Ukraine and Russia seems to be at the moments on both traditional and cyber war. We could call that hybrid warfare. We are at a cyber war. Countless examples exist of damage to infrastructure from hostile acts via computer attacks. Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar. On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. Russia started to conduct attacks to Ukraine on February 24. Before physical attacks Russia did several cyber attacks towards IT systems in Ukraine.
Here are links to some material on the cyber side of this war:
How the Eastern Europe Conflict Has Polarized Cyberspace
https://blog.checkpoint.com/2022/02/27/how-the-eastern-europe-conflict-polarized-cyberspace/
The war between Russia and Ukraine is advancing. People everywhere are deciding who they will support. The same dynamic happens in the cyberspace. Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices. Historically, Russia has had superiority over Ukraine in the cyberspace. And last week, Ukraine was attacked by destructive wiping malware. However, the situation is starting to change, as most of the non-nation cyber state actors are taking the side of Ukraine. To defend itself, the Ukrainian government has created an international IT army of hacktivists.
As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
https://techcrunch.com/2022/03/02/as-war-escalates-in-europe-its-shields-up-for-the-cybersecurity-industry/
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns. We are fielding a growing number of inquiries about these aspects and our work, and therefore we are putting in one place a short summary about them in this blog. This includes four areas: protecting Ukraine from cyberattacks; protection from state-sponsored disinformation campaigns; support for humanitarian assistance; and the protection of our employees.. Also:
https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/
Ukraine: Cyberwar creates chaos, ‘it won’t win the war’
https://www.dw.com/en/ukraine-cyberwar-creates-chaos-it-wont-win-the-war/a-60999197
There have been at least 150 cyberattacks in Ukraine since Russia’s invasion. Their effect is mainly psychological, and experts say they won’t decide the war.
Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar.
The global technology company Microsoft has said its Threat Intelligence Center (MSTIC) detected “destructive cyberattacks directed against Ukraine’s digital infrastructure” hours before the first launch of missiles or movement of tanks on February 24.
Those attacks, which Microsoft dubbed FoxBlade, included so-called wipers — malicious software or malware — that make their way inside computer networks and literally wipe the data from all connected devices.
Cybersecurity experts in Germany have said there have been over a hundred cyberattacks, in various forms, since then. But their effect has mainly been psychological.
Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine
https://time.com/6153902/russia-major-cyber-attacks-invasion-ukraine/
In the relatively short and rapidly evolving history of cyber conflict, perhaps nothing has been established with greater certainty and more widely accepted than the idea that Russia has significant cyber capabilities and isn’t afraid to use them—especially on Ukraine. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and the virus quickly spread across the globe costing businesses billions of dollars in damage and disruption.
As tensions escalated between Russia and Ukraine, many people were expecting the conflict to have significant cyber components.
But as the invasion continues with few signs of any sophisticated cyber conflict, it seems less and less likely that Russia has significant cyber capabilities in reserve, ready to deploy if needed. Instead, it begins to look like Russia’s much vaunted cyber capabilities have been neglected in recent years, in favor of developing less expensive, less effective cyber weapons that cause less widespread damage and are considerably easier to contain and defend against. For instance, many of the cyberattacks directed at Ukraine in the past month have been relatively basic distributed denial-of-service attacks.
Given Russia’s past willingness to deploy cyberattacks with far-reaching, devastating consequences, it would be a mistake to count out their cyber capabilities just because they have so far proven unimpressive. And it’s all but impossible to prove the absence of cyber weapons in a nation’s arsenal. But the longer the conflict goes on without any signs of sophisticated cyber sabotage, the more plausible it becomes that the once formidable Russian hackers are no longer playing a central role in the country’s military operations.
Crowd-sourced attacks present new risk of crisis escalation
https://blog.talosintelligence.com/2022/03/ukraine-update.html
An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques.
Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well. Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine. Based on data from our fellow researchers at Cisco Kenna, customers should be most concerned about threat actors exploiting several recently disclosed vulnerabilities, highlighting the importance of consistently updating software and related systems.
Russia, Ukraine and the Danger of a Global Cyberwar
https://www.securityweek.com/russia-ukraine-and-danger-global-cyberwar
On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. At the time of writing, it is not yet a full invasion of Ukraine, but Russia did conduct attacks on February 24, hitting cities with airstrikes and artillery in what was called a “special military operation” by Russian President Vladamir Putin.
Russia has been waging its own cyberwar against Ukraine for many years.
Since the beginning of 2022, however, it seems that Russian cyber activity against Ukraine has increased. This includes evidence that wiper malware has again disrupted some Ukrainian government networks, and attacks from the FSB-linked Gamaredon have targeted around 5,000 entities, including critical infrastructure and government departments. So far, however, there has not been the same scale of disruption as occurred in 2015, 2016 and 2017.
The purpose of such cyber activity is to weaken critical infrastructure, damage government’s ability to respond to any aggression, and to demoralize the population.
The U.S. has been warning the rest of the world against a potential widening scope of Russian cyber activity, and that cyber defenses generally should be tightened.
