the , the infamous Russian troll farm, was still largely unknown. But its use of false personas, phony websites and blog posts, and malicious bots, seemed to be the state of the art of disinformation.

    The Russians were pioneers in what is called hybrid warfare—the mixture of information war and kinetic war—but the Russian military machine seemed to have no meme battle plan or even how the war would be seen on social media.

    Russian messaging was sophisticated in 2014, but they didn’t get much better. Everyone else did. Back in 2014, social media was still text-dominant. Today is the era of real-time video. Zelensky understands this; Putin doesn’t.

    Now, with their TikTok influencers and multiple channels on Telegram, they are very much up to the moment. . They’ve even launched a state-sponsored volunteer IT army which has been carrying out cyber-attacks on Russian targets. In the early days of the war, they put out a call for volunteers on the messaging app Telegram—which has been the main digital battlefield of the war.

    They created an open source platform for white hat hackers to fight the Russians. They shut down Russia Today for a day after the invasion. It was like people volunteering to fight for the republicans in the Spanish Civil War, but using laptops instead of rifles.

    But while Russia’s messaging has been clunky and old-school, let’s not forget, we are not the primary target. Putin has multiple audiences, but his most important audience—and his most reliable one—is domestic. According to the counter-extremism firm Miburo, 85% of Russians get the majority of their information from Russian state media. There, they get a steady diet of Nazis in Ukraine, claims that Ukraine is not a real nation, concerns that Ukraine is pursuing genocide against Russians, and the professionalism and generosity of the Russian military. It’s a simple formula: Russian state media is a projection of how Putin sees the world.

    According to the Levada Center in Russia, one of the country’s few independent pollsters, more than half of Russians see NATO and the U.S. as the cause of the conflict. Only 7% blame the Kremlin.

    As if this relentless state propaganda was not enough, Russia is inoculating its own domestic audience against Western and international narratives about Ukraine by creating a host of fake fact-checking shows and organizations to pre-emptively undermine any news that contradicts Putin’s narrative.

    Russia’s largest state channel, Channel One, has created a show called “AntiFake” that rebuts what they say are false stories about the war in Ukraine. It employs all the tropes of fact-checking—statistics, forensic analysis, black-and-white video to prove that claims about Russian atrocities are made-up and staged. The Russian Ministry of Foreign Affairs posts “Your Daily #Fake” which includes short videos debunking Western claims about the invasion. There’s a Russian channel on Telegram—where so much of the digital battle for truth is going on—called “War on Fakes” which says it is debunking “the information war against Russia.”

    The encrypted platform Telegram has become the most important battlefield in the information war in Ukraine. It is the instant news channel for the war—used by both the Ukrainians and the Russians. Zelensky has a channel on Telegram where he talks directly to the Russian people in Russian. Russia has created dozens of channels on Telegram. One reason the information war is more hidden today is because so much of it is on an encrypted platform that does not broadcast, rather than Twitter or Facebook.

    The other reason the information war is harder to see these days is that the platforms have abandoned neutrality and taken a side. Facebook, YouTube, Twitter and Google have basically blocked Russian messaging. YouTube announced a global block of Russian state media and removed over 1000 channels and 15,000 videos. Facebook has restricted access to official Russian outlets Russia Today and Sputnik in the European Union and banned Russian state media from running ads. Netflix suspended its service in Russia. This is new territory for the platforms which have always wanted to appear apolitical.

    Zelensky may be the TikTok Churchill and a champion of Ukrainian democracy, but he has taken some decidedly undemocratic actions at home. In March, Zelensky banned 11 Ukrainian political parties because of their links to Russia. Most of the parties were small, but one, the Opposition Platform for Life, has 44 seats in the 450 seat Ukraine parliament and is Ukraine’s largest opposition party. It is led by a pro-Russian Ukrainian oligarch with close ties to Putin. In that same month, citing national security, Zelensky effectively ended independent television broadcasting in Ukraine by consolidating all national tv channels into a single state platform.

