Ukraine and Russia seems to be at the moments on both traditional and cyber war. We could call that hybrid warfare. We are at a cyber war. Countless examples exist of damage to infrastructure from hostile acts via computer attacks. Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar. On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. Russia started to conduct attacks to Ukraine on February 24. Before physical attacks Russia did several cyber attacks towards IT systems in Ukraine.
Here are links to some material on the cyber side of this war:
How the Eastern Europe Conflict Has Polarized Cyberspace
https://blog.checkpoint.com/2022/02/27/how-the-eastern-europe-conflict-polarized-cyberspace/
The war between Russia and Ukraine is advancing. People everywhere are deciding who they will support. The same dynamic happens in the cyberspace. Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices. Historically, Russia has had superiority over Ukraine in the cyberspace. And last week, Ukraine was attacked by destructive wiping malware. However, the situation is starting to change, as most of the non-nation cyber state actors are taking the side of Ukraine. To defend itself, the Ukrainian government has created an international IT army of hacktivists.
As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
https://techcrunch.com/2022/03/02/as-war-escalates-in-europe-its-shields-up-for-the-cybersecurity-industry/
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns. We are fielding a growing number of inquiries about these aspects and our work, and therefore we are putting in one place a short summary about them in this blog. This includes four areas: protecting Ukraine from cyberattacks; protection from state-sponsored disinformation campaigns; support for humanitarian assistance; and the protection of our employees.. Also:
https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/
Ukraine: Cyberwar creates chaos, ‘it won’t win the war’
https://www.dw.com/en/ukraine-cyberwar-creates-chaos-it-wont-win-the-war/a-60999197
There have been at least 150 cyberattacks in Ukraine since Russia’s invasion. Their effect is mainly psychological, and experts say they won’t decide the war.
Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar.
The global technology company Microsoft has said its Threat Intelligence Center (MSTIC) detected “destructive cyberattacks directed against Ukraine’s digital infrastructure” hours before the first launch of missiles or movement of tanks on February 24.
Those attacks, which Microsoft dubbed FoxBlade, included so-called wipers — malicious software or malware — that make their way inside computer networks and literally wipe the data from all connected devices.
Cybersecurity experts in Germany have said there have been over a hundred cyberattacks, in various forms, since then. But their effect has mainly been psychological.
Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine
https://time.com/6153902/russia-major-cyber-attacks-invasion-ukraine/
In the relatively short and rapidly evolving history of cyber conflict, perhaps nothing has been established with greater certainty and more widely accepted than the idea that Russia has significant cyber capabilities and isn’t afraid to use them—especially on Ukraine. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and the virus quickly spread across the globe costing businesses billions of dollars in damage and disruption.
As tensions escalated between Russia and Ukraine, many people were expecting the conflict to have significant cyber components.
But as the invasion continues with few signs of any sophisticated cyber conflict, it seems less and less likely that Russia has significant cyber capabilities in reserve, ready to deploy if needed. Instead, it begins to look like Russia’s much vaunted cyber capabilities have been neglected in recent years, in favor of developing less expensive, less effective cyber weapons that cause less widespread damage and are considerably easier to contain and defend against. For instance, many of the cyberattacks directed at Ukraine in the past month have been relatively basic distributed denial-of-service attacks.
Given Russia’s past willingness to deploy cyberattacks with far-reaching, devastating consequences, it would be a mistake to count out their cyber capabilities just because they have so far proven unimpressive. And it’s all but impossible to prove the absence of cyber weapons in a nation’s arsenal. But the longer the conflict goes on without any signs of sophisticated cyber sabotage, the more plausible it becomes that the once formidable Russian hackers are no longer playing a central role in the country’s military operations.
Crowd-sourced attacks present new risk of crisis escalation
https://blog.talosintelligence.com/2022/03/ukraine-update.html
An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques.
Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well. Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine. Based on data from our fellow researchers at Cisco Kenna, customers should be most concerned about threat actors exploiting several recently disclosed vulnerabilities, highlighting the importance of consistently updating software and related systems.
Russia, Ukraine and the Danger of a Global Cyberwar
https://www.securityweek.com/russia-ukraine-and-danger-global-cyberwar
On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. At the time of writing, it is not yet a full invasion of Ukraine, but Russia did conduct attacks on February 24, hitting cities with airstrikes and artillery in what was called a “special military operation” by Russian President Vladamir Putin.
Russia has been waging its own cyberwar against Ukraine for many years.
Since the beginning of 2022, however, it seems that Russian cyber activity against Ukraine has increased. This includes evidence that wiper malware has again disrupted some Ukrainian government networks, and attacks from the FSB-linked Gamaredon have targeted around 5,000 entities, including critical infrastructure and government departments. So far, however, there has not been the same scale of disruption as occurred in 2015, 2016 and 2017.
The purpose of such cyber activity is to weaken critical infrastructure, damage government’s ability to respond to any aggression, and to demoralize the population.
The U.S. has been warning the rest of the world against a potential widening scope of Russian cyber activity, and that cyber defenses generally should be tightened.
“Part of the worry,” said Willett, “is that cyberattacks against Ukraine might bleed over, like NotPetya, to affect other countries and cause wider damage unintentionally. There is some concern that the Russians may intentionally do stuff more widely, but that would probably be in retaliation for something that the U.S. or NATO might do.
This raises the whole question of ‘attribution’. The received belief is it is impossible to do accurate cyber attribution. ““It would be a mistake for any one nation to think it could attack another without being known,” said Willett.That is absolutely wrong,” said Willett.
But accidents happen. The two iconic cyberweapons have been Stuxnet and NotPetya. It is assumed that the U.S. developed Stuxnet (although this has never been admitted). NotPetya has been confidently attributed to the Russian government. Both malwares escaped from their assumed targets into the wider world. This was probably accidental – but similar accidents could lead to wider implications during a period of global geopolitical tension.
On the morning of February 24, 2022, Russian troops invaded Ukraine. This was accompanied by a further increase in cyber activity.
Ukraine Digital Army Brews Cyberattacks, Intel and Infowar
https://www.securityweek.com/ukraine-digital-army-brews-cyberattacks-intel-and-infowar
Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence.
Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.
The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.
The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.
It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.
Ukraine Cyber Official: We Only Attack Military Targets
https://www.securityweek.com/ukraine-cyber-official-we-only-attack-military-targets
A top Ukrainian cybersecurity official said Friday a volunteer army of hundreds of hackers enlisted to fight Russia in cyberspace is attacking only what it deems military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
Victor Zhora, deputy chair of the state special communications service, also said that there had been about 10 hostile hijackings of local government websites in Ukraine to spread false text propaganda saying his government had capitulated. He said most of Ukraine’s telecommunications and internet were fully operational.
Zhora told reporters in a teleconference that presumed Russian hackers continued to try to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — trying to infect the devices of individual citizens.
Army of Cyber Hackers Rise Up to Back Ukraine
https://www.securityweek.com/army-cyber-hackers-rise-back-ukraine
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other “hacktivists” to stay out of a potentially very dangerous computer war.
According to Livia Tibirna, an analyst at cyber security firm Sekoia, nearly 260,000 people have joined the “IT Army” of volunteer hackers, which was set up at the initiative of Ukraine’s digital minister Mykhailo Fedorov.
The group, which can be accessed via the encrypted messaging service Telegram, has a list of potential targets in Russia, companies and institutions, for the hackers to target.
It’s difficult to judge the effect the cyber-army is having.