“Part of the worry,” said Willett, “is that cyberattacks against Ukraine might bleed over, like NotPetya, to affect other countries and cause wider damage unintentionally. There is some concern that the Russians may intentionally do stuff more widely, but that would probably be in retaliation for something that the U.S. or NATO might do.
This raises the whole question of ‘attribution’. The received belief is it is impossible to do accurate cyber attribution. ““It would be a mistake for any one nation to think it could attack another without being known,” said Willett.That is absolutely wrong,” said Willett.
But accidents happen. The two iconic cyberweapons have been Stuxnet and NotPetya. It is assumed that the U.S. developed Stuxnet (although this has never been admitted). NotPetya has been confidently attributed to the Russian government. Both malwares escaped from their assumed targets into the wider world. This was probably accidental – but similar accidents could lead to wider implications during a period of global geopolitical tension.
On the morning of February 24, 2022, Russian troops invaded Ukraine. This was accompanied by a further increase in cyber activity.
Ukraine Digital Army Brews Cyberattacks, Intel and Infowar
https://www.securityweek.com/ukraine-digital-army-brews-cyberattacks-intel-and-infowar
Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence.
Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.
The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.
The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.
It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.
Ukraine Cyber Official: We Only Attack Military Targets
https://www.securityweek.com/ukraine-cyber-official-we-only-attack-military-targets
A top Ukrainian cybersecurity official said Friday a volunteer army of hundreds of hackers enlisted to fight Russia in cyberspace is attacking only what it deems military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
Victor Zhora, deputy chair of the state special communications service, also said that there had been about 10 hostile hijackings of local government websites in Ukraine to spread false text propaganda saying his government had capitulated. He said most of Ukraine’s telecommunications and internet were fully operational.
Zhora told reporters in a teleconference that presumed Russian hackers continued to try to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — trying to infect the devices of individual citizens.
Army of Cyber Hackers Rise Up to Back Ukraine
https://www.securityweek.com/army-cyber-hackers-rise-back-ukraine
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other “hacktivists” to stay out of a potentially very dangerous computer war.
According to Livia Tibirna, an analyst at cyber security firm Sekoia, nearly 260,000 people have joined the “IT Army” of volunteer hackers, which was set up at the initiative of Ukraine’s digital minister Mykhailo Fedorov.
The group, which can be accessed via the encrypted messaging service Telegram, has a list of potential targets in Russia, companies and institutions, for the hackers to target.
It’s difficult to judge the effect the cyber-army is having.
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Russia Blocks Access to Facebook Over War
https://www.securityweek.com/russia-blocks-access-facebook-over-war
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine.
The agency, Roskomnadzor, said Friday it decided to cut access to Facebook over its alleged “discrimination” of the Russian media and state information resources. It said the restrictions introduced by Facebook owner Meta on the RT and other state-controlled media violate the Russian law.
Cyberattack Knocks Thousands Offline in Europe
https://www.securityweek.com/cyberattack-knocks-thousands-offline-europe
Thousands of internet users across Europe have been thrown offline after what sources said Friday was a likely cyberattack at the beginning of Russia’s offensive in Ukraine.
According to Orange, “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a “cyber event” on February 24 at Viasat, a US satellite operator of which it is a client.
Eutelsat, the parent company of the bigblu satellite internet service, also confirmed to AFP on Friday that around one-third of bigblu’s 40,000 subscribers in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were affected by the outage on Viasat.
In the US, Viasat said on Wednesday that a “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
Viasat gave no further details, saying only that “police and state partners” had been notified and were “assisting” with investigations.
General Michel Friedling, head of France’s Space Command said there had been a cyberattack.
Cybercriminals Seek to Profit From Russia-Ukraine Conflict
https://www.securityweek.com/cybercriminals-seek-profit-russia-ukraine-conflict
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations.
Just over a month ago, soon after the destructive WhisperGate attacks on multiple government, IT, and non-profit organizations in Ukraine, threat actors started to advertise on the dark web access to both breached networks and databases that allegedly contained personally identifiable information (PII).
Amid Russian invasion, Ukraine granted formal role with NATO cyber hub https://therecord.media/amid-russian-invasion-ukraine-granted-formal-role-with-nato-cyber-hub/
Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col.
Jaak Tarien, the institution’s director, said in a statement.
This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
In the days following Russia’s invasion of Ukraine, dozens of hacking groups have taken sides in the conflict, launching attacks on various organizations and government institutions. Cyber Unit Technologies, a Kyiv-based cybersecurity startup, has been particularly outspoken on Tuesday, the company started a campaign to reward hackers for taking down Russian websites and pledged an initial $100, 000 to the program.
High Above Ukraine, Satellites Get Embroiled in the War
https://www.wired.com/story/ukraine-russia-satellites/
While the Russian invasion rages on the ground, companies that operate data-collecting satellites find themselves in an awkward position.
Some researchers are worried that the reliance on satellite imagery has given too much power to the companies that control this technology. “There’s companies like Maxar and Planet that are privately owned and they have the final say on whether or not they want to share the information, ” says Anuradha Damale. The role of private companies in conflicts such as Ukraine means commercial satellites could become targets. In the days before Russia invaded, US space officials warned satellite companies that the conflict could extend into space.
CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations
CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.
