Search

Analysis | In cyber conflict, Ukraine has an underdog advantage over Russia - The Washington Post

rumputhijauau.blogspot.com

Welcome to The Cybersecurity 202: As if dodging covid wasn’t enough, now there’s a tick on the loose in D.C. that can make you allergic to red meat for life. We can’t stay inside forever, so we’ll have to brisket. We all have a steak in defeating this scourge.

Below: Mike Lindell briefly returned to Twitter after being banned for election disinformation, and FBI queries of Americans’ data are way up.

Three big cyber takeaways as the Ukraine war enters its third month

As Russia’s war in Ukraine enters its third month, the hacking component of the conflict hasn’t turned out like anyone suspected.

There have been big Russian hacks, to be sure — but none that played a decisive role in the military conflict. Ukraine, meanwhile, has more than held its own, both in defending its own digital assets and striking back at Russia in cyberspace. 

Here are three big takeaways about where the cyber conflict stands now.

1. Cyber conflict often gives underdogs an advantage.

Ukrainian hackers and their allies have stolen and leaked emails, passwords and other data from Russian institutions and individuals, as my colleague Joseph Menn reports. They’ve also defaced Russian websites and conducted information operations aimed at eroding the Russian public’s support for the war. 

The lesson: Many of the factors that give nations an advantage in conventional conflicts — such as economic power and technological prowess — are far less operative in cyber conflict. 

This is the same basic lesson that’s allowed North Korea — a rogue nation with almost no economic power — to pester far more prosperous adversaries including South Korea and the United States. 

Developing a decent hacking capability is far simpler and less costly than developing conventional military capabilities. And it’s comparatively simple to find and compromise targets that can at least pester and embarrass an adversary given the generally inadequate level of cyber protections across the globe.

The most powerful nations also tend to be the most reliant on the Internet, making them especially rich hacking targets. 

  • Since the invasion, hackers who support Ukraine have leaked 20 years of emails from a state-owned television and radio chain along with troves of passwords and other credentials from Russian online accounts, Joseph reports.
  • There were more credentials leaked online connected with Russian emails in March than for any other nation, the security firm Surfshark told Joseph — a distinction typically held by the United States or India, both far more populous nations.

2. Hacks that steal data may be more powerful than those that cause disruption or destruction.

Most of the media focus since the invasion has been on hacks that supported Russian military action, such as an early satellite hack that disrupted Ukrainian communications. 

But Russian hacks that stole reams of Ukrainian data may have the greater long-term impact — especially if Russia ends up occupying parts of Ukraine for long periods of time and can use the data to pinpoint the likeliest members of a resistance. 

Kremlin-backed hackers appear to have ramped up such attacks in advance of the invasion, including hitting government databases at the agency that oversees police, national guard and border issues, and a national database of car insurance information, the Associated Press’s Frank Bajak reports.

Ukraine’s top cyber officials Victor Zhora asserted the goal was to identify the people most likely to resist an occupation and kill or imprison them.

Here’s Jack Watling, an analyst at the United kingdom’s Royal United Services think tank, speaking to the AP: “Fantastically useful information if you’re planning an occupation … knowing exactly which car everyone drives and where they live and all that.”

3. Hacktivists and other nongovernment hackers may play a decisive role in future conflicts.

The vast majority of the known digital operations targeting Russia have been conducted by hackers who appear to be volunteering their efforts rather than working directly for the Ukrainian government. 

The Russian broadcaster data, for example, was stolen by a newly formed hacktivist group that’s dubbed itself Network Battalion 65, Joseph reports. That group has also launched ransomware attacks, locking up the data of Russian companies. 

“We pay for our own infrastructure and dedicate our time outside of jobs and familial obligations to this,” an unnamed spokesperson told Joseph. “We ask nothing in return. It’s just the right thing to do.”

Such operations have given heartburn to western cyber officials and analysts who fear hacktivists might unwittingly launch hacks that cause major damage or escalate cyber tensions between Russia and the West.

