Ukraine and Russia seems to be at the moments on both traditional and cyber war. We could call that hybrid warfare. We are at a cyber war. Countless examples exist of damage to infrastructure from hostile acts via computer attacks. Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar. On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. Russia started to conduct attacks to Ukraine on February 24. Before physical attacks Russia did several cyber attacks towards IT systems in Ukraine.
Here are links to some material on the cyber side of this war:
How the Eastern Europe Conflict Has Polarized Cyberspace
https://blog.checkpoint.com/2022/02/27/how-the-eastern-europe-conflict-polarized-cyberspace/
The war between Russia and Ukraine is advancing. People everywhere are deciding who they will support. The same dynamic happens in the cyberspace. Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices. Historically, Russia has had superiority over Ukraine in the cyberspace. And last week, Ukraine was attacked by destructive wiping malware. However, the situation is starting to change, as most of the non-nation cyber state actors are taking the side of Ukraine. To defend itself, the Ukrainian government has created an international IT army of hacktivists.
As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
https://techcrunch.com/2022/03/02/as-war-escalates-in-europe-its-shields-up-for-the-cybersecurity-industry/
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns. We are fielding a growing number of inquiries about these aspects and our work, and therefore we are putting in one place a short summary about them in this blog. This includes four areas: protecting Ukraine from cyberattacks; protection from state-sponsored disinformation campaigns; support for humanitarian assistance; and the protection of our employees.. Also:
https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/
Ukraine: Cyberwar creates chaos, ‘it won’t win the war’
https://www.dw.com/en/ukraine-cyberwar-creates-chaos-it-wont-win-the-war/a-60999197
There have been at least 150 cyberattacks in Ukraine since Russia’s invasion. Their effect is mainly psychological, and experts say they won’t decide the war.
Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar.
The global technology company Microsoft has said its Threat Intelligence Center (MSTIC) detected “destructive cyberattacks directed against Ukraine’s digital infrastructure” hours before the first launch of missiles or movement of tanks on February 24.
Those attacks, which Microsoft dubbed FoxBlade, included so-called wipers — malicious software or malware — that make their way inside computer networks and literally wipe the data from all connected devices.
Cybersecurity experts in Germany have said there have been over a hundred cyberattacks, in various forms, since then. But their effect has mainly been psychological.
Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine
https://time.com/6153902/russia-major-cyber-attacks-invasion-ukraine/
In the relatively short and rapidly evolving history of cyber conflict, perhaps nothing has been established with greater certainty and more widely accepted than the idea that Russia has significant cyber capabilities and isn’t afraid to use them—especially on Ukraine. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and the virus quickly spread across the globe costing businesses billions of dollars in damage and disruption.
As tensions escalated between Russia and Ukraine, many people were expecting the conflict to have significant cyber components.
But as the invasion continues with few signs of any sophisticated cyber conflict, it seems less and less likely that Russia has significant cyber capabilities in reserve, ready to deploy if needed. Instead, it begins to look like Russia’s much vaunted cyber capabilities have been neglected in recent years, in favor of developing less expensive, less effective cyber weapons that cause less widespread damage and are considerably easier to contain and defend against. For instance, many of the cyberattacks directed at Ukraine in the past month have been relatively basic distributed denial-of-service attacks.
Given Russia’s past willingness to deploy cyberattacks with far-reaching, devastating consequences, it would be a mistake to count out their cyber capabilities just because they have so far proven unimpressive. And it’s all but impossible to prove the absence of cyber weapons in a nation’s arsenal. But the longer the conflict goes on without any signs of sophisticated cyber sabotage, the more plausible it becomes that the once formidable Russian hackers are no longer playing a central role in the country’s military operations.
Crowd-sourced attacks present new risk of crisis escalation
https://blog.talosintelligence.com/2022/03/ukraine-update.html
An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques.
Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well. Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine. Based on data from our fellow researchers at Cisco Kenna, customers should be most concerned about threat actors exploiting several recently disclosed vulnerabilities, highlighting the importance of consistently updating software and related systems.
Russia, Ukraine and the Danger of a Global Cyberwar
https://www.securityweek.com/russia-ukraine-and-danger-global-cyberwar
On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. At the time of writing, it is not yet a full invasion of Ukraine, but Russia did conduct attacks on February 24, hitting cities with airstrikes and artillery in what was called a “special military operation” by Russian President Vladamir Putin.
Russia has been waging its own cyberwar against Ukraine for many years.
Since the beginning of 2022, however, it seems that Russian cyber activity against Ukraine has increased. This includes evidence that wiper malware has again disrupted some Ukrainian government networks, and attacks from the FSB-linked Gamaredon have targeted around 5,000 entities, including critical infrastructure and government departments. So far, however, there has not been the same scale of disruption as occurred in 2015, 2016 and 2017.
The purpose of such cyber activity is to weaken critical infrastructure, damage government’s ability to respond to any aggression, and to demoralize the population.
The U.S. has been warning the rest of the world against a potential widening scope of Russian cyber activity, and that cyber defenses generally should be tightened.
“Part of the worry,” said Willett, “is that cyberattacks against Ukraine might bleed over, like NotPetya, to affect other countries and cause wider damage unintentionally. There is some concern that the Russians may intentionally do stuff more widely, but that would probably be in retaliation for something that the U.S. or NATO might do.