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Russia Blocks Access to Facebook Over War
https://www.securityweek.com/russia-blocks-access-facebook-over-war
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine.
The agency, Roskomnadzor, said Friday it decided to cut access to Facebook over its alleged “discrimination” of the Russian media and state information resources. It said the restrictions introduced by Facebook owner Meta on the RT and other state-controlled media violate the Russian law.
Cyberattack Knocks Thousands Offline in Europe
https://www.securityweek.com/cyberattack-knocks-thousands-offline-europe
Thousands of internet users across Europe have been thrown offline after what sources said Friday was a likely cyberattack at the beginning of Russia’s offensive in Ukraine.
According to Orange, “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a “cyber event” on February 24 at Viasat, a US satellite operator of which it is a client.
Eutelsat, the parent company of the bigblu satellite internet service, also confirmed to AFP on Friday that around one-third of bigblu’s 40,000 subscribers in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were affected by the outage on Viasat.
In the US, Viasat said on Wednesday that a “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
Viasat gave no further details, saying only that “police and state partners” had been notified and were “assisting” with investigations.
General Michel Friedling, head of France’s Space Command said there had been a cyberattack.
Cybercriminals Seek to Profit From Russia-Ukraine Conflict
https://www.securityweek.com/cybercriminals-seek-profit-russia-ukraine-conflict
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations.
Just over a month ago, soon after the destructive WhisperGate attacks on multiple government, IT, and non-profit organizations in Ukraine, threat actors started to advertise on the dark web access to both breached networks and databases that allegedly contained personally identifiable information (PII).
Amid Russian invasion, Ukraine granted formal role with NATO cyber hub https://therecord.media/amid-russian-invasion-ukraine-granted-formal-role-with-nato-cyber-hub/
Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col.
Jaak Tarien, the institution’s director, said in a statement.
This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
In the days following Russia’s invasion of Ukraine, dozens of hacking groups have taken sides in the conflict, launching attacks on various organizations and government institutions. Cyber Unit Technologies, a Kyiv-based cybersecurity startup, has been particularly outspoken on Tuesday, the company started a campaign to reward hackers for taking down Russian websites and pledged an initial $100, 000 to the program.
High Above Ukraine, Satellites Get Embroiled in the War
https://www.wired.com/story/ukraine-russia-satellites/
While the Russian invasion rages on the ground, companies that operate data-collecting satellites find themselves in an awkward position.
Some researchers are worried that the reliance on satellite imagery has given too much power to the companies that control this technology. “There’s companies like Maxar and Planet that are privately owned and they have the final say on whether or not they want to share the information, ” says Anuradha Damale. The role of private companies in conflicts such as Ukraine means commercial satellites could become targets. In the days before Russia invaded, US space officials warned satellite companies that the conflict could extend into space.
CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations
CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.
Alert: https://www.cisa.gov/uscert/ncas/alerts/aa22-057a
US firms should be wary of destructive malware unleashed on Ukraine, FBI and CISA warn – CNNPolitics
https://www.cnn.com/2022/02/26/politics/ukraine-malware-warning-cybersecurity-fbi-cisa/index.html
EU Activates Cyber Rapid Response Team Amid Ukraine Crisis
https://www.bankinfosecurity.com/eu-activates-cyber-rapid-response-team-amid-ukraine-crisis-a-18584
Amid rapid escalation in the Russia-Ukraine conflict derived from historical grievances and qualms with Ukraine’s plan to join the military alliance NATO, the world’s network defenders remain on high alert. And on Tuesday, the European Union confirmed that it will activate its elite cybersecurity team to assist Ukrainians if Russian cyberattacks occur.
UK alludes to retaliatory cyber-attacks on Russia
https://therecord.media/uk-alludes-to-retaliatory-cyber-attacks-on-russia/
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.
Amazon: Charities, aid orgs in Ukraine attacked with malware
https://www.bleepingcomputer.com/news/security/amazon-charities-aid-orgs-in-ukraine-attacked-with-malware/
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia’s war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.
Ransomware Used as Decoy in Destructive Cyberattacks on Ukraine
https://www.securityweek.com/ransomware-used-decoy-destructive-cyberattacks-ukraine
Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine
https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine
Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
The new malware, dubbed “HermeticWiper” by the cybersecurity community, is designed to erase infected Windows devices. The name references a digital certificate used to sign a malware sample — the certificate was issued to a Cyprus-based company called Hermetica Digital.
“At this time, we haven’t seen any legitimate files signed with this certificate. It’s possible that the attackers used a shell company or appropriated a defunct company to issue this digital certificate,” explained endpoint security firm SentinelOne, whose researchers have been analyzing the new malware.
The malware has also been analyzed by researchers at ESET and Symantec. Each of the companies has shared indicators of compromise (IoCs) associated with HermeticWiper.
ESET first spotted HermeticWiper on Wednesday afternoon (Ukraine time) and the company said hundreds of computers in Ukraine had been compromised.
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/
On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. Our analysis shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure. This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack. This sample is actively being used against Ukrainian organizations, and this blog will be updated as more information becomes available. Also:
https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/
HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine https://blog.malwarebytes.com/threat-intelligence/2022/03/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine/
The day before the invasion of Ukraine by Russian forces on February 24, a new data wiper was unleashed against a number of Ukrainian entities. This malware was given the name “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd. This wiper is remarkable for its ability to bypass Windows security features and gain write access to many low-level data-structures on the disk. In addition, the attackers wanted to fragment files on disk and overwrite them to make recovery almost impossible.
In Ukraine, Online Gig Workers Keep Coding Through the War
https://www.wired.com/story/gig-work-in-ukraine/
Freelancers or gig workers who piece together work on online platforms are a hidden engine of the Ukrainian economyand the world’s. They work as software engineers, project managers, IT technicians, graphic designers, editors, and copywriters. And they work for everyone.
Invading Russian forces have plunged freelancers’ home offices into chaos and uncertainty. Vlad, a video editor in southern Ukraine, says he’s grown accustomed to the air alarm signal, and hiding until it has passed. Now there are battles 30 miles from his home. “But as long as there is water, electricity, and internet, I can work, ” he says.
“Because we all need to live for something, eat
Leaving Russia? Experts Say Wipe Your Phone Before You Go
https://www.forbes.com/sites/thomasbrewster/2022/03/04/russians-escaping-putins-repression-urged-to-wipe-their-phones/
Russians fleeing President Vladimir Putin’s regime as it cracks down on anti-war sentimentand rumors of martial law grow louderare being advised to wipe their phones, especially of any traces of support for Ukraine. If they don’t, experts say they may face detention. They’re starting by deleting messages on Signal, Telegram or any app that promises security. For those leaving the country, they’re deleting the apps themselves, and urging others to do the same. Russian media has first-hand accounts of lengthy interrogations at the border, along with phone and laptop searches, though Forbes could not corroborate those claims.
Why ICANN Won’t Revoke Russian Internet Domains
The organization says cutting the country off would have “devastating” effects on the global internet system.
https://www.wired.com/story/why-icann-wont-revoke-russian-internet-domains/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
Ukraine on Monday asked ICANN to revoke Russian top-level domains such as .ru, .рф, and .su; to “contribute to the revoking for SSL certificates” of those domains; and to shut down DNS root servers in Russia. Fedorov argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
Ukraine’s request to cut Russia off from core parts of the internet has been rejected by the nonprofit group that oversees the Internet’s Domain Name System (DNS). CEO Göran Marby of the Internet Corporation for Assigned Names and Numbers (ICANN) said the group must “maintain neutrality and act in support of the global internet.”
“Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the internet—regardless of the provocations,” Marby wrote in his response to Ukraine Vice Prime Minister Mykhailo Fedorov.
https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf
TikTok Was Designed for War
As Russia’s invasion of Ukraine plays out online, the platform’s design and algorithm prove ideal for the messiness of war—but a nightmare for the truth.
https://www.wired.com/story/ukraine-russia-war-tiktok/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
1,837 Comments
Tomi Engdahl says:
Todella pitkä artikkeli sillan tuhosta ja mm. kuinka siihen on reagoitu ja mikä on länsiliittouman suunnitelma Krimin takaisinvaltaamisesta.
https://www.dailymail.co.uk/news/article-11295027/Today-sunny-cloudy-Crimea-Zelensky-pokes-fun-Putins-humiliation.html
Tomi Engdahl says:
https://www.iltalehti.fi/kotimaa/a/157bca51-5b4d-4398-924b-efd24b7fc13e
Tomi Engdahl says:
https://www.mtvuutiset.fi/artikkeli/isw-putin-ei-ole-enaa-pyha-venajalla-sotakommentaattorit-kritisoivat-ensi-kertaa-suoraan-presidenttia-kertshinsillan-rajahdyksen-myota/8532378#gs.ekgase
Tomi Engdahl says:
https://www.iltalehti.fi/ulkomaat/a/27f9a7b8-6210-4e78-836e-17749831a605
https://www.iltalehti.fi/ulkomaat/a/bfd3318b-3ce2-4ff7-aac8-ec2522a9c0ff
Tomi Engdahl says:
Putin: Venäjä iski Ukrainan energiainfrastruktuuriin – lisäsi kylmäävän uhkauksen https://www.is.fi/ulkomaat/art-2000009092587.html
Tomi Engdahl says:
U.S. Navy jet flew across Baltic hours after Nord Stream burst
https://www.reuters.com/business/energy/exclusive-us-navy-jet-flew-across-baltic-hours-after-nord-stream-burst-2022-10-07/
A U.S. Navy reconnaissance aircraft flew near the site of the ruptured Nord Stream 2 pipeline in the Baltic Sea hours after the first damage emerged, according to tracking reviewed by Reuters, a flight Washington said was routine.
Russia’s Nord Stream 1 and 2 pipelines burst on Sept. 26, draining gas into the Baltic Sea off the coast of Denmark and Sweden. Seismologists registered explosions in the area, and police in several countries have launched investigations.
Flight data showed a P-8A Poseidon maritime patrol and reconnaissance plane was over the North Sea at 0003 GMT when Swedish seismologists registered what they later described as a subsea blast southeast of Bornholm Island in the Baltic Sea.
The plane, which had flown from Iceland, performed a pattern of regular racetrack-shaped circuits over Poland before breaking away towards the Baltic pipeline area, data showed.
U.S. Navy confirmed it was an American aircraft when presented with data by Reuters.
“The U.S. Navy P-8A Poseidon aircraft shown in the tracking data conducted a routine Baltic Sea maritime reconnaissance flight, unrelated to the leaks from the Nord Stream pipelines,” a U.S. Navy spokesperson said.
3 minute readOctober 7, 20229:47 PM GMT+3Last Updated 2 days ago
U.S. Navy jet flew across Baltic hours after Nord Stream burst
By Nerijus Adomaitis
, Tim Hepher and Phil Stewart
Gas leak at Nord Stream 2 as seen from the Danish F-16 interceptor on Bornholm
Gas leak at Nord Stream 2 as seen from the Danish F-16 interceptor on Bornholm, Denmark September 27, 2022. Danish Defence Command/Forsvaret Ritzau Scanpix/via REUTERS
Summary
Companies
Tracking data shows jet flew near site of Nord Stream 2 hours after first damage
U.S. navy confirmed it was an American aircraft
Says flight was routine
OSLO/PARIS/WASHINGTON, Oct 7 (Reuters) – A U.S. Navy reconnaissance aircraft flew near the site of the ruptured Nord Stream 2 pipeline in the Baltic Sea hours after the first damage emerged, according to tracking reviewed by Reuters, a flight Washington said was routine.
Russia’s Nord Stream 1 and 2 pipelines burst on Sept. 26, draining gas into the Baltic Sea off the coast of Denmark and Sweden. Seismologists registered explosions in the area, and police in several countries have launched investigations.
Advertisement · Scroll to continue
Report an ad
Flight data showed a P-8A Poseidon maritime patrol and reconnaissance plane was over the North Sea at 0003 GMT when Swedish seismologists registered what they later described as a subsea blast southeast of Bornholm Island in the Baltic Sea.
The plane, which had flown from Iceland, performed a pattern of regular racetrack-shaped circuits over Poland before breaking away towards the Baltic pipeline area, data showed.
Reuters Graphics
Reuters Graphics
The identity of the plane could not immediately be established because of the type of rotating identification code sometimes used by such planes, but the U.S. Navy confirmed it was an American aircraft when presented with data by Reuters.
Latest Updates
Oil falls as China demand concerns fuel recession fears
Hungary, Serbia agree to build pipeline to ship Russian oil to Serbia
Saudi Aramco to maintain full oil supplies to Asia in Nov despite OPEC+ cuts
French union rejects wage talk ‘blackmail’ as refinery strikes drag on
“The U.S. Navy P-8A Poseidon aircraft shown in the tracking data conducted a routine Baltic Sea maritime reconnaissance flight, unrelated to the leaks from the Nord Stream pipelines,” a U.S. Navy spokesperson said.
Asked if any of the intelligence gathered might help investigators looking into the pipeline ruptures, U.S. Naval Forces Europe-Africa spokesperson, Capt. Tamara Lawrence said: “We do not have any additional information to provide at this time.”
Advertisement · Scroll to continue
Report an ad
It’s unclear what role, if any, the U.S. military is playing to aid European investigations into the ruptures of the pipelines, although President Joe Biden has spoken about eventually sending down divers.
‘CHESS GAME’
According to the data, several minutes past 0100 GMT the plane flew south of Bornholm heading to northwestern Poland, where it circled for about an hour above land before flying at around 0244 GMT to the area where the gas leak was reported.
Tomi Engdahl says:
Biden Says Explosions On Nord Stream Pipelines Were Sabotage
https://www.rferl.org/a/sweden-denmark-explosions-nord-stream-pipelines-russia/32059596.html
Tomi Engdahl says:
Saksalaismediat: Saksan kyberturvallisuusjohtajaa uhkaa irtisanominen Venäjä-kytkösten vuoksi
https://yle.fi/uutiset/3-12654361
Saksalaisten mediatietojen mukaan liittovaltion tietoturvaviraston pääjohtajalla epäillään olevan yhteyksiä ihmisiin, jotka on yhdistetty Venäjän turvallisuuspalveluun.
Tomi Engdahl says:
US airports’ sites taken down in DDoS attacks by pro-Russian hackers https://www.bleepingcomputer.com/news/security/us-airports-sites-taken-down-in-ddos-attacks-by-pro-russian-hackers/
The pro-Russian hacktivist group ‘KillNet’ is claiming large-scale distributed denial-of-service (DDoS) attacks against websites of several major airports in the U.S., making them unaccessible.