    For the global audience, the U.S. and the European Union have made something of a tactical error in portraying the war as the West versus Russia, or even as Democracy versus Autocracy. This meme is effective in America and Europe, but plays less well among developing and non-aligned nations. In Africa, much of Asia, and the Middle East, the West are the colonizers who did not permit democracy in the lands they ruled. A better way of mobilizing these countries against Russia is to depict the war as a fundamental, illegal violation of Ukrainian sovereignty, as an imperialist Russia trying to violently expand its own borders That’s something they can relate to.

    Even if we exaggerate Ukraine’s expertise on the information battlefield, and underplay the extent of Russian influence, I do think we are sometimes deceiving ourselves by talking about information war when there is a real war going on. Yes, there is an information war in Ukraine, but it is not the war. The war is where people are dying every day and homes and schools are being indiscriminately bombed. Winning and losing an information war is an oversimplified way of looking at things. In some ways, it anesthetizes us from the true horror of the conflict.

    No, a tank can’t stop a meme, but a meme certainly cannot stop a tank. Memes may wound people’s egos, but they don’t kill them. You can win the information war and lose the real one. The republican freedom fighters won the information war in the Spanish Civil War in the 1930s, but Franco won the real war. Let’s hope that is not what happens in Ukraine.

    Reply
  31. Tomi Engdahl says:

    Russia is swaying Twitter users outside the West to its side
    An army of suspicious accounts began churning out pro-Russian content in March
    https://www.economist.com/graphic-detail/2022/05/14/russia-is-swaying-twitter-users-outside-the-west-to-its-side?utm_campaign=a.io_fy2223_q1_conversion-cb-dr_prospecting_global-global_auction_na&utm_medium=social-media.content.pd&utm_source=twitter&utm_content=conversion.content.non-subscriber.content_staticlinkad_np-russiatwitter-n-may_na-na_article_na_na_na_na&utm_term=sa.int-russia&utm_id=twq1519

    Reply
  32. Tomi Engdahl says:

    Forbes: Ukraina suunnittelee tuhoavansa Putinille ja Venäjälle korvaamattoman Krimin sillan
    https://www.ksml.fi/uutissuomalainen/4620327

    Reply
  33. Tomi Engdahl says:

    ”Valtion rajat eivät ole pyhiä ja uhrauksen arvoisia itsestään. Niistä tehdään sellaisia keksimällä ja kertomalla niihin liittyviä tarinoita.”

    Reply
  34. Tomi Engdahl says:

    Sota herätti myytit eloon
    Tiktok-videot luovat tarinoita, joiden vuoksi maata ollaan valmiita puolustamaan väkivalloin.
    https://www.hs.fi/sunnuntai/art-2000008711419.html?share=966ab2f10cf8cea153ceadf32529661b

    Myyttien unohdusta vauhditti 2000-luvun lopussa vallinnut ateismibuumi. Tiedostava nuoriso törmäsi usein Richard Dawkinsin ajatteluun siitä, että uskonnot ovat satuja, jotka kuuluvat menneeseen maailmaan ja fundamentalismiin, joka kylvää maailmaan tuhoisia voimia.

    Harva jaksaa enää kapinoida kirkkoa vastaan, minkä voisi luulla kertovan kristinuskon merkityksen vähenemisestä. Kristinuskon vastuuta ja syyllisyyttä korostavat myytit kuitenkin uinuvat kielessä ja moraalikäsityksissä. Emme ole niin maallistuneita kuin luulemme. Pandemian aikana puhuttiin ”koronasynnistä”, ja 2010-luvun alun startup-buumin ”evankelistat” käyttivät sellaisia termejä kuin ”enkelisijoittaja”.

    MYYTIN poissaolo on yksi modernin maailman myyteistä, kirjoitti filosofi Georges Bataille (1897–1962).

    Rituaalien merkitys väheni. Ihmiset alkoivat ymmärtää, että olemme maallistuneita, toimimme järkevästi eikä myyteillä ole merkitystä.

    Bataillen mukaan tämä ei kuitenkaan tarkoittanut sitä, että myytit olisivat kuolleet.

    Sota on katkos, joka kumoaa kertaheitolla kuvitelmat maallistumisesta, Bataille kirjoittaa teoksessaan The Absence of myth.