Alert: https://www.cisa.gov/uscert/ncas/alerts/aa22-057a
US firms should be wary of destructive malware unleashed on Ukraine, FBI and CISA warn – CNNPolitics
https://www.cnn.com/2022/02/26/politics/ukraine-malware-warning-cybersecurity-fbi-cisa/index.html
EU Activates Cyber Rapid Response Team Amid Ukraine Crisis
https://www.bankinfosecurity.com/eu-activates-cyber-rapid-response-team-amid-ukraine-crisis-a-18584
Amid rapid escalation in the Russia-Ukraine conflict derived from historical grievances and qualms with Ukraine’s plan to join the military alliance NATO, the world’s network defenders remain on high alert. And on Tuesday, the European Union confirmed that it will activate its elite cybersecurity team to assist Ukrainians if Russian cyberattacks occur.
UK alludes to retaliatory cyber-attacks on Russia
https://therecord.media/uk-alludes-to-retaliatory-cyber-attacks-on-russia/
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.
Amazon: Charities, aid orgs in Ukraine attacked with malware
https://www.bleepingcomputer.com/news/security/amazon-charities-aid-orgs-in-ukraine-attacked-with-malware/
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia’s war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.
Ransomware Used as Decoy in Destructive Cyberattacks on Ukraine
https://www.securityweek.com/ransomware-used-decoy-destructive-cyberattacks-ukraine
Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine
https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine
Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
The new malware, dubbed “HermeticWiper” by the cybersecurity community, is designed to erase infected Windows devices. The name references a digital certificate used to sign a malware sample — the certificate was issued to a Cyprus-based company called Hermetica Digital.
“At this time, we haven’t seen any legitimate files signed with this certificate. It’s possible that the attackers used a shell company or appropriated a defunct company to issue this digital certificate,” explained endpoint security firm SentinelOne, whose researchers have been analyzing the new malware.
The malware has also been analyzed by researchers at ESET and Symantec. Each of the companies has shared indicators of compromise (IoCs) associated with HermeticWiper.
ESET first spotted HermeticWiper on Wednesday afternoon (Ukraine time) and the company said hundreds of computers in Ukraine had been compromised.
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/
On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. Our analysis shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure. This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack. This sample is actively being used against Ukrainian organizations, and this blog will be updated as more information becomes available. Also:
https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/
HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine https://blog.malwarebytes.com/threat-intelligence/2022/03/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine/
The day before the invasion of Ukraine by Russian forces on February 24, a new data wiper was unleashed against a number of Ukrainian entities. This malware was given the name “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd. This wiper is remarkable for its ability to bypass Windows security features and gain write access to many low-level data-structures on the disk. In addition, the attackers wanted to fragment files on disk and overwrite them to make recovery almost impossible.
In Ukraine, Online Gig Workers Keep Coding Through the War
https://www.wired.com/story/gig-work-in-ukraine/
Freelancers or gig workers who piece together work on online platforms are a hidden engine of the Ukrainian economyand the world’s. They work as software engineers, project managers, IT technicians, graphic designers, editors, and copywriters. And they work for everyone.
Invading Russian forces have plunged freelancers’ home offices into chaos and uncertainty. Vlad, a video editor in southern Ukraine, says he’s grown accustomed to the air alarm signal, and hiding until it has passed. Now there are battles 30 miles from his home. “But as long as there is water, electricity, and internet, I can work, ” he says.
“Because we all need to live for something, eat
Leaving Russia? Experts Say Wipe Your Phone Before You Go
https://www.forbes.com/sites/thomasbrewster/2022/03/04/russians-escaping-putins-repression-urged-to-wipe-their-phones/
Russians fleeing President Vladimir Putin’s regime as it cracks down on anti-war sentimentand rumors of martial law grow louderare being advised to wipe their phones, especially of any traces of support for Ukraine. If they don’t, experts say they may face detention. They’re starting by deleting messages on Signal, Telegram or any app that promises security. For those leaving the country, they’re deleting the apps themselves, and urging others to do the same. Russian media has first-hand accounts of lengthy interrogations at the border, along with phone and laptop searches, though Forbes could not corroborate those claims.
Why ICANN Won’t Revoke Russian Internet Domains
The organization says cutting the country off would have “devastating” effects on the global internet system.
https://www.wired.com/story/why-icann-wont-revoke-russian-internet-domains/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
Ukraine on Monday asked ICANN to revoke Russian top-level domains such as .ru, .рф, and .su; to “contribute to the revoking for SSL certificates” of those domains; and to shut down DNS root servers in Russia. Fedorov argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
Ukraine’s request to cut Russia off from core parts of the internet has been rejected by the nonprofit group that oversees the Internet’s Domain Name System (DNS). CEO Göran Marby of the Internet Corporation for Assigned Names and Numbers (ICANN) said the group must “maintain neutrality and act in support of the global internet.”
“Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the internet—regardless of the provocations,” Marby wrote in his response to Ukraine Vice Prime Minister Mykhailo Fedorov.
https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf
TikTok Was Designed for War
As Russia’s invasion of Ukraine plays out online, the platform’s design and algorithm prove ideal for the messiness of war—but a nightmare for the truth.
https://www.wired.com/story/ukraine-russia-war-tiktok/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
2,362 Comments
Tomi Engdahl says:
Russian printers juiced by hacker antiwar messages
https://cybernews.com/cyber-war/russian-printers-juiced-by-hacker-antiwar-messages/
Hacktivist group GhostSec has apparently decided that even in modern warfare the pen is mightier than the sword, and is claiming to have remotely hijacked more than 300 Russian printers, forcing them to run antiwar messages until their ink runs dry.
Tomi Engdahl says:
Musk’s Starlink Internet In Ukraine: 1000s Active, “Very Effective”
https://lm.facebook.com/l.php?u=https%3A%2F%2Finsideevs.com%2Fnews%2F575127%2Fmusk-starlink-ukraine-thousands-operating-successfully%2F&h=AT1kmYi-2VdEakxJhwkqVn8-0uLJax8l_tJ_eJbOamxZcIqcGGiI3uagiTesUILybfbSfAQq2xsDDMreoF8SRVx8tjoGrtN4zitM3UscHJLB1p4rVjltvU24STnHC28uBg
According to Ukrainian officials, Elon Musk’s SpaceX has been sending more Starlink terminals to Ukraine, which are now arriving every other day. Moreover, the reports confirm that the quality of the technology’s internet service is excellent.
It wasn’t too long ago that Ukraine’s Minister of Digital Transformation Mykhailo Fedorov reached out to Tesla and SpaceX CEO Elon Musk on Twitter with a request for Starlink satellite internet. Musk said it was active in Ukraine, and terminals were on the way. Within fewer than 48 hours, the terminals arrived in the country.
Tomi Engdahl says:
Venäjälle viedään tietoa sodasta yllättävällä tavalla – tällainen on ”erikoisrakkausoperaatio” https://www.is.fi/digitoday/art-2000008701787.html
Tomi Engdahl says:
https://www.iflscience.com/health-and-medicine/why-people-are-panic-buying-iodine-tablets-amid-fear-of-nuclear-war/
Tomi Engdahl says:
https://www.forbes.com/sites/qai/2022/03/15/improving-your-portfolio-strategy-amid-the-russia-ukraine-conflict/
Tomi Engdahl says:
https://politiikasta.fi/ukraina-muuttuvan-maailmanjarjestyksen-uhrina/
Tomi Engdahl says:
Ukraine’s deputy prime minister says the tech will help provide transparency about how many Russian soldiers are dying in the war. Critics say the use of facial recognition in war zones is a disaster in the making.
Ukraine Starts Using Facial Recognition To Identify Dead Russians And Tell Their Relatives
https://www.forbes.com/sites/thomasbrewster/2022/03/23/ukraine-starts-using-facial-recognition-to-identify-dead-russians-and-tell-their-relatives/?utm_campaign=socialflowForbesMainFB&utm_source=ForbesMainFacebook&utm_medium=social&sh=782e050e2898
Tomi Engdahl says:
Maailman suurin ruuanvalmistaja Nestlé liittyy Venäjältä vetäytyvien yritysten joukkoon: Kitkatin ja Nesquikin myynti Venäjällä loppuu
Nestlé on viime viikkoina saanut kritiikkiä myös kuluttajilta, aktivistiryhmiltä ja poliitikoilta, ettei se ole vetäytynyt kokonaan Venäjältä.
https://www.hs.fi/talous/art-2000008702296.html
Nestle Stops Most of Russian Production, Barring Essentials
Swiss company will stop selling brands like KitKat in Russia
Move comes as Nestle faces political pressure to leave Russia
https://www.bloomberg.com/news/articles/2022-03-23/nestle-to-suspend-russian-production-stick-to-bare-essentials?sref=rWWtxTj8
Tomi Engdahl says:
Venäläistuomioistuimen mukaan mediajätti Meta harjoittaa ääritoimintaa, Facebook ja Instagram pysyvät kielletyinä
Venäjän tiedustelupalvelu FSB:n mukaan Metan toiminta vahingoittaa Venäjän intressejä sen sotilaalliseksi erikoisoperaatioksi nimittämässään sodassa.
https://yle.fi/uutiset/3-12369161
Tomi Engdahl says:
https://www.technologyreview.com/2022/03/21/1047489/activists-are-targeting-russians-with-open-source-protestware/
Tomi Engdahl says:
Venäläiskenraalit Ukrainan maalituksen uhreja – Martti J. Kari: ”Signaalitiedustelu paikansi, ja tykistö eliminoi sen pelistä pois” https://www.is.fi/ulkomaat/art-2000008702925.html
Tomi Engdahl says:
A programmer behind the popular open-source npm program node-ipc poisoned it with malware that erased the hard drives of computers located in Russia or Belarus.
Corrupted open-source software enters the Russian battlefield
https://www.zdnet.com/article/corrupted-open-source-software-enters-the-russian-battlefield/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook
A programmer behind the popular open-source npm program node-ipc poisoned it with malware that erased the hard drives of computers located in Russia or Belarus.
It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia’s invasion of Ukraine. But then, it took a darker turn: It began destroying computers’ file systems.