This raises the whole question of ‘attribution’. The received belief is it is impossible to do accurate cyber attribution. ““It would be a mistake for any one nation to think it could attack another without being known,” said Willett.That is absolutely wrong,” said Willett.
But accidents happen. The two iconic cyberweapons have been Stuxnet and NotPetya. It is assumed that the U.S. developed Stuxnet (although this has never been admitted). NotPetya has been confidently attributed to the Russian government. Both malwares escaped from their assumed targets into the wider world. This was probably accidental – but similar accidents could lead to wider implications during a period of global geopolitical tension.
On the morning of February 24, 2022, Russian troops invaded Ukraine. This was accompanied by a further increase in cyber activity.
Ukraine Digital Army Brews Cyberattacks, Intel and Infowar
https://www.securityweek.com/ukraine-digital-army-brews-cyberattacks-intel-and-infowar
Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence.
Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.
The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.
The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.
It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.
Ukraine Cyber Official: We Only Attack Military Targets
https://www.securityweek.com/ukraine-cyber-official-we-only-attack-military-targets
A top Ukrainian cybersecurity official said Friday a volunteer army of hundreds of hackers enlisted to fight Russia in cyberspace is attacking only what it deems military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
Victor Zhora, deputy chair of the state special communications service, also said that there had been about 10 hostile hijackings of local government websites in Ukraine to spread false text propaganda saying his government had capitulated. He said most of Ukraine’s telecommunications and internet were fully operational.
Zhora told reporters in a teleconference that presumed Russian hackers continued to try to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — trying to infect the devices of individual citizens.
Army of Cyber Hackers Rise Up to Back Ukraine
https://www.securityweek.com/army-cyber-hackers-rise-back-ukraine
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other “hacktivists” to stay out of a potentially very dangerous computer war.
According to Livia Tibirna, an analyst at cyber security firm Sekoia, nearly 260,000 people have joined the “IT Army” of volunteer hackers, which was set up at the initiative of Ukraine’s digital minister Mykhailo Fedorov.
The group, which can be accessed via the encrypted messaging service Telegram, has a list of potential targets in Russia, companies and institutions, for the hackers to target.
It’s difficult to judge the effect the cyber-army is having.
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Russia Blocks Access to Facebook Over War
https://www.securityweek.com/russia-blocks-access-facebook-over-war
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine.
The agency, Roskomnadzor, said Friday it decided to cut access to Facebook over its alleged “discrimination” of the Russian media and state information resources. It said the restrictions introduced by Facebook owner Meta on the RT and other state-controlled media violate the Russian law.
Cyberattack Knocks Thousands Offline in Europe
https://www.securityweek.com/cyberattack-knocks-thousands-offline-europe
Thousands of internet users across Europe have been thrown offline after what sources said Friday was a likely cyberattack at the beginning of Russia’s offensive in Ukraine.
According to Orange, “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a “cyber event” on February 24 at Viasat, a US satellite operator of which it is a client.
Eutelsat, the parent company of the bigblu satellite internet service, also confirmed to AFP on Friday that around one-third of bigblu’s 40,000 subscribers in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were affected by the outage on Viasat.
In the US, Viasat said on Wednesday that a “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
Viasat gave no further details, saying only that “police and state partners” had been notified and were “assisting” with investigations.
General Michel Friedling, head of France’s Space Command said there had been a cyberattack.
Cybercriminals Seek to Profit From Russia-Ukraine Conflict
https://www.securityweek.com/cybercriminals-seek-profit-russia-ukraine-conflict
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations.
Just over a month ago, soon after the destructive WhisperGate attacks on multiple government, IT, and non-profit organizations in Ukraine, threat actors started to advertise on the dark web access to both breached networks and databases that allegedly contained personally identifiable information (PII).
Amid Russian invasion, Ukraine granted formal role with NATO cyber hub https://therecord.media/amid-russian-invasion-ukraine-granted-formal-role-with-nato-cyber-hub/
Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col.
Jaak Tarien, the institution’s director, said in a statement.
This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
In the days following Russia’s invasion of Ukraine, dozens of hacking groups have taken sides in the conflict, launching attacks on various organizations and government institutions. Cyber Unit Technologies, a Kyiv-based cybersecurity startup, has been particularly outspoken on Tuesday, the company started a campaign to reward hackers for taking down Russian websites and pledged an initial $100, 000 to the program.
High Above Ukraine, Satellites Get Embroiled in the War
https://www.wired.com/story/ukraine-russia-satellites/
While the Russian invasion rages on the ground, companies that operate data-collecting satellites find themselves in an awkward position.
Some researchers are worried that the reliance on satellite imagery has given too much power to the companies that control this technology. “There’s companies like Maxar and Planet that are privately owned and they have the final say on whether or not they want to share the information, ” says Anuradha Damale. The role of private companies in conflicts such as Ukraine means commercial satellites could become targets. In the days before Russia invaded, US space officials warned satellite companies that the conflict could extend into space.
CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations
CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.