    Sota on hänen mukaansa kuin festivaali, joka herättää yhteisölliset, tarttuvat kauhun tunteet jälleen henkiin. Sodan käsittämättömyys rikkoo tunteen arjen jatkuvuudesta ja tunteen yksilön rajallisuudesta. Sodan aikana puhutaan taas myyttien maailmaan kuuluvilla hyvän, pahan, pyhän ja alhaisen käsitteistöllä. Sotateknologiaan liittyy tuhlausta, joka tarkoittaa Bataillen käsityksessä äärimmäistä resurssien käyttöä tai tuhoa, jolla ei ole rajaa.

    Lopulta sota oli Bataillelle modernin maailman irvokas kääntöpuoli, tila, jossa voi tapahtua holokaustin tai sotarikosten kaltaisia käsittämättömyyksiä rationaalisiksi naamioitujen perusteiden varjolla. Putinin mielenterveydentilan arvuuttelu ei ole olennaista. Myyttien avulla hän kykenee perustelemaan kansalaisille toimintaansa, vaikka hyödyntämällä valheitakin.

    Minua on aina kylmännyt Lippulaulu ja ennen kaikkea sen kohta, jossa lauletaan: ”Sinun puolestas elää ja kuolla on halumme korkehin.” Miksi on niin ilmeistä haluta tuhlata ainutkertaisia ihmiselämiä kansallisvaltion puolesta?

    Valtion rajat eivät ole pyhiä ja uhrauksen arvoisia itsestään. Niistä tehdään sellaisia keksimällä ja kertomalla niihin liittyviä tarinoita. Myytit puhuttelevat ennen kaikkea tunnetasolla, ja niiden ymmärrys edellyttää eläytymistä draamaan.

    Jo hyökkäyssodan alussa ukrainalaiset hyödynsivät myytinluomisessa uusia mediakanavia. Tiktok-videolla, jossa nuori pakenee kotimaastaan, on kansaa ja toisaalta laajempaa yhteisöä yhdistävä vaikutus. Monen ihmisen äänenpainot ja sanavalinnat muuttuivat kertaheitolla.Videot luovat tehokkaasti uusia tarinoita, joita kansallisvaltion myytti tarvitsee pysyäkseen voimissaan siinä määrin, että ihmiset ovat valmiita hyväksymään ajatuksen, että sen puolesta pitäisi voida tappaa ja kuolla.

    Artikkelista jätetty kommentti:

    ”Valtion rajat eivät ole pyhiä ja uhrauksen arvoisia itsestään. Niistä tehdään sellaisia keksimällä ja kertomalla niihin liittyviä tarinoita.”

    Mielestäni kirjoittaja on tältä osin väärässä.

    Asiat toimivat vain silloin, kun vastuu ja valta sekä tehtyjen päätösten seurauksista aiheutuva resurssien menetys, eli kustannukset, ovat kaikki samalla päätöksentekoyksiköllä.

    Asia on näin, oli kyseessä sitten perhe, yhdistys, yritys, kunta, kaupunki, maakunta, maa, tai valtioliitto.

    Vuosituhansien saatossa yhteiskunta on parhaimmillaankin saatu organisoitua kohtuullisesti toimivaksi korkeintaan yhden maan tasolla (esim. Suomi), jolla on oma budjetti ja lainsäädäntö sekä oikeuslaitos, eli valta ja vastuu, hyödyt ja haitat päätöksistä ovat samassa päätöksentekoyksikössä (esimerkkitapauksessa siis Suomessa).

    Tämä peruslainalaisuus pätee kaikkeen yhteiskunnalliseen toimintaan.

    Valtioraja on juuri se raja, joka tekee toimivan yhteiskunnan mahdolliseksi.

    Valtioraja on täysin kriittinen ja välttämätön perusedellytys vallan ja vastuun kohdistamiselle samaan päätöksentekoyksikköön – ja siis toimivan yhteiskunnan ylläpitämiselle.

    Jo valtiorajan lievähkö poliittinen hämärtyminen aiheuttaa monia ongelmia yhteiskunnalle.