To be exact, Miller added code that would delete the file system of any computer with a Russian or Belorussian IP address. Then, its maintainer added the module as a dependency to the extremely popular node-ipc mode. Node-ipc, in turn, is a popular dependency that many JavaScript programmers use. And it went from annoying to a system destroyer.
The code has undergone several changes since it first appeared, but it must be regarded as highly dangerous. Underlining its potential for damage, Miller encoded his code changes in base-64 to make it harder to spot the problem by simply reading the code.
According to developer security company Snyk, which uncovered the problem, “node-ipc (versions >=10.1.1 <10.1.3) is a malicious package. This package contains malicious code that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji." It's now being tracked as CVE-2022-23812. Synk gives this corrupted open-was able to source package a critical Common Vulnerability Scoring System (CVSS) rating of 9.8, critical.
In other words, you simply shouldn't use it at all. Period.
Tomi Engdahl says:
But all that said, this “protestware” sets a dangerous precedent. As one programmer on GitHub wrote, “What’s going to happen with this is that security teams in Western corporations that have absolutely nothing to do with Russia or politics are going to start seeing free and open-source software as an avenue for supply chain attacks (which this totally is) and simply start banning free and open-source software — all free and open-source software — within their companies. Or at least all of it which is community maintained. This will have no positive effect for Ukrainians, you idiot, and will only hurt FOSS [Free and open-source software] adoption.” Exactly so.
Tomi Engdahl says:
Elon Musk’s SpaceX has activated more than 5,000 Starlink internet terminals in Ukraine, report says
https://lm.facebook.com/l.php?u=https%3A%2F%2Fwww.businessinsider.com%2Felon-musk-spacex-starlink-satellite-terminals-active-ukraine-internet-2022-3&h=AT2HBrdkFFUZcSUNC7yIFEoyDgAXgHFNaXUNpmRV2u-m1rApWVXBhpcd210xTQdCbk2KFkY1N1Aqj72ZFjjntM8zBBC-i2bWnxxH-37Wz8C-7l11ObmPwNcYS29WZoeQcg
Tomi Engdahl says:
Ukraina saattoi kaapata todellisen tiedustelutiedon aarreaitan https://www.is.fi/digitoday/art-2000008703669.html
Tomi Engdahl says:
https://www.visualcapitalist.com/visualizing-the-eus-energy-dependency/
Tomi Engdahl says:
Putin’s Road to War: Julia Ioffe (interview) | FRONTLINE
https://m.youtube.com/watch?v=kSNo2FPQDQw
Tomi Engdahl says:
For some Ukrainian tech startups, the normal tasks of shipping code and ramping up sales have been replaced with mapping escape routes and paying colleagues fighting with the army.
Ukraine Tech Startups Pivot From Software Code to Rescue Plans
https://www.wsj.com/articles/ukraine-tech-startups-pivot-from-software-code-to-rescue-plans-11647781202?mod=e2fb&fbclid=IwAR3kAAuAz3NMWdWDQWAQLTNqTClPYJgpat1BPDM8ZU_hvssxRJXszIDeBJI
Tech leaders with operations in Ukraine are mapping escape routes and paying workers to fight with the army; ‘our plan is winning this war’
Tomi Engdahl says:
Putinin kerrotaan hylänneen Venäjän keskuspankin johtajan eronpyynnön – nyt Elvira Nabiullina jatkanee vastentahtoisesti virassaan
Useiden länsimaisten lähteiden mukaan Nabiullina pyysi eroa tehtävästään Venäjän hyökättyä Ukrainaan. Presidentti Putin esti aikeen, ja Nabiullina jatkanee uuden viisivuotiskauden virassaan.
https://yle.fi/uutiset/3-12373263?utm_source=social-media-share&utm_medium=social&utm_campaign=ylefiapp
Tomi Engdahl says:
https://www.flightradar24.com/RRR7230/2b3fb799
Tomi Engdahl says:
Russia Has Destroyed The Lab That Monitors Chernobyl Radiation Levels, Ukraine Says
https://www.iflscience.com/technology/russia-has-destroyed-the-lab-that-monitors-chernobyl-radiation-levels-ukraine-says/
Russian invading forces have robbed and destroyed a lab in the Chornobyl Nuclear Power Planet complex used to monitor radiation levels at the decommissioned plant and the area around it, the State Agency of Ukraine for Exclusion Zone Management has announced.
https://m.facebook.com/dazv.gov.ua/posts/pfbid02V9pq4c3CxhawHLnFWzAamyS7Z8LonJH6mr1Q52ZePwe3i4fH7KrzT8wxt1TrQgP1l
Tomi Engdahl says:
https://www.iflscience.com/technology/advanced-russian-tech-has-been-captured-by-ukrainian-army-offering-military-secrets/
Tomi Engdahl says:
https://en.m.wikipedia.org/wiki/Krasukha_(electronic_warfare_system)
https://www.armyrecognition.com/defense_news_february_2022_global_security_army_industry/russian_army_deploys_1rl257_krasukha-4_electronic_warfare_systems.amp.html
Tomi Engdahl says:
https://thenewstack.io/the-work-war-balance-of-open-source-developers-in-ukraine/
Tomi Engdahl says:
Nytkö se alkaa? Seitsemän hybridiasetta joilla Venäjä voi painostaa suomalaisia, jos aiomme liittyä Natoon
Venäjä voisi luoda puheillaan ja teoillaan suomalaisiin hermostuneisuutta, pelkoa ja eripuraa Natoon liittymisen seurauksista ja vaikuttaa siten päätöksentekoon.