Yet it seems unavoidable that they’ll play a role in future conflicts — especially when there’s broad public sympathy for one side that leaves a lot of people with digital skills looking to help out. 

“In the normal course of events, you don’t want to encourage vigilante hackers,” former State Department cyber czar Christopher Painter told Joseph, adding that “we’re not in a normal course of events.”

Lindell briefly returned to Twitter after election disinformation ban

My Pillow CEO Mike Lindell, who was permanently banned from Twitter last year, created a new account that was online for several hours Sunday before Twitter removed it.

Lindell has been one of the largest promoters of baseless claims that the 2020 election was rigged and he regularly tweeted such claims before he was banned. 

While his new unverified account was briefly online, he posted a video urging people to follow him and to beware of accounts that claim to be him but aren’t. Twitter rules bar people from creating new accounts after their existing accounts were banned. 

Context: The stunt came amid widespread speculation that Elon Musk, who’s in the process of buying Twitter for $44 billion, might loosen disinformation rules that resulted in bans for Lindell and former president Donald Trump.

Here’s the predictable outcome via the Daily Beast’s Zachary Petrizzo:

FBI data searches of Americans more than doubled last year

FBI officials conducted roughly 3.4 million queries of data gathered by the National Security Agency from December 2020 to November 2022 that were likely to include information about Americans, Devlin Barrett and Shane Harris report.

That’s compared to about 1.3 million such searches the previous year. The figures came from an annual transparency report issued by the Office of the Director of National Intelligence. 

The revelation could reinvigorate long-standing concerns about the scope of U.S. government surveillance which surged after the Edward Snowden revelations in 2013. 

From Devlin and Shane: “A senior FBI official, speaking on the condition of anonymity to discuss details of intelligence-gathering, said the increase was largely the product of a single suspected Russian hacking case. That case, relating to attempts to compromise critical U.S. infrastructure, accounted for approximately 1.9 million queries, the official said.”

The queries, authorized by Section 702 of the FISA Amendments Act, are conducted on databases gathered for foreign intelligence purposes but sometimes pull in information about Americans. 

Romanian websites hit in pro-Russian hack

The digital attacks targeted Romanian government websites for the country’s defense ministry and border police and for a Romanian railway and financial firm, Bloomberg News reports.

The attacks overwhelmed the sites with phony traffic and left some of them offline for several hours. Romanian authorities blamed a Kremlin-aligned hacking group known as Killnet. The attacks come as Romanian officials have been mulling providing military assistance to Ukraine. 

Global cyberspace

South Korea Arrests 2 Accused of Spying for North Korea (New York Times)

Ukraine War Puts Spy Satellites for Hire in the Spotlight (Wall Street Journal)

How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities (CyberScoop)

Ukraine's defense applies lessons from a 15-year-old cyberattack on Estonia (NPR)

Government scan

Thomson Reuters to review contracts, including for database used to track immigrants (By Drew Harwell)

A tip of the hat to the UK's National Cyber Security Centre.

  • Google and Microsoft executives testify at a Senate Armed Services Committee panel’s hearing on artificial intelligence applications in cyberoperations on Tuesday at 2:30 p.m.
  • CISA Director Jen Easterly, Rep. Jim Langevin (D-R.I.) and cybersecurity officials speak at the Hack the Capitol conference on Wednesday.
  • Homeland Security Secretary Alejandro Mayorkas testifies before the Senate Homeland Security Committee on Wednesday at 2:30 p.m.

Secure log off

Thanks for reading. See you tomorrow.

Adblock test (Why?)



"conflict" - Google News
May 02, 2022 at 06:38PM
https://ift.tt/atBVdfY

Analysis | In cyber conflict, Ukraine has an underdog advantage over Russia - The Washington Post
"conflict" - Google News
https://ift.tt/lqWvxoQ
https://ift.tt/P5EfxhK

Bagikan Berita Ini

0 Response to "Analysis | In cyber conflict, Ukraine has an underdog advantage over Russia - The Washington Post"

Post a Comment


Powered by Blogger.