Alert: https://www.cisa.gov/uscert/ncas/alerts/aa22-057a
US firms should be wary of destructive malware unleashed on Ukraine, FBI and CISA warn – CNNPolitics
https://www.cnn.com/2022/02/26/politics/ukraine-malware-warning-cybersecurity-fbi-cisa/index.html
EU Activates Cyber Rapid Response Team Amid Ukraine Crisis
https://www.bankinfosecurity.com/eu-activates-cyber-rapid-response-team-amid-ukraine-crisis-a-18584
Amid rapid escalation in the Russia-Ukraine conflict derived from historical grievances and qualms with Ukraine’s plan to join the military alliance NATO, the world’s network defenders remain on high alert. And on Tuesday, the European Union confirmed that it will activate its elite cybersecurity team to assist Ukrainians if Russian cyberattacks occur.
UK alludes to retaliatory cyber-attacks on Russia
https://therecord.media/uk-alludes-to-retaliatory-cyber-attacks-on-russia/
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.
Amazon: Charities, aid orgs in Ukraine attacked with malware
https://www.bleepingcomputer.com/news/security/amazon-charities-aid-orgs-in-ukraine-attacked-with-malware/
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia’s war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.
Ransomware Used as Decoy in Destructive Cyberattacks on Ukraine
https://www.securityweek.com/ransomware-used-decoy-destructive-cyberattacks-ukraine
Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine
https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine
Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
The new malware, dubbed “HermeticWiper” by the cybersecurity community, is designed to erase infected Windows devices. The name references a digital certificate used to sign a malware sample — the certificate was issued to a Cyprus-based company called Hermetica Digital.
“At this time, we haven’t seen any legitimate files signed with this certificate. It’s possible that the attackers used a shell company or appropriated a defunct company to issue this digital certificate,” explained endpoint security firm SentinelOne, whose researchers have been analyzing the new malware.
The malware has also been analyzed by researchers at ESET and Symantec. Each of the companies has shared indicators of compromise (IoCs) associated with HermeticWiper.
ESET first spotted HermeticWiper on Wednesday afternoon (Ukraine time) and the company said hundreds of computers in Ukraine had been compromised.
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/
On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. Our analysis shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure. This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack. This sample is actively being used against Ukrainian organizations, and this blog will be updated as more information becomes available. Also:
https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/
HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine https://blog.malwarebytes.com/threat-intelligence/2022/03/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine/
The day before the invasion of Ukraine by Russian forces on February 24, a new data wiper was unleashed against a number of Ukrainian entities. This malware was given the name “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd. This wiper is remarkable for its ability to bypass Windows security features and gain write access to many low-level data-structures on the disk. In addition, the attackers wanted to fragment files on disk and overwrite them to make recovery almost impossible.
In Ukraine, Online Gig Workers Keep Coding Through the War
https://www.wired.com/story/gig-work-in-ukraine/
Freelancers or gig workers who piece together work on online platforms are a hidden engine of the Ukrainian economyand the world’s. They work as software engineers, project managers, IT technicians, graphic designers, editors, and copywriters. And they work for everyone.
Invading Russian forces have plunged freelancers’ home offices into chaos and uncertainty. Vlad, a video editor in southern Ukraine, says he’s grown accustomed to the air alarm signal, and hiding until it has passed. Now there are battles 30 miles from his home. “But as long as there is water, electricity, and internet, I can work, ” he says.
“Because we all need to live for something, eat
Leaving Russia? Experts Say Wipe Your Phone Before You Go
https://www.forbes.com/sites/thomasbrewster/2022/03/04/russians-escaping-putins-repression-urged-to-wipe-their-phones/
Russians fleeing President Vladimir Putin’s regime as it cracks down on anti-war sentimentand rumors of martial law grow louderare being advised to wipe their phones, especially of any traces of support for Ukraine. If they don’t, experts say they may face detention. They’re starting by deleting messages on Signal, Telegram or any app that promises security. For those leaving the country, they’re deleting the apps themselves, and urging others to do the same. Russian media has first-hand accounts of lengthy interrogations at the border, along with phone and laptop searches, though Forbes could not corroborate those claims.
Why ICANN Won’t Revoke Russian Internet Domains
The organization says cutting the country off would have “devastating” effects on the global internet system.
https://www.wired.com/story/why-icann-wont-revoke-russian-internet-domains/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
Ukraine on Monday asked ICANN to revoke Russian top-level domains such as .ru, .рф, and .su; to “contribute to the revoking for SSL certificates” of those domains; and to shut down DNS root servers in Russia. Fedorov argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
Ukraine’s request to cut Russia off from core parts of the internet has been rejected by the nonprofit group that oversees the Internet’s Domain Name System (DNS). CEO Göran Marby of the Internet Corporation for Assigned Names and Numbers (ICANN) said the group must “maintain neutrality and act in support of the global internet.”
“Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the internet—regardless of the provocations,” Marby wrote in his response to Ukraine Vice Prime Minister Mykhailo Fedorov.
https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf
TikTok Was Designed for War
As Russia’s invasion of Ukraine plays out online, the platform’s design and algorithm prove ideal for the messiness of war—but a nightmare for the truth.
https://www.wired.com/story/ukraine-russia-war-tiktok/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
2,362 Comments
Tomi Engdahl says:
https://media.sanoma.fi/kirjoituksia-markkinoinnista/2022-03-16-sanoma-jatkaa-mainonnan-sulkemista-pois-uutissivustoiltaan
Tomi Engdahl says:
Ukraine detains ‘hacker’ accused of aiding Russian troops amid broader struggle to secure communications https://edition.cnn.com/2022/03/15/europe/ukraine-detains-hacker/
Ukrainian authorities have detained a “hacker” who was allegedly helping the Russian military send instructions via mobile phone networks to its troops, Ukraine’s SBU security service said Tuesday.