Tomi Engdahl says:
”Länsimaat lähettävät roskasakkiaan kuolemaan” – näin Kremlin propagandakoneisto kehottaa uutisoimaan sodasta
Kreml kehottaa venäläistä mediaa kertomaan, että Kertšinsalmen sillan räjähdykseen liittyvä hysteria on laajasti liioiteltua Ukrainan toimesta.
https://www.iltalehti.fi/ulkomaat/a/2f758794-5507-46c7-991e-2fff9726c75f
Tomi Engdahl says:
Tämä jodista on nyt syytä tietää – asiantuntijat kertovat
STM päivitti lääkejodia koskevaa ohjetta ja kehottaa suomalaisia hankkimaan jodia. Joditabletit ovat erityisen tärkeitä lapsille ja raskaana oleville. Yli 40-vuotiaat eivät hyödy niistä.
https://www.iltalehti.fi/terveysuutiset/a/c194cedd-237c-46cf-a5af-feba6b61b9dd
Tomi Engdahl says:
Putinin kosto ja 4 muuta syytä ohjusiskujen sarjaan – taustalla viesti myös Suomeen
Venäjän ohjusiskut ovat asiantuntijoiden mukaan kosto Krimin sillan räjähdyksestä, mutta taustalla painaa muitakin syitä.
https://www.iltalehti.fi/ulkomaat/a/5af19fd5-8bf1-4b19-8b2e-2cb559ea9893
Ukrainan mukaan Venäjä on ampunut maanantaina ainakin 75 ohjusta.
Iskut on tulkittu vastareaktioksi Krimin sillan räjäyttämiselle.
Asiantuntijat näkevät iskujen taustalla muitakin syitä kuin koston.
Aleksanteri-instituutin professori Vladimir Gel’man arvioi Iltalehdelle jo aiemmin, että Venäjä saattaa tehdä iskuja Ukrainan kriittiseen infrastruktuuriin.
– Näitä olemme nyt nähneet. En tiedä. Todennäköisesti tämä ei riitä Kremlille. He luultavasti tekevät jotain muutakin, mutta on vaikea arvioida, mitä se voisi olla.
Iskuille voi nähdä viisi syytä.
1. Kosto
Asiantuntijoiden mukaan välitön syy on nimenomaan Putinin kosto. Ulkopoliittisen instituutin ohjelmajohtaja Arkady Moshes sanoo, että Venäjän oli vastattava Krimin sillan räjähdykseen.
– Tämä on ehdottomasti vastareaktio. Voi käyttää myös kosto-sanaa.
2. Uuden kenraalin esittely
Toinen syy voi olla, että kyseessä on Venäjän joukkoja Ukrainassa komentavan kenraalin Sergei Surovikinin esittäytyminen.
3. Viestin lähettäminen
Venäjä haluaa osoittaa Ukrainalle ja lännelle, että se on kykeneväinen jatkamaan sotaa samoilla keinoilla, millä se on tähänkin asti sitä käynyt. Arkady Moshes sanoo, että iskut ovat viesti kaikille lännen asiantuntijoille – myös Suomen.
– He ovat alkaneet puhua, että Venäjä on hävinnyt perinteisen sodankäynnin ja toimintakyky on rajoittunut siihen, käytetäänkö ydinaseita vai ei. On aivan liian aikaista sanoa niin.
4. Käytännön vaikutukset
Iskuja on ollut Kiovan lisäksi Länsi-Ukrainan Lvivissä, Ternopilissä ja Žytomyrissä sekä Keski-Ukrainan Dniprossa ja Krementšukissa. Idässä ne ovat kohdistuneet Harkovaan ja etelässä Zaporižžjaan.
– Hyökkäys kaupungin keskustaan voi aiheuttaa häiriöitä ja paniikkia. Ymmärtääkseni osa iskuista on saattanut kohdistua myös voimalaitoksiin ja rautateihin. Ne vaikuttavat Ukrainan hallinnon ja kansan toimintaan.
5. Maahyökkäys
Arkady Moshes sanoo, että ohjusiskuissa ei sinällään ole mitään uutta. Venäjä on tehnyt niitä ennenkin ja koko sota keväällä alkoi niin, että Venäjä teki raskaita ohjusiskuja ja lähti etenemään maata pitkin.
– Venäjä myös osoittaa, että se pystyy iskemään helposti kaikkialle Ukrainaan. Ihmiset ovat alkaneet tottua siihen, että keskusta-alueilla ja Länsi-Ukrainassa on ollut suhteellisen rauhassa. Venäjä näyttää, että koko Ukraina on uhattuna.
Tomi Engdahl says:
Analyysi: Putinin puhe vuonna 2005 enteili synkkiä aikoja Euroopalle, mutta länsi sulki silmänsä
Aino Vasankari
Venäjän presidentti on kertonut ensimmäisistä kausistaan lähtien mitä hän ajattelee Naton laajentumisesta ja Yhdysvaltojen vallan laajentumisesta. Samoin hän on alleviivannut Ukrainan asemaa jo vuodesta 2000 lähtien, kirjoittaa ulkomaantoimittaja Aino Vasankari.
https://www.iltalehti.fi/ulkomaat/a/52f3b93e-6720-49ea-a032-a7728f64b99b
Tomi Engdahl says:
Elon Musk rajoitti Starlinkin toimintaa – karu uutinen Ukrainan sotaponnisteluille https://www.is.fi/digitoday/art-2000009129003.html
SATELLIITTIPOHJAISIA internet-yhteyksiä tarjoavan SpaceX-yhtiön perustaja, monimiljardööri Elon Musk on estänyt yhtiön Starlink-yhteyksien käytön Venäjän miehittämällä Krimin niemimaalla ydinsodan pelossa, kertoo Business Insider. Päätös on suoraan Ukrainan intressien vastainen, sillä maa haluaa vallata Venäjän miehittämän alueen takaisin itselleen.
Muskin päätös vaikeuttaa asiaa kuitenkin merkittävästi, sillä hänen lahjoittamansa Starlink-yhteydet ovat Ukrainan armeijalle kriittisen tärkeä viestintäväline. Ukraina käyttää Starlink-yhteyksiä muun muassa osastojen väliseen viestintään, tulenjohtoon sekä venäläisosastojen liikkeiden seurantaan.
Elon Musk lahjoitti Venäjän täysmittaisen hyökkäyssodan alussa Ukrainalle 15 000 Starlink-päätettä puolustustaisteluun Venäjää vastaan.
VIIME viikosta alkaen on raportoitu ukrainalaisilla olevan merkittäviä ongelmia Starlinkin käytössä. Tämä on herättänyt spekulaatioita siitä, että palvelun toiminta olisi estetty Venäjän miehittämillä alueilla. Toisten arvioiden mukaan kyse olisi venäläisten tekemästä onnistuneesta häirinnästä.
Musk kertoi haastattelussa poliittisten riskien konsulttiyrityksen Eurasia Groupin johtajalle, politiikantutkija Ian Bremmerille Ukrainan puolustusministeriön pyytäneen Starlinkin aktivointia myös Krimillä, mutta hän kertoi evänneensä pyynnön konfliktin kiihdyttämisen pelossa.