https://yle.fi/uutiset/3-12372342
Tomi Engdahl says:
Venäjän hyökkäys Ukrainaan on kestänyt tasan kuukauden – nämä seitsemän asiaa yllättivät kaikki
Venäjän hyökkäyssota Ukrainaan on näyttänyt monia asioita, mitä ei ole osattu ennakoida. Selvää on, että paljon on muuttunut pysyvästi niin Ukrainassa, Venäjällä, Euroopassa kuin Suomessakin
https://yle.fi/uutiset/3-12370775
Tomi Engdahl says:
Since Russia launched its invasion of Ukraine a month ago, more than half of the country’s children have been displaced internally or fled to neighboring countries, the United Nations’ children’s agency Unicef said on Thursday
https://lm.facebook.com/l.php?u=https%3A%2F%2Ftrib.al%2FrX8QJHs&h=AT1PMoh8F53XFNkQOWtWRzOBBuGTAM1xGbnu0uNtppDSL3UQXFJvluVLm2f90NPVXuXvb1RY7UXFbpuOll7SBRW3yf5nW4qEP98apDVLityIqgPo_V8nrWAQH4svhydDNQ
Tomi Engdahl says:
The push to get Ukraine news past the Kremlin’s wall of propaganda is prompting innovative—and old-school—strategies.
https://www.forbes.com/sites/martyswant/2022/03/24/lottery-numbers-blockchain-articles-and-cold-calls-to-moscow-how-activists-are-using-new-tools-to-outsmart-russian-censors/?sh=672079da6e89&utm_source=ForbesMainFacebook&utm_campaign=socialflowForbesMainFB&utm_medium=social
Tomi Engdahl says:
Israel kielsi tehokkaan vakoiluohjelman myynnin Ukrainalle – ei halunnut suututtaa Venäjää https://www.is.fi/digitoday/tietoturva/art-2000008704709.html
Tomi Engdahl says:
BlackRock CEO and chairman Larry Fink: “The Russian invasion of Ukraine has put an end to the globalization we have experienced over the last three decades.” https://trib.al/MYrAYQ5
Tomi Engdahl says:
Overextending and Unbalancing Russia
Assessing the Impact of Cost-Imposing Options
https://www.rand.org/pubs/research_briefs/RB10014.html
This brief summarizes a report that comprehensively examines nonviolent, cost-imposing options that the United States and its allies could pursue across economic, political, and military areas to stress—overextend and unbalance—Russia’s economy and armed forces and the regime’s political standing at home and abroad. Some of the options examined are clearly more promising than others, but any would need to be evaluated in terms of the overall U.S. strategy for dealing with Russia, which neither the report nor this brief has attempted to do.
The maxim that “Russia is never so strong nor so weak as it appears” remains as true in the current century as it was in the 19th and 20th.
Tomi Engdahl says:
https://www.npr.org/2022/03/24/1088480292/ukraine-russia-war-simon-shuster
Tomi Engdahl says:
Puzzling Out the Drone War Over Ukraine To date, Russia has had little to show for a $9 billion investment in UAVs
https://spectrum.ieee.org/ukraine-drone-war?utm_campaign=RebelMouse&socialux=facebook&share_id=6972681&utm_medium=social&utm_content=IEEE+Spectrum&utm_source=facebook
Tomi Engdahl says:
Venäjän presidentti Vladimir Putin on allekirjoittanut lain, joka mahdollistaa jopa 15 vuoden vankeusrangaistuksen henkilölle, joka levittää Venäjän valtiojohdon mielestä väärää tietoa Venäjän toimista ulkomailla.
https://yle.fi/uutiset/3-12314941
Tomi Engdahl says:
Venäjä-mielinen iltapäivälehti julkaisi venäläissotilaiden kuolinluvut – syyttää hakkereita
Lehden sivuilla julkaistujen virheellisten tietojen mukaan Ukrainan sodassa olisi kuollut lähes 10 000 venäläissotilasta.
https://www.iltalehti.fi/ulkomaat/a/be648523-47bf-4f52-b0bf-c42bdbe1c46e
Tomi Engdahl says:
Pääkirjoitus: Shokki voi pian levitä Venäjällä, kun totuus valkenee – mitä siitä seuraa Suomelle?