The suspect, whom the SBU did not identify, was accused of being on “thousands” of phone calls to Russian officials, including senior military officers and of sending text messages to Ukrainian officials suggesting that they surrender. The equipment seized was used to route Ukrainian mobile phone traffic to Russian networks, according to Victor Zhora, a senior cybersecurity official in the Ukrainian government.
Tomi Engdahl says:
Kaspersky complains about ‘political’ German advisory against it https://www.zdnet.com/article/kaspersky-complains-about-political-german-advisory-against-it/
Kaspersky has responded to an advisory issued against it by the German Federal Office for Information Security (BSI) saying users should replace its products by claiming the warning is politically motivated.
“We believe this decision is not based on a technical assessment of Kaspersky products — that we continuously advocated for with the BSI and across Europe — but instead is being made on political grounds, ”
the security company said on Wednesday. “We believe that peaceful dialogue is the only possible instrument for resolving conflicts. War isn’t good for anyone.”. Kaspersky statement:
https://www.kaspersky.com/about/press-releases/2022_kaspersky-statement-regarding-the-bsi-warning
Tomi Engdahl says:
The Russia-Ukraine War And The Revival Of Hacktivism https://www.digitalshadows.com/blog-and-research/the-russia-ukraine-war-and-the-revival-of-hacktivism/
Another notable response is the resurgence of hacktivism. A variety of hacktivist attacks have been conducted, with a significant number, unsurprisingly, coming from within Ukraine. This blog will dive into hacktivist activity we’ve observed in the past few weeks, and discuss what hacktivists are doing differently this time around.
Tomi Engdahl says:
Thousands of drivers in Ukraine are embarking on what some have called suicide missions to bring vans full of chicken to people who’ve gone days without food.
Hungry Ukrainians Trapped By Russian Attacks Get Food Deliveries From Drivers Risking Their Lives
https://www.forbes.com/sites/chloesorvino/2022/03/16/hungry-ukrainians-trapped-by-russian-attacks-get-food-deliveries-from-drivers-risking-their-lives/?utm_campaign=socialflowForbesMainFB&utm_medium=social&utm_source=ForbesMainFacebook&sh=60e5d76362ee
Tomi Engdahl says:
Russia’s cyber weapons might be as weak as its artillery, says expert
https://cybernews.com/cyber-war/russias-cyber-weapons-might-be-as-weak-as-its-artillery-says-expert/
Tomi Engdahl says:
Hacker breaches key Russian ministry in blink of an eye
https://securityaffairs.co/wordpress/129108/hacking/russian-ministry-hack.html
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network.
Tomi Engdahl says:
Elon Musk is pretty much transparent on his support to Ukraine against the Russian invasion. Read on to know more about the billionaire’s actions and tirades against the aggressors and their president Vladimir Putin.
Amidst Starlink’s Internet Maintenance in Ukraine, Elon Musk Challenged Putin; Roscosmos Director Rogozin Responds
https://lm.facebook.com/l.php?u=https%3A%2F%2Fwww.sciencetimes.com%2Farticles%2F36626%2F20220316%2Famidst-starlinks-internet-maintenance-ukraine-elon-musk-challenged-putin-roscosmos.htm&h=AT0ne7r_xbZQTllLyVbTTjpZkQ8-VgCeEPYqtYnAISrevhLs2L9vAVWvc2ud52weOMmnLn3oN49SG6VkyApcGThJCD6UqFVgkpD3ClVTq3WOgI6V28NITemyvrvzbvBl2w
Amid the conflict in Europe, tech giant Elon Musk recently iterated his support for Ukraine against its aggressor, Russia, through a series of tweets.
Elon Musk’s Support to Ukraine Through SpaceX and Starlink, Challenges Vladimir Putin
Elon Musk directly challenged the Russian president Vladimir Putin in single combat, saying that the stakes are Ukraine. Along with the tweet, the billionaire spelled out Putin’s whole name and Ukraine in Russian characters.
Days after the billionaire’s challenge, Elon Musk did not receive any official replies from the government or the Russian president himself.
However, the trolling of the SpaceX CEO did irritate some of Putin’s underlings. One of them was Russian space agency Roscosmos chief Dmitry Rogozin, notorious for dropping baseless accusations and threats from opposing parties in the space industry.