    Esimerkiksi EU-jäsenyyden myötä olemme joutuneet näkemään niin suoria jäsenmaiden välisiä tulonsiirtoja (”tukipaketteja”) kuin vähemmän läpinäkyvästi toteutettuja tulonsiirtoja (”EU:n velkakirjat, taksonomia, päästökauppa, kaavaillut energiaremmonttituet jne).

    Nämä kaikki ovat mielestäni esimerkkejä siitä, että kun valta ja vastuu eivät ole samassa päätöksentekoyksikössä, niin hyväksi-/väärinkäyttö alkaa.

    Valtioraja on yhteiskuntamme toimivuuden, turvallisuuden, arvojen ja hyvinvoinnin perusedellytys.

    Siksi sen puolustaminen on äärimmäisen tärkeää niin EU:n neuvottelupöydissä kuin tarvittaessa sotilaallisestikin.

    Mitä puolustamme? Rajat ovat kuvitteellinen asia, se todellinen puolustettava löytyy tuon metsään hakatun linjan tältä puolelta. Puolustamme itseämme, läheisiämme, oikeuttamme elää elämää vapaassa maassa. Puolustamme oikeuttamme valita johtajat, oikeuttamme puhua omaa kieltämme.

    Ymmärrän pasifistisen ajattelun. Kaikki me sen ymmärrämme. En kuitenkaan ymmärrä ihmistä, joka on halukas nauttimaan kaikista näiden kuvitteellisten rajojen sisäpuolella olevan yhteiskuntamme eduista, mutta ei ole halukas niitä puolustamaan.

    Valtion rajat eivät ole puolustamisen arvoisia, mutta miten lienee niiden sisällä asuvien ihmisten laita? Jutun kirjoittaja voi varmasti paeta minne haluaa, jos jotain käy, mutta kaikille se ei ole mahdollista.

    Reply
  35. Tomi Engdahl says:

    Kansallisvaltiot ovat ihan samanlaisia hallinnollisesti käteviä satuja kuin temppeleitä vaativat jumaluudet jo muinaisista kaupunkivaltioista lähtien. Välinearvoa niillä kyllä on, koska saduilla on helpompi saada massat yhteistyöhön kuin yrittämällä loogisesti perustella yhteistyön etuja. (Varsinkin jos niitä etuja ei ei ole.)

    Reply
  36. Tomi Engdahl says:

    Zelenskyy: We have broken the backbone of one of the strongest armies in the world
    https://www.pravda.com.ua/eng/news/2022/05/21/7347615/

    President Volodymyr Zelenskyy considers the lives of Ukrainian people, including soldiers, to be the most valuable, and reiterated his opinion that the return of the territories to the demarcation line as of 23 February 2022 would constitute victory.

    Quote: “I believe that no matter what appetite different sections of our population have, the most valuable thing is to save more people, soldiers. These are brave people who are ready to give their lives. I believe that this is our great value and treasure [people’s lives - ed.]. As the result of this invasion has shown.

    Details: The president urged everyone to understand the cost of every step in the war. According to him, after reaching the demarcation line that existed before the full-scale invasion, it will be possible to move on to the second part – further negotiations with Russia.

    Reply
  37. Tomi Engdahl says:

    Microsoft torjuu Venäjän hyökkäyksiä Ukrainassa, mutta väittää ettei ole sodassa – nyt yhtiö kertoo, mistä on kyse https://www.is.fi/digitoday/tietoturva/art-2000008822952.html

    Microsoft puolustaa Ukrainaa verkossa ja tekee tyhjäksi Venäjän hyökkäyksiä, ja samaan aikaan kiistää olevansa sodan osapuoli. Kuitenkin vanhan viisauden mukaan jos asia näyttää ankalta, ui kuin ankka ja vaakkuu kuin ankka, se todennäköisesti on ankka.
    UKRAINASSA käydään Venäjän aloittaman hyökkäyksen sodan rinnalla toista näkymättömämpää sotaa. Sillä on pitkä historia, sillä Venäjä aloitti mittavat kyberoperaatiot Ukrainaa vastaan jo Krimin valtausvuonna 2014.

    Iskuihin on kuulunut muun muassa sähköt katkaisevia ja kodit pimentäviä verkkohyökkäyksiä. Näitä on nähty vuosina 2015 ja 2016.