Valtteri VarpelaJos Venäjällä alkaa valtakamppailu, seuraukset voivat olla arvaamattomia Suomen kannalta, kirjoittaa Iltalehden uutispäätoimittaja Valtteri Varpela.
https://www.iltalehti.fi/paakirjoitus/a/ef192355-54ec-4e67-8001-7b28664b7786
Tomi Engdahl says:
Israel blocked Ukraine from buying Pegasus spyware, fearing Russia’s anger
Revelation of denial offers new insight into the way Israel’s relationship with Moscow has undermined Ukrainian objectives
https://www.theguardian.com/world/2022/mar/23/israel-ukraine-pegasus-spyware-russia
Tomi Engdahl says:
Sanoma jatkaa mainonnan sulkemista pois uutissivustoiltaan Ukrainan sodan vuoksi
https://media.sanoma.fi/kirjoituksia-markkinoinnista/2022-03-16-sanoma-jatkaa-mainonnan-sulkemista-pois-uutissivustoiltaan?utm_source=facebook&utm_medium=social&utm_campaign=b2b_vk_kirjoituksia_markkinoinnista&utm_content=brand_safety&fbclid=IwAR1JEzpos5jdjDHyRZHvcL2q6l11PV9htp36SGU3AbpW4VX0obH7vB_PrNs
Tällä hetkellä mainontaa ei näy artikkeleissa, jotka käsittelevät sodan aiheuttamia inhimillisiä kärsimyksiä.
Mainontaa voi olla sodan seurauksia käsittelevissä talousuutisissa, kuten talouspakotteita, Suomen turvallisuuspolitiikkaa ja Euroopan tekemiä avustustoimenpiteitä koskevissa artikkeleissa.
Tomi Engdahl says:
BlackRock CEO and chairman Larry Fink: “The Russian invasion of Ukraine has put an end to the globalization we have experienced over the last three decades.” https://trib.al/TdJp4uU
Tomi Engdahl says:
The ongoing conflict in Ukraine is making it progressively more difficult for the country to export grain, Ukrainian Agriculture Minister Mykola Solskyi said in a televised briefing Saturday, warning the situation is having a “dramatic” impact on global markets.
Russian Invasion Reducing Ukraine’s Grain Exports To A Trickle, Agriculture Minister Warns
https://lm.facebook.com/l.php?u=https%3A%2F%2Ftrib.al%2FeTSyCEC&h=AT0Gise9cpbCMJWDBBxD7V7YQeBvkmLlTKkU9gN_HB9mR1WEKHI3AgKjplyyy9cwgt2FoRA-EIkJ3nn5WfZ2LC51mzRb8ZCxRJ6qwLyuc-IWeCtTvB10Y3vMqYT8XoGetA
Ukraine was the world’s sixth-largest exporter of wheat in 2021 with a 10% share of the market, shipping 20 million tons of wheat and meslin (a mixture of wheat and rye), according to the United Nations, and the country is also one of the world’s top exporters of barley and sunflower seeds.
The U.N. predicted that somewhere between 20% to 30% of Ukraine’s crops would be left unharvested in the 2022-23 season due to Russia’s attack on Ukraine.
The drop in Ukraine’s grain exports could increase international food and feed prices by 8% to 22% above current levels, the U.N. said, which were already sharply elevated.
Tomi Engdahl says:
An undercover journalist has exposed the inner workings of Russia’s notorious “troll factory” which aims to boost domestic support for Vladimir Putin’s invasion of Ukraine by flooding social media with pro-Kremlin comments.
https://www.telegraph.co.uk/news/2022/03/22/inside-russias-notorious-troll-factory-flooding-social-media/
Tomi Engdahl says:
Anonymous-hakkeri on tulostanut jo yli 100 000 sivua paperia Venäjälle ja kaapannut kameroita – nyt hän kertoo sodastaan https://www.is.fi/digitoday/art-2000008706759.html
Tomi Engdahl says:
https://koneensaatio.fi/tarinat-ja-julkaisut/ukrainan-sota-kun-venaja-aloitti-informaatiosodan-tutkija-huolestui-vanhemmistaan-ita-ukrainassa/
Tomi Engdahl says:
https://journalisti.fi/nakokulmat/2022/03/ukrainan-sodan-tarinassa-ei-ole-tilaa-pikkunapparalle-ironialle/
Tomi Engdahl says:
Confirmed: Anonymous Hacks Central Bank of Russia; Leaks 28GB of Data
https://www.hackread.com/anonymous-hacks-central-bank-russia-leaks-28gb-data/
One of the Anonymous affiliate groups going by the Twitter handle of @Thblckrbbtworld has leaked 28GB worth of Central Bank of Russia data in support of Ukraine.
On the other hand, Distributed Denial of Secrets (aka DDoSecrets), a non-profit whistleblower organization has also announced archiving the entire data on its official website earlier today.
On Twitter, @YourAnonNews, one of the largest social media representatives of the Anonymous movement also confirmed the hack stating that “Russian Central Bank hack is confirmed and will be released soon via DDoSecrets.”
It is worth noting that on March 23rd, 2022, Anonymous had claimed to hack the Central Bank of Russia and steal 35,000 files. The group went on to claim “We have your economic secrets now, you will tremble with fear, Putin.” To verify their initial claims the group had also tweeted copies of banking documents in the Russian language.
The Central Bank of Russian Federation leak (28 GB) has been published by Anonymous. We distributed these documents to various points of the internet. If the links are censored, we will share them on different links.