Tomi Engdahl says:
Zelenskyi joutui deepfake-iskun kohteeksi – ei ole oikeasti pyytänyt joukkojaan antautumaan https://www.iltalehti.fi/digiuutiset/a/3398d2c7-5c47-4ffb-a452-dba70955ee49
Tomi Engdahl says:
Putinin raivokas puhe: Länsimieliset venäläiset ”saastaisia pettureita” https://www.iltalehti.fi/ulkomaat/a/c59e5f2f-3fc8-4781-b7de-f3ff0b93ab57
Tomi Engdahl says:
Venäjän armeijalla pulaa sotilaista – tästä se johtuu https://www.iltalehti.fi/ulkomaat/a/086dfa0e-9298-44c0-9796-59125813c887
Tomi Engdahl says:
Eliza Gkritsi / CoinDesk:
Ukrainian President Volodymyr Zelenskyy signs a law legalizing cryptocurrencies in the country, after parliament passed the virtual asset bill on February 17 — Ukraine has received $100 million in crypto donations during its war with Russia. — Ukrainian President Volodymyr Zelenskyy legalized crypto …
Ukraine’s Zelenskyy Signs Virtual Assets Bill Into Law, Legalizing Crypto
Ukraine has received $100 million in crypto donations during its war with Russia.
https://www.coindesk.com/policy/2022/03/16/ukraines-zelensky-signs-virtual-assets-bill-into-law-legalizing-crypto/
Ukrainian President Volodymyr Zelenskyy legalized crypto in the country, signing into law a bill on virtual assets, amid a frenzy of digital asset donations to support the country’s defense against a Russian invasion.
Tomi Engdahl says:
Eva Mathews / Reuters:
Qualcomm says it stopped selling products to Russian companies in compliance with US sanctions, donated to relief organizations, and matched employee donations — Chipmaker Qualcomm Inc (QCOM.O) said on Wednesday it has stopped selling its products to Russian companies in compliance …
https://www.reuters.com/technology/qualcomm-stops-selling-products-russian-companies-2022-03-16/
Tomi Engdahl says:
TechCrunch:
Sources: Yandex is in negotiations to sell its media unit, including aggregator Yandex News and recommendation engine Yandex Zen, possibly to social network VK
Russia’s war hits Yandex, the ‘Google of Russia’
Sources say the company is seeking a media exit as top exec hit with sanctions over propaganda charge
https://techcrunch.com/2022/03/16/russia-yandex-news-vk/
Tomi Engdahl says:
TV station Ukraine 24 falsely reported Wednesday that Ukrainian President Volodymyr Zelensky had announced his country would surrender to Russia.
‘Hacked’ Ukrainian TV Station Transmits Fake Zelensky Surrender Announcement
https://www.forbes.com/sites/zacharysmith/2022/03/16/hacked-ukrainian-tv-station-transmits-fake-zelensky-surrender-announcement/
TV station Ukraine 24 falsely reported Wednesday that Ukrainian President Volodymyr Zelensky had announced his country would surrender to Russia, in an episode of disinformation the station attributed to “enemy hackers.”
Tomi Engdahl says:
More Russian TV News Employees Resign After Monday’s On-Air Protest
https://lm.facebook.com/l.php?u=https%3A%2F%2Fwww.thewrap.com%2Frussian-tv-news-resignations-protest%2F&h=AT2kABUdbxa4BBRTSq59eh3W4JE8hbSxrPlGBSv4XQlTnORAlo_LAsBZ5HpssTm6YiB0WeEK4ZpFwbDuVJYJdQvfdNfGgz5YKlcQbKorDw-9XjuPnAqQBxa0SwXp4LtyKA
Tomi Engdahl says:
Over 300,000 Hackers Join Ukraine’s Volunteer “IT Army” Against Russia
https://www.iflscience.com/technology/over-300000-hackers-join-ukraines-volunteer-it-army-against-russia/
Tomi Engdahl says:
https://www.op-media.fi/yrittajyys/yrityksen-kannattaa-perata-venaja-pakotteet-tarkkaan/
Tomi Engdahl says:
https://cybernews.com/cyber-war/hacker-breaches-key-russian-ministry-in-blink-of-an-eye/
Tomi Engdahl says:
Russia faces IT crisis with just two months of data storage left
https://www.bleepingcomputer.com/news/technology/russia-faces-it-crisis-with-just-two-months-of-data-storage-left/
Russia faces a critical IT storage crisis after Western cloud providers pulled out of the country, leaving Russia with only two more months before they run out of data storage.
The Russian government is exploring various solutions to resolve this IT storage problem, ranging from leasing all available domestic data storage to seizing IT resources left behind by businesses that pulled out of the country.
These solutions were proposed during a meeting held at the Ministry of Digital Transformation, attended by representatives of Sberbank, MTS, Oxygen, Rostelecom, Atom-Data, Croc, and Yandex.
Tomi Engdahl says:
https://newlinesmag.com/argument/putins-worsening-problems/
Tomi Engdahl says:
https://media.sanoma.fi/kirjoituksia-markkinoinnista/2022-03-16-sanoma-jatkaa-mainonnan-sulkemista-pois-uutissivustoiltaan?utm_source=facebook&utm_medium=social&utm_campaign=b2b_vk_kirjoituksia_markkinoinnista&utm_content=brand_safety&fbclid=IwAR09ulafoqflpfmTw686NrwoWOKrWIVEZapBxGGrm5PwkTPGCB5Vi8BykXo
Tomi Engdahl says:
anks on alert for Russian reprisal cyberattacks on Swift
Payments messaging system could be targeted as pinch point of global transactions network.