Tomi Engdahl says:
Elon Musk blocks Ukraine from using Starlink in Crimea over concern that Putin could use nuclear weapons: report
https://www.businessinsider.com/elon-musk-blocks-starlink-in-crimea-amid-nuclear-fears-report-2022-10
Tomi Engdahl says:
Elon Muskin Starlink on Ukrainan salainen ase, jolle Venäjä ei voi mitään – ”Kuin toisesta galaksista” https://www.is.fi/digitoday/art-2000009113817.html
Elon Muskin Starlinkistä tuli Ukrainan käsissä mahtava ase – ”Avainteknologioita sodan voittamisessa” https://www.is.fi/digitoday/art-2000008887300.html
Tomi Engdahl says:
Kommentti: Menikö maailman rikkain Putinin vipuun? Elon Musk menetti maineensa Ukrainassa https://www.is.fi/ulkomaat/art-2000009128986.html
Ukrainan armeija ehti ylistää Muskin tekniikkaa, joka petti. Julkkismiljardööri törmäsi tosimaailmaan, kirjoittaa erikoistoimittaja Seppo Varjus.
OMASSA lajissasi voit olla vaikka mikä mestari, mutta kun eksyt väärään kaukaloon, samat säännöt eivät enää pädekään. Sota ei ole vain teknobisnestä.
Maailman rikkaimmaksi ihmiseksi väitetty Elon Musk ehti olla kuukausia sankari Ukrainassa. Hänen yhtiönsä tarjoama Starlink-järjestelmä auttoi ukrainalaisia sotilaita osumaan venäläisiin kohteisiin ja vaihtamaan viestejä keskenään.
Kesäkuussa Politico kertoi tykkimies Oleksyistä, joka tovereineen kiitti joka laukauksen jälkeen mielessään Muskia. Musk uhosi jopa haastavansa presidentti Vladimir Putinin kaksintaisteluun.
Syksy tuli, ja kellon ääni vaihtui. Musk järjesti hiljan ”Twitter-äänestyksen” Ukrainan rauhasta. Siinä esitettiin vaihtoehto, jossa vähintään Krim jäisi Venäjälle ja Ukraina sitoutuisi puolueettomuuteen.
Ukrainan Saksan-lähettilään Andric Melnykin vastaus oli painokelvoton. Venäjällä hyristiin tyytyväisyydestä.
Torstaina Musk joutui torjumaan väitettä, että hän olisi hiljan keskustellut Putinin kanssa. Hän myönsi keskustelleensa tämän kanssa puolitoista vuotta sitten ”avaruudesta”.
Ukrainan etulinjassa Starlink-yhteydet ovat alkaneet takkuilemaan tuntemattomasta syystä. Business Insiderin mukaan Musk olisi estänyt Starlinkin käytön Krimin alueella, mitä Ukraina ei tahdo.
Aiemmin Venäjä oli uhkaillut iskevänsä Muskin SpaceX-yhtiön satelliitteihin.
Tomi Engdahl says:
https://www.understandingwar.org/backgrounder/russian-offensive-campaign-assessment-october-12
Tomi Engdahl says:
Itä-Euroopan maissa on meneillään hurja kyberhyökkäysaalto https://www.epressi.com/tiedotteet/tietotekniikka/ita-euroopan-maissa-on-meneillaan-hurja-kyberhyokkaysaalto.html
Check Point Research varoittaa syyskuun haittaohjelmakatsauksessaan väärennettyjen Zoom-linkkien kautta leviävästä Vidar-haitakkeesta ja kertoo, että kyberhyökkäykset ovat yleistyneet Itä-Euroopan maissa dramaattisesti.
Tomi Engdahl says:
Apteekkien verkkokaupat kaatuivat jodiryntäyksessä https://www.tivi.fi/uutiset/tv/59439588-5c0d-452c-b55b-83c7671a975e
Tabletit on paikoitellen myyty loppuun. Kävijämäärät kuormittavat sivustoja.
Tomi Engdahl says:
Coverage of Killnet DDoS attacks plays into attackers’ hands, experts say https://therecord.media/coverage-of-killnet-ddos-attacks-plays-into-attackers-hands-experts-say/
A notorious pro-Russian hacking group drew headlines on Monday after launching distributed denial-of-service (DDoS) attacks on the websites of airports in at least 24 different states and threatening more operations against U.S. entities.
Tomi Engdahl says:
Mitä tapahtuisi, jos Putin tekisi kaikista pahimman? Näin laajalle taktisen ydinaseen laskeuma leviäisi
Stukin ylitarkastaja Antero Kuusi muistuttaa ilma- ja maaräjähdyksen eroista.
https://www.iltalehti.fi/ulkomaat/a/bfd3318b-3ce2-4ff7-aac8-ec2522a9c0ff
Tomi Engdahl says:
“Suomen syöjä” kertoi Venäjän hyökkäyksestä joulukuussa – ei noteerattu
Ex-pääministeri Esko Aho (kesk) nostaa uutuuskirjassaan esiin Vladimir Žirinovskin joulukuisen puheen: ”Kello neljältä aamulla 22. helmikuuta tulette tuntemaan uuden politiikkamme”.
Äärikansallisista puheistaan ja ”Suomen syöjänä” tunnettu Vladimir Žirinovski kuoli maaliskuussa 75-vuotiaana.
https://www.iltalehti.fi/politiikka/a/e5726fc1-1f0e-4cb7-ab58-5aef2beb22a2
Tomi Engdahl says:
Financial Times:
Sources: Ukrainian officials say some Starlink devices that suffered outages have come back online; officials rule out technical malfunctions or Russian jamming
https://www.ft.com/content/29ed76b9-d6bf-428c-8673-af48b7ed70df
Tomi Engdahl says:
Vain neljä maata seisoi Venäjän rinnalla YK:ssa – “Putinilla on aika vähän ystäviä jäljellä”
Neljä maata äänesti Venäjän rinnalla YK:n päätöslauselmaa vastaan.
https://www.iltalehti.fi/ulkomaat/a/5ad20fde-e611-40fe-b95a-a701e0567e6a
Tomi Engdahl says:
https://www.businessinsider.com/elon-musk-blocks-starlink-in-crimea-amid-nuclear-fears-report-2022-10
Tomi Engdahl says:
https://www.verkkouutiset.fi/a/aanin-99-1-venaja-halutaan-julistaa-terroristiseksi/#4f1c06c7
Tomi Engdahl says:
Exclusive: Musk’s SpaceX says it can no longer pay for critical satellite services in Ukraine, asks Pentagon to pick up the tab
https://www.cnn.com/2022/10/13/politics/elon-musk-spacex-starlink-ukraine/index.html
Since they first started arriving in Ukraine last spring, the Starlink satellite internet terminals made by Elon Musk’s SpaceX have been a vital source of communication for Ukraine’s military, allowing it to fight and stay connected even as cellular phone and internet networks have been destroyed in its war with Russia.
So far roughly 20,000 Starlink satellite units have been donated to Ukraine, with Musk tweeting on Friday the “operation has cost SpaceX $80 million and will exceed $100 million by the end of the year.”
But those charitable contributions could be coming to an end, as SpaceX has warned the Pentagon that it may stop funding the service in Ukraine unless the US military kicks in tens of millions of dollars per month.
Documents obtained by CNN show that last month Musk’s SpaceX sent a letter to the Pentagon saying it can no longer continue to fund the Starlink service as it has. The letter also requested that the Pentagon take over funding for Ukraine’s government and military use of Starlink, which SpaceX claims would cost more than $120 million for the rest of the year and could cost close to $400 million for the next 12 months.
“We are not in a position to further donate terminals to Ukraine, or fund the existing terminals for an indefinite period of time,”
“SpaceX faces terribly difficult decisions here. I do not think they have the financial ability to provide any additional terminals or service as requested by General Zaluzhniy.”