    Näin oli käydä myös tänä keväänä, sillä Venäjä oli kehitellyt hienostuneen ja tuhoisan Ukrainan sähköverkkoa vastaan suunnatun kyberaseen. Hyökkäys jäi suutariksi, sillä haittaohjelma löydettiin ja tehtiin vaarattomaksi juuri ennen iskun toteuttamista. Ukraina ei torjunut operaatiota yksin. Se kertoi saaneensa apua tietokonejätti Microsoftilta ja tietoturvayhtiö Esetiltä.

    PERINTEISESTI yritysten ei ole oletettu ottavan kantaa sotaan, rauhaan tai suuriin kansainvälisiin kysymyksiin. Nykyisin teknologiajättiläisten katsotaan kuitenkin olevan poliittisia toimijoita, joiden valinnoilla on globaali merkitys. Suurimmilla yhtiöillä on jopa oma diplomatiansa.

    Microsoftin tapa tulkita velvollisuuksiaan on poikkeuksellisen laaja. Suurin osa teknologiayhtiöistä on valinnut passiivisen linjan. Microsoftin toimet taas synnyttävät vaikutelman puolen valitsemisesta ja sodan osapuoleksi ryhtymiseltä.

    CIGLIC sanoo Microsoftin haluavan korjata yleisen väärinkäsityksen: Venäjän suurhyökkäyksen alettua vallitsevaksi jäi käsitys, että venäläiset eivät juuri käyneet aktiivista kybersotaa.

    – Tämä ei ole totta. Kyberhyökkäykset kulkevat käsi kädessä fyysisessä maailmassa käytävän sodan kanssa, Ciglic sanoo.

    On vaikea määritellä tarkkaa hetkeä, jolloin Microsoft päätti lähteä tukemaan Ukrainaa aktiivisesti. Vuoden 2017 WannaCry- ja NotPetya-haittaohjelmakampanjat toimivat eräänlaisena herättelijänä.

    Yhtiön toiminta on aktiivista kyberpuolustuksen tukemista, pikaista tietoturva-aukkojen paikkaamista ja ”pahisten pitämistä pois järjestelmistä”. Kyseessä on jopa Microsoftin kokoiselle yritykselle merkittävästä ponnistuksesta.

    KYSYMYS Venäjästä vaikuttaa olevan Microsoftille vaikea. Siinä missä yhtiö tukee Ukrainaa, se on yhä läsnä myös Venäjällä, mutta ei tee uusia sopimuksia. Yhtiö jatkaa ohjelmistojensa ja palveluidensa tarjoamista kriittisillä yhteiskunnan sektoreilla, kuten sairaaloissa, lääketeollisuudessa ja kouluissa.

    Samaan aikaan se sanoo pyrkivänsä turvaamaan työntekijöidensä aseman niin Venäjällä kuin Ukrainassa. Yhdeksi tavoitteekseen Microsoft mainitsee näiden suojelemisen syrjinnältä Venäjällä.

    Ciglicin mukaan yhtiöllä on myös velvollisuuksia estää edellä mainittujen kriittisten järjestelmien romahtaminen, jonka täydellinen maasta vetäytyminen aiheuttaisi.

    YHTIÖ toivoo kybersotaan tavanomaista sodankäyntiä määrittelevän lainsäädännön kaltaista sääntelyä. Yksi esimerkki konkreettisesta säännöstä voisi olla se, että valtiot eivät saisi käyttää ohjelmistojen päivitystoimintoa kyberaseiden levittämiseen.

    Pyrkimys globaaliin kybersodan sääntelyyn selittää sen, miksi Microsoft haluaa tehdä venäläisten kyberiskuista julkisia: vain näkyviin asioihin voi puuttua juridisesti.