https://www.ft.com/content/a2bdba3b-f1dd-4c9f-a0de-9ffff6e744e4
Tomi Engdahl says:
‘Hacked’ Ukrainian TV Station Transmits Fake Zelensky Surrender Announcement
https://www.forbes.com/sites/zacharysmith/2022/03/16/hacked-ukrainian-tv-station-transmits-fake-zelensky-surrender-announcement/
Tomi Engdahl says:
https://www.iflscience.com/health-and-medicine/who-told-ukraine-labs-to-destroy-highthreat-pathogens-as-russia-closes-in/
Tomi Engdahl says:
‘Not the time to go poking around’: How former U.S. hackers view dealing with Russia
People with experience in U.S. hacking operations say they expect both Washington and Moscow to show caution in how they wield their digital weapons.
https://www.politico.com/news/2022/03/12/cyber-russia-hacking-security-00016598
Tomi Engdahl says:
Suomi panostaa huoltovarmuuteen ja varautumiseen – ”Jotain voi päätellä siitä, että pelkästään maatalouden ratkaisu oli nyt 300 miljoonaa” https://www.is.fi/politiikka/art-2000008688853.html
Tomi Engdahl says:
#TBT: In hindsight, the Kremlin’s 2018 announcement that it was building its own Internet looks a little different.
Why Russia Is Building Its Own Internet The Kremlin has a bold plan to protect itself from “possible external influence”
https://spectrum.ieee.org/could-russia-really-build-its-own-alternate-internet
Tomi Engdahl says:
Flows through Russia’s Yamal-Europe gas pipeline turn eastwards
https://lm.facebook.com/l.php?u=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fenergy%2Frussias-yamal-europe-gas-pipeline-halts-westbound-flows-data-2022-03-15%2F&h=AT3wCTEYxkIRSP4Bl1yK7ZARc5SfaVq8W_0xLVRrc1-CcMdO1UEYfbyOqFC76dYyKrdbcj9SaECnv26ocNocTRlJgADIJ6rkNbuIG9K6pMBqFpdQ0qpDfCbGhowtUqyWMw
A section of the Russian Yamal-Europe pipeline reversed flows on Tuesday morning, with gas heading eastbound to Poland from Germany having flowed west earlier in the morning.
The pipeline is one of the major routes for Russian gas supplied to Europe, and with markets on edge about possible disruptions to energy supplies following Russia’s invasion of Ukraine, European gas prices rose on Tuesday morning.
Gas had previously been flowing towards Germany amid strong demand and high gas prices.
Russian gas flows to Europe through other major routes including the Nord Stream 1 pipeline across the Baltic Sea were stable on Tuesday morning.
Tomi Engdahl says:
https://maanpuolustuskorkeakoulu.fi/ukrainan-sodan-tilanne
Tomi Engdahl says:
Hacked Ukrainian TV Station Plays Laughably Bad Volodymyr Zelenskyy Deepfake
https://www.iflscience.com/technology/hacked-ukrainian-tv-station-plays-laughably-bad-volodymyr-zelenskyy-deepfake/
BY JAMES FELTON
17 MAR 2022, 15:41
Experts have warned for years that deepfakes could be weaponized during a war of misinformation. Acting on this advice, earlier this month the Ukrainian Center for Strategic Communications and Information Security warned that Putin may utilize deepfakes to make it look like President Zelensky had surrendered.
“Imagine seeing Vladimir Zelensky on TV making a surrender statement. You see it, you hear it – so it’s true. But this is not the truth. This is deepfake technology. This will not be a real video, but created through machine learning algorithms,” the Facebook post by the Center read.
Tomi Engdahl says:
https://maphub.net/Cen4infoRes/russian-ukraine-monitor
Tomi Engdahl says:
“Tämä sota on jälleen yksi hirmuinen osoitus siitä, millainen tuhovoima autoritaarisella hallinnolla voi olla ilman valvontaa, vastavoimia ja tiedonvapautta.”
Putin on jo hävinnyt sotansa
https://www.hs.fi/mielipide/art-2000008680378.html?share=6c9bbbdddf7aae0dacc7f379e955ee71
Eeppisen virhearvion jälkeen edessä on kolme epämääräistä skenaariota, joista yksikään ei ole Venäjälle voitokas, kirjoittaa moskovalainen politiikan tutkija ja toimittaja Kirill Rogov.
Tomi Engdahl says:
Hacking & Security
Hundreds of thousands of hackers have banded together to fight Russia
Hundreds of thousands of people have formed a group of hackers that are designated tasks to fight Vladimir Putin digitally.
Read more: https://www.tweaktown.com/news/85099/hundreds-of-thousands-hackers-have-banded-together-to-fight-russia/index.html
Tomi Engdahl says:
Since Russia’s invasion of his country, Ukraine deputy prime minister Mykhailo Fedorov has written scores of letters to tech companies urging them to quit doing business with what he calls the Kremlin war machine.