Reports of outages
The letters come amid recent reports of wide-ranging Starlink outages as Ukrainian troops attempt to retake ground occupied by Russia in the eastern and southern parts of the country.
Sources familiar with the outages said they suddenly affected the entire frontline as it stood on September 30. “That has affected every effort of the Ukrainians to push past that front,” said one person familiar with the outages who spoke to CNN on condition of anonymity to discuss sensitive conversations. “Starlink is the main way units on the battlefield have to communicate.”
There was no warning to Ukrainian forces, a second person said, adding that now when Ukraine liberates an area a request has to be made for Starlink services to be turned on.
The Financial Times first reported the outages which resulted in a “catastrophic” loss of communication, a senior Ukrainian official said. In a tweet responding to the article, Musk didn’t dispute the outage, saying that what is happening on the battlefield is classified.
Tomi Engdahl says:
Donetskin alueelta nähtiin mahdollisesti historian ensimmäinen videoitu kahden miehittämättömän ilma-aluksen välinen yhteenotto sodan tiimellyksessä.
https://www.mtvuutiset.fi/artikkeli/ukrainan-ja-venajan-dronet-ottivat-yhteen-venalaislennokin-viimeiset-hetket-tallentuivat-kameraan-miinus-yksi-kallisarvoinen-lelu/8549604#gs.f5iaa4
Tomi Engdahl says:
Elon Musk now says Starlink will continue providing internet to the Ukraine for free
Starlink isn’t a charity, but the Ukraine war isn’t a business opportunity
https://techcrunch.com/2022/10/15/starlink-isnt-a-charity-but-the-ukraine-war-isnt-a-business-opportunity/?tpcc=tcplusfacebook
What appeared earlier this year to be a selfless act of technotopianism, the widespread deployment of Starlink terminals in Ukraine, has soured as SpaceX and governments disagree on who ultimately should foot the bill of this unprecedented aid campaign. Some expect Elon Musk — one of the richest men in the world — to cough up, while others say the world’s richest military should as well. Both Elon Musk now says Starlink will continue providing internet to the Ukraine for free Elon Musk now says Starlink will continue providing internet to the Ukraine for free claims have merit, but this game of financial chicken will cost Ukrainian lives.
Tomi Engdahl says:
Sotilasasiantuntija: Tällaista on tulevaisuuden sodankäynti
Asiantuntijan mukaan tuoreet Ukrainaan tehdyt hyökkäykset ovat luultavasti esimerkki tulevaisuuden sotilasoperaatioista.
https://tieku.fi/teknologia/sotatekniikka/sotilasasiantuntija-tallaista-on-tulevaisuuden-sodankaynti
Ukrainan pääkaupunki Kiova ja maan muut suuret kaupungit ovat viime aikoina olleet lukuisten Venäjän iskujen kohteena.
Ilmaiskuja ei ole tehty perinteisin sodankäyntimenetelmin, vaan ne on suoritettu iranilaisvalmisteisilla itsemurhalennokeilla, joiden nokassa on räjähteitä.
Venäjä ja Iran eivät ole myöntäneet asekauppoja.
Britannian puolustusministeriön mukaan venäläiset ovat kuitenkin elokuusta alkaen käyttäneet Iranissa valmistettuja Shahed-136-lennokkeja. Niiden valmistaja on Iranin valtion omistama Hesa-yritys, ja Iran on yksi harvoista maista, jotka edelleen myyvät aseita Venäjälle.
Lennokki lentää matalalla
Lennokkien kantavuus on 1 000–2 000 kilometriä, joten niitä voidaan laukaista Venäjän puolelta syvälle Ukrainan maaperälle.
Niiden siipien kärkiväli on 2,5 metriä, ja lentonopeus on 180 kilometriä tunnissa.
Iranilaislennokit eivät tekniikaltaan ole niin kehittyneitä kuin Yhdysvaltojen, Israelin ja Turkin valmistamat dronet, mutta sen sijaan ne ovat tehokkaita ja halpoja.
Tomi Engdahl says:
Pekka Haavisto: Venäjän uusissa iskuissa yksi ”erittäin huolestuttava” piirre https://www.is.fi/politiikka/art-2000009143569.html
Tomi Engdahl says:
New “Prestige” ransomware impacts organizations in Ukraine and Poland https://www.microsoft.com/security/blog/2022/10/14/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland/
The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which labels itself in its ransom note as “Prestige ranusomeware”, being deployed on October 11 in attacks occurring within an hour of each other across all victims. This campaign had several notable features that differentiate it from other Microsoft-tracked ransomware campaigns:. * The enterprise-wide deployment of ransomware is not common in Ukraine, and this activity was not connected to any of the 94 currently active ransomware activity groups that Microsoft tracks. * The Prestige ransomware had not been observed by Microsoft prior to this deployment. * The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and overlaps with previous victims of the FoxBlade malware (also known as HermeticWiper). Despite using similar deployment techniques, the campaign is distinct from recent destructive attacks leveraging AprilAxe (ArguePatch)/CaddyWiper or Foxblade (HermeticWiper) that have impacted multiple critical infrastructure organizations in Ukraine over the last two weeks. MSTIC has not yet linked this ransomware campaign to a known threat group and is continuing investigations.
MSTIC is tracking this activity as DEV-0960.
Tomi Engdahl says:
Ruotsissa varastettu ainakin 100 ylinopeuskameraa – epäillään päätyvän venäläisten sotilaskäyttöön https://www.is.fi/digitoday/art-2000009147615.html
Tomi Engdahl says:
Russia wages disinformation war. Ukraine’s cyber chief calls for global anti-fake news fight https://www.theregister.com/2022/10/22/ukraine_cybersecurity_chief_mwise/
‘Completely new approaches should be developed to prevent the influence of this propaganda’. As a hybrid offline and online war wages on in Ukraine, Viktor Zhora, who leads the country’s cybersecurity agency, has had a front-row seat of it all.
Tomi Engdahl says:
Cuba ransomware affiliate targets Ukrainian govt agencies https://www.bleepingcomputer.com/news/security/cuba-ransomware-affiliate-targets-ukrainian-govt-agencies/
UA-hacker. The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert about potential Cuba Ransomware attacks against critical networks in the country.
Tomi Engdahl says:
Israeli Strike Targeted Iranian Drone Assembly Site Near Damascus, Syrian Rights Monitor Says
The strike hit Syria’s Dimas military airport on Friday night, a base of operations for Iran-backed forces and Hezbollah that has been ramped up in recent months as Iranian drone shipments start rolling in
https://www.haaretz.com/middle-east-news/2022-10-23/ty-article/.premium/israeli-strike-targeted-iranian-drone-assembly-site-near-damascus-syrian-monitor-says/00000184-0530-d736-abc7-1fb0384f0000
Tomi Engdahl says:
Jättiselvitys: Salainen ryhmä ”kauko-ohjaintappajia” lahtaa Ukrainan siviilejä – mukana suomalaisittain kiinnostava nimi
Tutkiva journalistiryhmä tunnisti ukrainalaissiviileihin kohdistuneista iskuista vastaavat henkilöt.
https://www.iltalehti.fi/ulkomaat/a/e63efceb-7402-4f6b-bde9-443716a61466
Tomi Engdahl says:
Venäjän oudot hävittäjäturmat ajavat armeijaa ahtaalle – “Ei hyvältä näytä”
Venäjällä nähtiin viime viikolla kaksi lähes identtistä onnettomuutta, jotka tapahtuivat toistaiseksi tuntemattomasta syystä.
https://www.iltalehti.fi/ulkomaat/a/79e02ae5-9c41-48ee-8a4e-424008da4736
Tomi Engdahl says:
How did jet crash into a block of flats in Russia?
https://www.bbc.com/news/63313871
An investigation is underway into the crash of a fighter jet in the Russian city of Yeysk on Monday in which 15 people were killed, including three children.