Anonymous
Tomi Engdahl says:
The Fragile Open Source Ecosystem Isn’t Ready for ‘Protestware’
A recent uptick in disruptions to open source software, including incidents aimed at objecting to Russia’s war in Ukraine, have left the community on edge.
https://www.wired.com/story/open-source-sabotage-protestware/
A STRING OF “sabotage” incidents in open source software is reigniting discussions of how to safeguard projects that underpin digital platforms and networks around the world. Many of the recent incidents have been dubbed “protestware” because they relate to open source developers making code changes to express support for Ukraine amidst Russia’s invasion and ongoing attack of the country.
Tomi Engdahl says:
SpaceX’s Starlink internet poses danger for users in Ukraine because they can’t camouflage the ‘distinctive’ dish that emits radio signals, experts say
https://lm.facebook.com/l.php?u=https%3A%2F%2Fwww.businessinsider.com%2Fspacex-starlink-internet-ukraine-elon-musk-experts-dangerous-target-risk-2022-3&h=AT3D7tUxG-ZM6KHMPbcA44f3EO3VnUAa8iodIN98krowJijBEw1dWRswNLEdw-3pH2Z8LcqMUhZhdeKM0nqYXZ5l_svr2K5lfFNWB2dUxY3gqX2RN8JLvkJkt7Cq1Bmyyg
SpaceX’s satellite internet network, Starlink, presents risks for those using the system in Ukraine during the war against Russia, cybersecurity experts told Insider.
Since SpaceX sent Starlink equipment to Ukraine, safety concerns have been raised for users in the country because of the threat of Russian troops — even Musk has warned Starlink users in Ukraine to use the system with caution.
“There are some features of Starlink that make it different from previous generations of satellite communications technology used in conflicts,” John Scott-Railton, a senior researcher at Citizen Lab at the University of Toronto’s Munk School, told Insider.
Here’s why Starlink could endanger its users in Ukraine, according to experts:
Starlink terminals are ‘visually distinctive’
Musk has advised users to cover the Starlink terminal — the dish which connects to the satellites — with “light camouflage” to avoid being detected. He also told users to place the antenna as far away from people as possible and to turn the system on “only when needed.”
Starlink is ‘high-profile’
Since launching in October 2020, Starlink’s user base has grown to more than 145,000 users in 25 countries recorded at the start of this year.
Radio signals are trackable
Starlink, like any kind of communication technology, emits radio signals — but they can be tracked down, Scott-Railton said.
Jason Healey, senior research scholar at Columbia University’s School of International and Public Affairs (SIPA), told Insider: “Any modern military can typically either triangulate those signals to target them with artillery or airstrikes or use a missile which hones in directly on such signals.”
“If Russia cared and had a suitable electronic warfare plane in the air, they should be able to easily locate and identify the transmitter … the plane is able to literally point out where on the ground the Starlink dish lies,” he said.
Tomi Engdahl says:
Russia’s attack on Ukraine transformed Europe within a matter of days. Our researchers consider the war initiated by Putin to be an enormous miscalculation.
Putin’s attack on Ukraine can turn the Russian people against him and elevate Germany into a military power
https://www.helsinki.fi/en/news/democracy/putins-attack-ukraine-can-turn-russian-people-against-him-and-elevate-germany-military-power?utm_source=facebook&utm_medium=social_owned&fbclid=IwAR0knavKliWpj4oXci_xAq23cvc4N5z4pI6hvlHYmy-EQRNtRtsL2PMOckA
Tomi Engdahl says:
Sota muuttaa tapaamme käyttää emojeita: Auringonkukat täplittävät somea, kun ihmiset haluavat osoittaa sympatiansa Ukrainalle
https://yle.fi/uutiset/3-12365183
Auringonkukka vilahtaa vähän väliä vihreänä, kun seuraa Emojitracker-sivustoa (siirryt toiseen palveluun). Sivusto näyttää reaaliajassa, mitä emojeita käytämme Twitterissä. Ukrainan kansalliskukka näyttää olevan listalla, mutta kärjessä jyräävät vuodesta toiseen samat kestosuosikit. Emojit ovat nykyään osa sanavarastoa, kun viestimme toisillemme digitalisessa ympäristössä.
Helsinkiläinen senior copy writer Petteri Puustinen Duran Creativesta on emojien tuntija myös työnsä puolesta. Hänen mukaansa emojeja käyttävät lähes kaikki. Niitä näkyy nykyään jopa yritysten virallisessa viestinnässä.
Tomi Engdahl says:
Top Russian meat producer hit with Windows BitLocker encryption attack https://www.bleepingcomputer.com/news/security/top-russian-meat-producer-hit-with-windows-bitlocker-encryption-attack/
Moscow-based meat producer and distributor Miratorg Agribusiness Holding has suffered a major cyberattack that encrypted its IT systems, according to a report from Rosselkhoznadzor – the Russian federal veterinary and phytosanitary supervision service. The announcement notes that the attackers leveraged the Windows BitLocker feature to encrypt files, essentially performing a ransomware attack.
According to the agency, the reason behind the attack appears to be sabotage and not financial, since Miratorg is one of Russia’s largest and food suppliers. The point of compromise was VetIS, a state information system used by veterinary services and companies engaging in the field, making it likely a supply chain compromise, although more clarification is needed in this regard.