Among the latest targets is Chinese drone supplier DJI. Both Ukrainian and Russian militaries have been using DJI’s technology, according to various social media posts and reports, even though DJI says its drones are for hobbyists, police and first responders, not for helping wage war.
http://on.forbes.com/6182Klvmq
Tomi Engdahl says:
Zelenskyiä vastaan iskettiin likaisella tempulla – presidentti kuittasi heti takaisin https://www.is.fi/digitoday/art-2000008688276.html
https://securityaffairs.co/wordpress/129124/intelligence/russia-deepfake-video-zelenskyy.html
Tomi Engdahl says:
[A phone relay capture may be the latest of Russia’s communications woes in Ukraine (msn.com)](https://www.msn.com/en-us/news/world/a-phone-relay-capture-may-be-the-latest-of-russia-s-communications-woes-in-ukraine/ar-AAV5USN?ocid=winp1taskbar)
Ukraine Arrests ‘Hacker’ It Says Was Routing Calls for Russian Troops
Russia may be relying on hackers like this after Ukrainian telecommunications firms blocked Russian and Belarusian numbers.
https://www.vice.com/en/article/v7djda/ukraine-arrests-hacker-routing-calls-for-russian-troops
Tomi Engdahl says:
https://spectrum.ieee.org/the-institute/collections/ukraine-stories/
Tomi Engdahl says:
The graphic footage, which looks real, is being disseminated on social media by the Ukrainian government and local news outlets to send the message that what’s happening in their home country could come to pass in other democracies, and to urge the closing of airspace over Ukraine. https://trib.al/uzex4Dc
Ukraine’s Promotion Of Fake Paris Bombing Video Highlights Risks Of Misinformation
https://www.forbes.com/sites/alexandralevine/2022/03/17/ukraines-promotion-of-fake-paris-bombing-video-highlights-risks-of-misinformation/?utm_campaign=socialflowForbesMainFB&utm_medium=social&utm_source=ForbesMainFacebook&sh=10c5eb641e9b
Tomi Engdahl says:
“Ukrainan strategisen viestinnän keskus on varoittanut ihmisiä deepfake-videosta. Maan hallitus varoitti kaksi viikkoa sitten, että Venäjä saattaa käyttää Zelenskyistä tehtyjä deepfake-videoita propagandassaan”, kertoo Tivi uutisessaan. Deepfake-videot ovat osa Venäjän propagandaa. FB ja muut sosiaalisen median kanavat ovat poistaneet alkuperäisen videon alustaltaan. Zelenskyi itse vastasi väärennettyyn videoon julkaisemalla oman videonsa, jossa hän kehotti Venäjän joukkoja antautumaan. Uutinen päivältä 17.3.2022.
Ukrainan pelot kävivät toteen – presidentti Zelenskyi ”antautui” väärennetyllä videolla
https://www.tivi.fi/uutiset/tv/4b49c6dd-90b3-4cea-b8a4-f450cc66b413
Facebook on poistanut palvelustaan väärennetyn videon, jolla Ukrainan presidentti Volodymyr Zelenskiy näytti kehottavan joukkojaan antautumaan Venäjälle. Hakkeroidulla Ukraine 24 -verkkosivustolla alun perin keskiviikkona julkaistu video lähti nopeasti leviämään sosiaalisessa mediassa.
Asiasta uutisoivan Bleeping Computerin mukaan kyse oli tekoälysovelluksella luodusta niin sanotusta deepfake-videosta. Deepfake-videot luovat kohteestaan realistisen näköisen ja kuuloisen videon, jota on äkkiseltään vaikeaa erottaa oikeasta henkilöstä.
Facebook removes deepfake of Ukrainian President Zelenskyy
https://www.bleepingcomputer.com/news/technology/facebook-removes-deepfake-of-ukrainian-president-zelenskyy/
Tomi Engdahl says:
NPR:n mukaan videon nähneet katsojat huomasivat pian, ettei Zelenskyin aksentti kuulostanut aidolta, minkä lisäksi tämän pään liikkeet videolla vaikuttivat epäluonnollisilta lähemmin tarkasteltuna.
Deepfake video of Zelenskyy could be ‘tip of the iceberg’ in info war, experts warn
https://www.npr.org/2022/03/16/1087062648/deepfake-video-zelenskyy-experts-war-manipulation-ukraine-russia
A fake and heavily manipulated video depicting Ukrainian President Volodymyr Zelenskyy circulated on social media and was placed on a Ukrainian news website by hackers Wednesday before it was debunked and removed.
The video, which shows a rendering of the Ukrainian president appearing to tell his soldiers to lay down their arms and surrender the fight against Russia, is a so-called deepfake that ran about a minute long.
It is not yet clear who created the deepfake, but government officials in Ukraine have been warning for weeks about the possibility of Russia spreading manipulated videos as part of its information warfare.
While the video shows a passable lip-sync, viewers quickly pointed out that Zelenskyy’s accent was off and that his head and voice did not appear authentic upon close inspection.
Officials at Facebook, YouTube and Twitter said the video was removed from their platforms for violating policies. On Russian social media, meanwhile, the deceptive video was boosted.
“This is the first one we’ve seen that really got some legs, but I suspect it’s the tip of the iceberg,” said Hany Farid, a professor at the University of California, Berkeley who is an expert in digital media forensics.
The national television station Ukraine 24 confirmed that hackers managed to send the fake Zelenskyy message across live television on the scrolling-text news crawl known as “the ticker,” and the video showed up briefly on the news station’s website. It was the work of “enemy hackers,” the station said.
The messages the hackers managed to broadcast through Ukraine 24 urged Ukrainians to stop fighting and give up their weapons. They also falsely stated that Zelenskyy had fled Kyiv, according to the Atlantic Council’s Eurasia researcher Roman Osadchuk.