Dramatic videos and images have surfaced across social media, allowing us to try to piece together what happened.
On Monday evening, an Su-34 fighter-bomber crashed into a residential building in the Russian city of Yeysk, more than 100 miles (160km) from Ukrainian held territory.
The Russian defence ministry has suggested that a malfunction in one of the engines was the most likely cause.
Tomi Engdahl says:
Brittitiedustelu: Toisinajattelijat sabotoivat Venäjän ja Valko-Venäjän rautateitä – fyysisten uhkien torjuminen vaikeaa
Venäjän Belgorodin alueen viranomaiset kertoivat maanantaina, että räjähde oli vahingoittanut rautatietä Novozybkovin kylän lähellä. Kylä sijaitsee noin 15 kilometrin päässä Valko-Venäjän rajalta, ja kyseinen rautatie on pääreitti Venäjän ja Valko-Venäjän eteläosien välillä.
Iskun tekijäksi ilmoittautui venäläinen sotaa vastustava ryhmä Ostanovi vagony (suom. pysäyttäkää vaunut). Kyseessä oli ainakin kuudes Venäjän rautatieinfrastruktuuriin kohdistunut sabotaasitapaus, jonka ryhmä on kertonut tehneensä kesäkuun jälkeen.
Britannian sotilastiedustelun mukaan maanantain isku oli osa laajempaa trendiä, jossa toisinajattelijat sabotoivat Venäjän ja Valko-Venäjän rautateitä.
Venäjän turvallisuusneuvoston apulaissihteeri Aleksei Pavlov vaati tiistaina Argumenty i fakty -lehden haastattelussa, että Ukraina tulisi mitä pikimmiten myös “desatanisoida” eli riisua tai puhdistaa saatanasta. Pavlovin mukaan Ukrainasta on tullut “totalitaarinen hyperlahko”, jossa kansalaiset ovat hylänneet ortodoksiset arvot.
- Internetiin perustuvaa manipulaatiota ja psykoteknologiaa käyttämällä uusi hallitus on muuttanut Ukrainan valtiosta totalitaariseksi hyperlahkoksi. Kiovan viranomaiset olivat ensimmäisiä, jotka muuttuivat sotafanaatikoiksi, joiden näkemykset ovat päinvastaisia normaalien ihmisten näkemysten kanssa, Pavlov sanoi.
Venäjän turvallisuusneuvoston apulaissihteeri: Ukraina tulee mitä pikimmiten ”desatanisoida” https://www.is.fi/ulkomaat/art-2000009092587.html
Tomi Engdahl says:
Diktatuuri kiihtyy Venäjällä. Jopa aseteollisuutta uhkaillaan rikossyytteillä (vankilalla?) jos tuotanto ei ole miellyttävän tehokasta hallituksen mielestä eli jälleen mielivaltaisesti tehdään omia lakeja kun virallista sotatilaa ei voida julistaa (koko Venäjälle). Kertoo vain hädästä ja sanktiot alkavat puremaan. Sodan häviämistä todella pelätään. Eiköhän tämäkin vain kerro siitä ketä ne todelliset natsit ovat.
Pelätäänkö jopa omien kansalaisten sabotoivan aseteollisuutta kun tajutaan ettei keisarilla ole vaatteita ja vaaditaan omia lapsia rintamalle kuolemaan (osan) surkeasti varustautuneena etulinjassa?
https://www.tekniikkatalous.fi/uutiset/tt/fa4993a1-5f69-4d31-8015-f74eada7a9a6
https://www.youtube.com/watch?v=PpE7ncUADOw
Tomi Engdahl says:
Kolmas maailmansota saattaa olla jo alkanut
https://www.iltalehti.fi/ulkomaat/a/eeb050b9-6ea8-40bf-b329-fa8a59d6ef45
Tomi Engdahl says:
Gordon Corera / BBC:
Inside the US Cyber National Mission Force, which has been deployed to 20 countries since 2018 to battle state-backed Russian, Chinese, and North Korean hackers
Inside a US military cyber team’s defence of Ukraine
https://www.bbc.com/news/uk-63328398
Russia failed to take down Ukrainian computer systems with a massive cyber-attack when it invaded this year, despite many analysts’ predictions. The work of a little-known arm of the US military which hunts for adversaries online may be one reason. The BBC was given exclusive access to the cyber-operators involved in these global missions.
In early December last year, a small US military team led by a young major arrived in Ukraine on a reconnaissance trip ahead of a larger deployment. But the major quickly reported that she needed to stay.
“Within a week we had the whole team there ready to go hunting,” one of the team recalls.
They had come to detect Russians online and their Ukrainian partners made it clear they needed to start work straight away.
“She looked at the situation and told me the team wouldn’t leave,” Maj Gen William J Hartman, who heads the US Cyber National Mission Force, told the BBC.
“We almost immediately got the feedback that ‘it’s different in Ukraine right now’. We didn’t redeploy the team, we reinforced the team.”
Since 2014, Ukraine has witnessed some of the world’s most significant cyber-attacks, including the first in which a power station was switched off remotely in the dead of winter.
By late last year, Western intelligence officials were watching Russian military preparations and growing increasingly concerned that a new blizzard of cyber-attacks would accompany an invasion, crippling communications, power, banking and government services, to pave the way for the seizure of power.
The US military Cyber Command wanted to discover whether Russian hackers had already infiltrated Ukrainian systems, hiding deep inside. Within two weeks, their mission became one of its largest deployments with around 40 personnel from across US armed services.
The infiltration of computer networks had for many years been primarily about espionage – stealing secrets – but recently has been increasingly militarised and linked to more destructive activities like sabotage or preparation for war.
This means a new role for the US military, whose teams are engaged in “Hunt Forward” missions, scouring the computer networks of partner countries for signs of penetration.
“They are hunters and they know the behaviour of their ‘prey’,” explains the operator who leads defensive work against Russia.
Since 2018, US military operators have been deployed to 20 countries, usually close allies, in Europe, the Middle East and the Indo-Pacific region. – although not countries like the UK, Germany or France, which have their own expertise and are less likely to need or want outside help.
Most of their work has been battling state-hackers from China and North Korea but Russia has been their most persistent adversary. Some countries have seen multiple deployments, including Ukraine, where for the first time cyber attacks were combined with a full-scale war.
Inviting the US military into your country can be sensitive and even controversial domestically, so many partners ask that the US presence remains secret – the teams rarely wear uniform. But increasingly, governments are choosing to make missions public.
Even countries allied to the US can be nervous about allowing the US to root around inside sensitive government networks. In fact, revelations from former intelligence contractor Edward Snowden 10 years ago suggested that the US spied on friends as well as enemies.
That suspicion means the young men and women arriving on a mission are often faced with a stern test of their diplomatic skills. They show up at an airport hauling dozens of boxes of mysterious technical equipment and need to quickly build trust to get permission to do something sensitive – install that equipment on the host country’s government computer networks to scan for threats.