    Reply
  38. Tomi Engdahl says:

    Putiniksi Putinin paikalle? https://www.is.fi/ulkomaat/art-2000008809010.html

    Reply
  39. Tomi Engdahl says:

    Dan Milmo / The Guardian:
    YouTube takes down 70K+ videos and 9K+ channels about the war in Ukraine for violating content guidelines, including videos referring to a “liberation mission” — Exclusive: Platform takes ‘unprecedented action’ to address content guideline violations since invasion

    YouTube removes more than 9,000 channels relating to Ukraine war
    https://www.theguardian.com/technology/2022/may/22/youtube-ukraine-invasion-russia-video-removals

    Exclusive: Platform takes ‘unprecedented action’ to address content guideline violations since invasion

    YouTube has taken down more than 70,000 videos and 9,000 channels related to the war in Ukraine for violating content guidelines, including removal of videos that referred to the invasion as a “liberation mission”.

    The platform is hugely popular in Russia, where, unlike some of its US peers, it has not been shut down despite hosting content from opposition figures such as Alexei Navalny. YouTube has also been able to operate in Russia despite cracking down on pro-Kremlin content that has broken guidelines including its major violent events policy, which prohibits denying or trivialising the invasion.

    Since the conflict began in February, YouTube has taken down channels including that of the pro-Kremlin journalist Vladimir Solovyov. Channels associated with Russia’s Ministries of Defence and Foreign Affairs have also been temporarily suspended from uploading videos in recent months for describing the war as a “liberation mission”.

    Reply
  40. Tomi Engdahl says:

    Russian Sberbank says it’s facing massive waves of DDoS attacks https://www.bleepingcomputer.com/news/security/russian-sberbank-says-it-s-facing-massive-waves-of-ddos-attacks/
    Russia’s banking and financial services company Sberbank is being targeted in a wave of unprecedented hacker attacks. Earlier this month, the bank fought off the largest distributed denial-of-service
    (DDoS) attack in its history.

    Russia’s banking and financial services company Sberbank is being targeted in a wave of unprecedented hacker attacks. Earlier this month, the bank fought off the largest distributed denial-of-service (DDoS) attack in its history.

    Sergei Lebed, vice president and director of cybersecurity at Sberbank, told the audience participating at the Positive Hack Days conference that thousands of internet users have been attacking the organization over the past months.

    Sberbank is Russia’s largest financial company and the third-largest in Europe, with total assets counting over $570 billion.

    Massive attacks waves

    On May 6, 2022, Sberbank says it repelled the biggest DDoS attack it has ever seen, measured at 450GB/sec.

    DDoS are resource-depletion attacks that aim to make online services unavailable to customers, leading to business disruption and financial losses.

    The malicious traffic that supported the attack against Sberbank’s main website was generated by a botnet with 27,000 compromised devices located in the United States, the U.K., Japan, and Taiwan.

    As Lebed explained, the cybercriminals used various tactics to carry out this cyberattack, including code injections into advertising scripts, malicious Chrome extensions, and Docker containers weaponized with DDoS tools.

    Reply
  41. Tomi Engdahl says:

    https://www.bleepingcomputer.com/news/security/russian-sberbank-says-it-s-facing-massive-waves-of-ddos-attacks/

    “Today, the bank faces cyberattacks around the clock. Sberbank’s Security Operation Center analyzes cyber threats 24/7 and promptly responds to them,” Sergei Lebed

    “However, when it comes to companies in other sectors, most of them have never encountered anything like this before and may suffer damages,” warned Sberbank’s vice president.

    DDoS attacks at this level are likely to continue as long as the geopolitical tensions continue to create a polarizing environment, and as Sberbank’s announcement concludes, they are may go down in number but grow in power.

    This is in line with what Radware reported yesterday, a 36-hour long 1.1 Tbps DDoS attack on a U.S. service provider which signifies that threat actors are becoming far more capable even compared to last year.

    Reply
  42. Tomi Engdahl says:

    Microsoft torjuu Venäjän hyökkäyksiä Ukrainassa, mutta väittää ettei ole sodassa nyt yhtiö kertoo, mistä on kyse https://www.is.fi/digitoday/tietoturva/art-2000008822952.html
    Yhtiön toiminta on aktiivista kyberpuolustuksen tukemista, pikaista tietoturva-aukkojen paikkaamista ja “pahisten pitämistä pois järjestelmistä”. Kyseessä on jopa Microsoftin kokoiselle yritykselle merkittävästä ponnistuksesta.