Tomi Engdahl says:
Nämä neljä “uutista” Ukrainan sodasta eivät olleet totta
Asiayhteydestään irrotettujen tai täysin tekaistujen kuvien sekä videoiden esittäminen todisteina sotatapahtumista on tavallista verkon valesisältöä.
https://yle.fi/uutiset/3-12364189
Tomi Engdahl says:
BIG sabotage: Famous npm package deletes files to protest Ukraine war
https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/
This month, the developer behind the popular npm package ‘node-ipc’ released sabotaged versions of the library in protest of the ongoing Russo-Ukrainian War.
Newer versions of the ‘node-ipc’ package began deleting all data and overwriting all files on developer’s machines, in addition to creating new text files with “peace” messages.
With over a million weekly downloads, ‘node-ipc’ is a prominent package used by major libraries like Vue.js CLI.
Protestware: Ukraine’s ongoing crisis bleeds into open source
Select versions (10.1.1 and 10.1.2) of the massively popular ‘node-ipc’ package were caught containing malicious code that would overwrite or delete arbitrary files on a system for users based in Russia and Belarus. These versions are tracked under CVE-2022-23812.
Tomi Engdahl says:
China’s DJI And Its Billionaire Chief Put In An Awkward Spot As Both Sides In Ukraine War Use Its Drones https://www.forbes.com/sites/thomasbrewster/2022/03/17/chinas-dji-and-its-billionaire-chief-put-in-an-awkward-spot-as-both-sides-in-ukraine-war-use-its-drones/
Since Russia’s invasion of his country, Ukraine deputy prime minister Mykhailo Fedorov has written scores of letters to tech companies urging them to quit doing business with what he calls the Kremlin war machine. Among the latest targets is Chinese drone supplier DJI. Both Ukrainian and Russian militaries have been using DJI’s technology, according to various social media posts and reports, even though DJI says its drones are for hobbyists, police and first responders, not for helping wage war.
Tomi Engdahl says:
https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html?m=1
Tomi Engdahl says:
#Anonymous targets German branch of russian oil company Rosneft and steals 20TB of confident data. #privacy #cybersecurity
https://www.immuniweb.com/blog/anonymous-targets-german-branch-of-rosneft-steals-20tb-of-data.html
Tomi Engdahl says:
The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations.
The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations.
https://securityaffairs.co/wordpress/129157/hacktivism/anonymous-vs-russia-2.html
Tomi Engdahl says:
Russian fast-food chain backed by parliament to replace McDonald’s reveals near-identical branding
https://www.independent.co.uk/news/world/europe/mcdonalds-russia-fast-food-trademark-b2037987.html#Echobox=1647520914
Moscow has invested in domestic fast-food chains after McDonald’s shut its restaurants in Russia
A Russian restaurant chain billed as a replacement for McDonald’s has reportedly revealed a logo that is extremely similar to the fast-food giant’s famous gold arches.
A Russian restaurant chain billed as a replacement for McDonald’s has reportedly revealed a logo that is extremely similar to the fast-food giant’s famous gold arches.
McDonald’s last week said it would temporarily close all 847 of its restaurants in Russia as global brands face consumer pressure to oppose Vladimir Putin’s invasion of Ukraine.
The mayor of Moscow said domestic chains could replace the 250 McDonald’s restaurants in the Russian capital within a year, Russia’s Interfax news agency said.
The Chicago-based burger giant said it would continue paying its 62,000 employees in Russia “who have poured their heart and soul into our McDonald’s brand”.
Tomi Engdahl says:
The act is believed to be the first time a hack-and-leak operation weaponized the leak of intellectual property to harm a nation. It’s taking a multi-billion dollar project that Russia has been building and made it open-source.
-tip of the hat to Amber DeVibiss
In a first, Ukraine leaks Russian intellectual property as act of war
https://www.scmagazine.com/analysis/breach/in-a-first-ukraine-leaks-russian-intellectual-property-as-act-of-war
The Main Intelligence Department of the Ministry of Defense of Ukraine (GURMO) hacked and leaked documents it claimed it stole from the Russian Beloyarsk Nuclear Power Station this week. The act is believed to be the first time a hack-and-leak operation weaponized the leak of intellectual property to harm a nation.
GURMO has leaked a broad set of documents to writer Jeffery Carr, author of the book “Inside Cyber Warfare” and creator of the Suits and Spooks conference, to disseminate through his new Substack newsletter. Later in the week, Carr sent out a second article of documents, this time of the Russian space program.
Beloyarsk’s trade secrets may be valuable. It is home to the only two fast-breed nuclear reactors in commercial operation, the BN-600 and BN-800. The Beloyarsk technology is so fuel-efficient that it creates no nuclear waste, with countries such as Japan and France investing considerably to replicate it.
Tomi Engdahl says:
Ukraine’s president signs law to legalize crypto as digital donations roll in
https://techcrunch.com/2022/03/16/ukraines-president-just-signed-a-law-to-legalize-crypto-as-digital-donations-roll-in/?tpcc=tcplusfacebook
A month ago, Ukraine’s parliament passed a bill to legalize cryptocurrency, preparing a framework for the regulation and management of cryptocurrencies like Bitcoin and Ethereum. Today, the country’s president, Volodymyr Zelenskyy, signed into law that bill, “On Virtual Assets,” which establishes a legal framework for the country to operate a regulated crypto market.