“That is a pretty scary proposition if you’re a host nation,” explains Gen Hartman. “You immediately have some concern that we’re going to go do something nefarious or it’s some super-secret kind of backdoor operation.”
Put simply, the Americans need to convince their hosts they are there to help them – and not to spy on them.
“I’m not interested in your emails,” is how Mark, who led two teams in the Indo-Pacific region, describes his opening gambit. If a demonstration goes well they can get down to work.
Local partners sometimes sit with US teams around in conference rooms observing closely to make sure nothing untoward is going on. “We have to make sure we convey that trust,” says Eric, a 20-year veteran of cyber operations. “Having people sit side-saddle with us is a big factor in developing that.”
And although suspicion can never be totally dispelled, a common adversary binds them together.
“The one thing that these partners want is the Russians out of their networks,” Gen Hartman recalls one of his team telling him.
US Cyber Command offers an insight into what the Russians, or others, are up to, particularly since it works closely with the National Security Agency, America’s largest intelligence agency which monitors communications and cyberspace.
In one case, proof of infiltration came in real-time
“Is that you?” Chris asked.
“That is my computer, but I swear that’s not me,” the administrator responded, transfixed as if watching a movie. Someone had stolen his online identity.
The US teams say they share what they find to allow the local partner to eject Russians (or other state hackers) rather than do it themselves. They also use commercial tools so that local partners can continue after the mission is over.
A good relationship can pay dividends.
Each mission is different
A cat-and-mouse game is often played with hackers from Russian intelligence agencies who are particularly adept at changing tactics.
In 2021, it emerged the Russians had used software from a company called SolarWinds to infiltrate the networks of the customers who bought it, including governments.
US operators began looking for traces of their presence.
Hunting is not an altruistic act by the US military. As well as providing hands-on experience for its teams, it can also help at home. In one mission, a young enlisted cyber operator found the same malware they had discovered in a European country was also present on a US government agency. The US has often struggled to identify and root out vulnerabilities domestically, whether in industry or government, because of overlapping responsibilities between different agencies even as it sends out its operators abroad.
This January, the team in Ukraine were trying to avoid slipping on icy pavements when a series of major cyber-attacks hit. “Be afraid and expect the worst,” read a message posted by hackers on the Foreign Ministry website.
The US team watched in real-time as a wave of so-called wiper software, which renders computers unusable, hit multiple government websites.
“They were able to assist in analysing some of the ongoing attacks, and facilitate that information being shared back to partners in the United States,” Gen Hartman says.
The aim was to destabilise the country ahead of the February invasion.
By the time Russian troops flooded over the border, the US team had been pulled out. Knowledge of the physical risk for their Ukrainian partners who remained weighed heavily on them.
Hours before the invasion began on 24 February, a cyber-attack crippled a US satellite communications provider that supported the Ukrainian military. Many predicted this would be the start of a wave of attacks to take down key areas like railways. But that did not happen.
“One of the reasons the Russians may not have been so successful is that the Ukrainians were better prepared,” says Gen Hartman.
“There’s a lot of pride in the way they were able to defend. A lot of the world thought they would just be run over. And they weren’t,” says Al, a senior technical analyst who was part of the Ukrainian deployment team. “They resisted.”
Ukraine has been subject to continued cyber-attacks which, if successful, could have affected infrastructure. But the country has continued to defend itself better than many expected. Ukrainian officials have said that this has been in part thanks to help from allies, including US Cyber Command and the private sector as well as their own growing experience. Now, the US and other allies are turning to the Ukrainians to learn from them.
“We continue to share information with the Ukrainians, they continue to share information with us,” explains Gen Hartman. “That’s really the whole idea of that enduring partnership.”
Tomi Engdahl says:
Ukraine war: Wave of strikes hit major cities including Kyiv
https://www.bbc.com/news/world-europe-63454230
Russia has launched massive missile strikes across Ukraine, including the capital Kyiv, causing power and water outages, Ukrainian officials say.
At least two blasts were reported in Kyiv. One resident told the BBC his district was now without electricity.
In the north-eastern city of Kharkiv, critical infrastructure facilities were hit, the local authorities said.
The strikes come after Russia blamed Ukraine for a drone attack on its Black Sea Fleet in the annexed Crimea.
On Monday, missile strikes were also reported in the central Vinnytsia region, as well as Dnipropetrovsk and Zaporizhzhia in the south-east, and Lviv in western Ukraine.
Ukraine’s Air Force spokesman Yuriy Ihnat told Ukrainian TV that Russia had used its strategic bombers to carry out the attack.
Andriy Yerkmak, the head of President Volodymyr Zelensky’s office, said that “Russian losers are continuing to fight against peaceful objects”.
Tomi Engdahl says:
https://www.securityweek.com/slovak-polish-parliaments-hit-cyberattacks
Tomi Engdahl says:
Pääkirjoitus: Putinistit yrittävät samaa kuin kansallissosialistit Münchenissä
Lauri Nurmi
Demokratioiden on valmistauduttava siihen, että ne perustavat laivasto-osaston turvaamaan Ukrainan väestön elämänlankaa: Odessan sataman vientiä, Iltalehden Lauri Nurmi kirjoittaa.
https://www.iltalehti.fi/paakirjoitus/a/13010433-b5e4-4c0d-a185-7944a89e519e
Venäjä kertoi viikonloppuna, että maa ei enää noudata YK:n avustuksella solmittua sopimusta, joka mahdollistaisi ukrainalaisille meritse viljanviennin ja muun ulkomaankaupan Odessasta.
Samalla Venäjä väittää, että Britannian laivasto räjäytti Nord Stream -kaasuputken.
Diktaattori Vladimir Putinin hallinto ja sen kannattajat noudattavat samaa logiikkaa kuin Hitleriä tukeneet kansallissosialistit 1930-luvun lopulla: heidän allekirjoittamillaan sopimuksilla ja heidän puheillaan on tyhjän verran luotettavuutta.
Tomi Engdahl says:
15 000 vapaaehtoista valmistautuu pahimpaan Liettuassa – “Meitä ei enää yllätetä”
Liettuan suojeluskunnan yksiköiden komentajan mukaan Liettualle ei voisi enää käydä niin kuin 80 vuotta sitten.
https://www.iltalehti.fi/ulkomaat/a/09c24248-08da-43d9-91ec-15c1b22937ec
Tomi Engdahl says:
Venäjä iskenyt eri puolille Ukrainaa, Kiovassa sähköt ja vesi poikki – IL seuraa sotaa
https://www.iltalehti.fi/ulkomaat/a/9435695b-e455-4c18-8a2d-68e6e241c31f
Kiovassa ja muualla Ukrainassa on kuultu useita räjähdyksiä maanantaiaamuna. Pääkaupungista iskut ovat katkaisseet osin sähkön ja veden.
Tomi Engdahl says:
Kamikaze drone Iran Shahed 136 | How it Works
https://www.youtube.com/watch?v=-U0usQ-g9GM
The kamikaze drone from Iran Shaheed-136 with A Russian Designated name Geranium-2.
Why is this a big deal?
This Russian Kalibr Cruise Missile costs around 1 million dollars,
Now this American Tomahawk Cruise Missile cost about 2 million dollars
The Shaheed 136 is more or less a low budget Cruise missile with a reported price tag of just $10,0000 to $20,000 dependinging on variants. While the Average price of cars here in America is around $40,000.
When launched in swarms these are a menace in this modern battlefield.