    Reply
  43. Tomi Engdahl says:

    Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies
    https://www.securityweek.com/pro-russian-hackers-spread-hoaxes-divide-ukraine-allies

    As Ukrainians flooded into Poland earlier this year to flee Russian invaders, a hacking group aligned with the Kremlin sought to spread rumors that criminal gangs were waiting to harvest the organs of child refugees.

    The network, known to cybersecurity experts as Ghostwriter, seemingly aimed to sow distrust between Ukraine and Poland. It’s one of several tactics outlined in a new report that outlines how Russia has used disinformation, fear and propaganda alongside bullets, tanks and soldiers in an effort to demoralize Ukraine and divide its allies.

    The unfounded claim made its way into Russian-state media and online platforms popular with far-right groups in the U.S., where posts spreading the hoax have been shared many thousands of times on sites like Telegram and Twitter. The disinformation operation exploited legitimate concerns that Ukrainian refugees could be kidnapped by human traffickers, but no evidence of organ harvesting has surfaced.

    “Ghostwriter operations will often piggyback on news stories or recent events,” said Alden Wahlstrom, a senior analyst at Mandiant, the cyber security firm that published the report Thursday. “There are certain motives that are consistent: Undercutting trust in NATO. Creating tensions.”

    Russia-Linked ‘Ghostwriter’ Disinformation Campaign Tied to Cyberspy Group
    https://www.securityweek.com/russia-linked-ghostwriter-disinformation-campaign-tied-cyberspy-group

    A widespread disinformation campaign dubbed Ghostwriter is believed to be the work of a state-sponsored cyber-espionage group, cybersecurity firm FireEye reported on Wednesday.

    Initially detailed in July 2020 but ongoing for years, the campaign aligns with Russian interests and was initially observed targeting audiences in Lithuania, Latvia, and Poland with NATO-related themes.

    Since FireEye’s initial report on Ghostwriter, the activity has expanded with new narratives, and the attackers started leveraging compromised Twitter, Facebook, and Instagram accounts of Polish officials to disseminate content aimed at creating domestic political disruption in the country.

    Reply
  44. Tomi Engdahl says:

    https://www.theguardian.com/world/gallery/2022/may/23/inside-the-battle-for-the-azovstal-metalworks

    Reply
  45. Tomi Engdahl says:

    Russian hackers perform reconnaissance against Austria, Estonia https://www.bleepingcomputer.com/news/security/russian-hackers-perform-reconnaissance-against-austria-estonia/
    In a new reconnaissance campaign, the Russian state-sponsored hacking group Turla was observed targeting the Austrian Economic Chamber, a NATO platform, and the Baltic Defense College. This discovery comes from cybersecurity firm Sekoia, which built upon previous findings of Google’s TAG, which has been following Russian hackers closely this year.

    Cyber incidents on the rise in Poland, no major impact signalled yet https://www.euractiv.com/section/cybersecurity/news/cyber-incidents-on-the-rise-in-poland-no-major-impact-signalled-yet/
    The war in Ukraine is the first real cyberwar in Europe. Although the number of attacks in Poland has increased, large-scale impacts have not yet been felt.

    Reply
  46. Tomi Engdahl says:

    Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns https://thehackernews.com/2022/05/fronton-russian-iot-botnet-designed-to.html
    “This system includes a web-based dashboard known as SANA that enables a user to formulate and deploy trending social media events en masse.
    The system creates these events that it refers to as, ‘newsbreaks, ‘
    utilizing the botnet as a geographically distributed transport.”.
    Fronton, a distributed denial-of-service (DDoS) botnet that came to light in March 2020, is much more powerful than previously thought, per the latest research. “Fronton is a system developed for coordinated inauthentic behavior on a massive scale, ” threat intelligence firm Nisos said in a report published last week

    Reply
  47. Tomi Engdahl says:

    Erikoinen hakkeri-isku Venäjää vastaan “Jos olet puhelimessa, et voi pudottaa pommeja”
    https://www.is.fi/digitoday/art-2000008831818.html
    HAKKERIEN yksityinen kybersota Venäjää vastaan on jälleen saanut uusia muotoja. Verkossa kuluvan viikon keskiviikkona avattu Waste Russian Time Today -niminen palvelu toteuttaa automatisoituja puhelinsoittoja venäläisille virkamiehille verkossa. Ajatuksena on häiritä näitä ja tuhlata heidän aikaansa, jotta nämä voivat keskittyä vähemmän Ukrainassa käytävään sotaan. Poikkeuksellisen häirintäoperaation takana on itsestään Obfuscated Dreams of Scheherazade -nimeä käyttävä ryhmittymä. Verkkopalvelu tarjoaa numeroita hallituksen viestintäosastolle, sotilaspoliisiin, maan parlamentin eli duuman työntekijöille sekä turvallisuuspalvelu FSB:lle. Verkkosivustolla voi aloittaa ryhmäpuhelun, joka yhdistää kaksi venäläistahoa toisiinsa.
    Itse soittaja on ryhmäpuhelussa kolmantena, mutta vaiennettuna. Alkup.
    https://www.wired.com/story/robo-prank-call-russian-officials-website/

    Reply
  48. Tomi Engdahl says:

    Sandworm uses a new version of ArguePatch to attack targets in Ukraine https://www.welivesecurity.com/2022/05/20/sandworm-ukraine-new-version-arguepatch-malware-loader/
    Sandworm, the APT group behind some of the world’s most disruptive cyberattacks, continues to update its arsenal for campaigns targeting Ukraine. The ESET research team has now spotted an updated version of the ArguePatch malware loader that was used in the Industroyer2 attack against a Ukrainian energy provider and in multiple attacks involving data wiping malware called CaddyWiper. The new variant of ArguePatch named so by the Computer Emergency Response Team of Ukraine (CERT-UA) and detected by ESET products as Win32/Agent.AEGY now includes a feature to execute the next stage of an attack at a specified time.
    This bypasses the need for setting up a scheduled task in Windows and is likely intended to help the attackers stay under the radar.

    Reply
  49. Tomi Engdahl says:

    Conti Ransomware Operation Shut Down After Brand Becomes Toxic
    https://www.securityweek.com/conti-ransomware-operation-shut-down-after-brand-becomes-toxic

    The Conti ransomware operation has undergone some significant organizational structure changes in the past months after the brand became toxic due to its affiliation with the Russian government.

    The Conti operation has been highly successful, helping cybercriminals make billions of dollars after breaching the systems of hundreds of major organizations. While it appeared to be very active, threat intelligence company AdvIntel says the group has been in the process of shutting down the Conti brand and switching to a different organizational structure that involves multiple subgroups.

    The Conti brand’s downfall appears to have started in late February, after Russia launched an invasion of Ukraine. Shortly after the war began, Conti pledged its support for the Russian government and threatened to attack the critical infrastructure of its enemies.

    Reply
  50. Tomi Engdahl says:

    Venäjältä kajahti tiukka ja hämmentävä viesti “Yhtä vaarallista kuin joukkotuhoaseiden käyttäminen”
    https://www.kauppalehti.fi/uutiset/venajalta-kajahti-tiukka-ja-hammentava-viesti-yhta-vaarallista-kuin-joukkotuhoaseiden-kayttaminen/9cd32278-c1eb-418c-9c2c-57b1a4bedc25
    Venäjän pysyvä YK-edustaja Vasili Nebenzja syyttää länsimaita Ukrainan sotaan liittyvän informaation kontrolloinnista. Nebenzjan mukaan länsi tukahduttaa Venäjän “vaihtoehtoiset näkökulmat” sodasta, kirjoittaa Insider. “Itseään demokratioiden yhteisöksi kutsuvat valtiot rakentavat kybertotalitarismia”, Nebenzja jyrähti turvallisuusneuvostolle antamassaan lausunnossa maanantaina.
    Diplomaatti sätti myös Ukrainaa oman it-armeijan rakentamisesta venäläisiä vastaan taistelemiseen. Nebenzjan mukaan kyberjoukkoja ei pysty hallitsemaan, eivätkä he rajoita hyökkäyksiään vain Venäjään.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*