Ukraine-Russia cyber war

Ukraine and Russia seems to be at the moments on both traditional and cyber war. We could call that hybrid warfare. We are at a cyber war. Countless examples exist of damage to infrastructure from hostile acts via computer attacks. Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar. On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. Russia started to conduct attacks to Ukraine on February 24. Before physical attacks Russia did several cyber attacks towards IT systems in Ukraine.

Here are links to some material on the cyber side of this war:

How the Eastern Europe Conflict Has Polarized Cyberspace
https://blog.checkpoint.com/2022/02/27/how-the-eastern-europe-conflict-polarized-cyberspace/
The war between Russia and Ukraine is advancing. People everywhere are deciding who they will support. The same dynamic happens in the cyberspace. Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices. Historically, Russia has had superiority over Ukraine in the cyberspace. And last week, Ukraine was attacked by destructive wiping malware. However, the situation is starting to change, as most of the non-nation cyber state actors are taking the side of Ukraine. To defend itself, the Ukrainian government has created an international IT army of hacktivists.

As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
https://techcrunch.com/2022/03/02/as-war-escalates-in-europe-its-shields-up-for-the-cybersecurity-industry/
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”

Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks/
All of us who work at Microsoft are following closely the tragic, unlawful and unjustified invasion of Ukraine. This has become both a kinetic and digital war, with horrifying images from across Ukraine as well as less visible cyberattacks on computer networks and internet-based disinformation campaigns. We are fielding a growing number of inquiries about these aspects and our work, and therefore we are putting in one place a short summary about them in this blog. This includes four areas: protecting Ukraine from cyberattacks; protection from state-sponsored disinformation campaigns; support for humanitarian assistance; and the protection of our employees.. Also:
https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/

Ukraine: Cyberwar creates chaos, ‘it won’t win the war’
https://www.dw.com/en/ukraine-cyberwar-creates-chaos-it-wont-win-the-war/a-60999197
There have been at least 150 cyberattacks in Ukraine since Russia’s invasion. Their effect is mainly psychological, and experts say they won’t decide the war.
Russia’s invasion of Ukraine has been a hybrid war from the start, a mix of conventional military strategy — traditional “boots on the ground” — and a slightly more unconventional, digital or cyberwar.
The global technology company Microsoft has said its Threat Intelligence Center (MSTIC) detected “destructive cyberattacks directed against Ukraine’s digital infrastructure” hours before the first launch of missiles or movement of tanks on February 24.
Those attacks, which Microsoft dubbed FoxBlade, included so-called wipers — malicious software or malware — that make their way inside computer networks and literally wipe the data from all connected devices.
Cybersecurity experts in Germany have said there have been over a hundred cyberattacks, in various forms, since then. But their effect has mainly been psychological.

Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine
https://time.com/6153902/russia-major-cyber-attacks-invasion-ukraine/
In the relatively short and rapidly evolving history of cyber conflict, perhaps nothing has been established with greater certainty and more widely accepted than the idea that Russia has significant cyber capabilities and isn’t afraid to use them—especially on Ukraine. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages. In 2017, Russia deployed the notorious NotPetya malware via Ukrainian accounting software and the virus quickly spread across the globe costing businesses billions of dollars in damage and disruption.
As tensions escalated between Russia and Ukraine, many people were expecting the conflict to have significant cyber components.
But as the invasion continues with few signs of any sophisticated cyber conflict, it seems less and less likely that Russia has significant cyber capabilities in reserve, ready to deploy if needed. Instead, it begins to look like Russia’s much vaunted cyber capabilities have been neglected in recent years, in favor of developing less expensive, less effective cyber weapons that cause less widespread damage and are considerably easier to contain and defend against. For instance, many of the cyberattacks directed at Ukraine in the past month have been relatively basic distributed denial-of-service attacks.
Given Russia’s past willingness to deploy cyberattacks with far-reaching, devastating consequences, it would be a mistake to count out their cyber capabilities just because they have so far proven unimpressive. And it’s all but impossible to prove the absence of cyber weapons in a nation’s arsenal. But the longer the conflict goes on without any signs of sophisticated cyber sabotage, the more plausible it becomes that the once formidable Russian hackers are no longer playing a central role in the country’s military operations.

Crowd-sourced attacks present new risk of crisis escalation
https://blog.talosintelligence.com/2022/03/ukraine-update.html
An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques.
Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as well. Misattribution of these actors carries the risk of nations escalating an already dangerous conflict in Ukraine. Based on data from our fellow researchers at Cisco Kenna, customers should be most concerned about threat actors exploiting several recently disclosed vulnerabilities, highlighting the importance of consistently updating software and related systems.

Russia, Ukraine and the Danger of a Global Cyberwar
https://www.securityweek.com/russia-ukraine-and-danger-global-cyberwar
On the morning of February 22, 2022, the world woke to the news that Russia had moved troops into two separatist regions of eastern Ukraine. At the time of writing, it is not yet a full invasion of Ukraine, but Russia did conduct attacks on February 24, hitting cities with airstrikes and artillery in what was called a “special military operation” by Russian President Vladamir Putin.
Russia has been waging its own cyberwar against Ukraine for many years.
Since the beginning of 2022, however, it seems that Russian cyber activity against Ukraine has increased. This includes evidence that wiper malware has again disrupted some Ukrainian government networks, and attacks from the FSB-linked Gamaredon have targeted around 5,000 entities, including critical infrastructure and government departments. So far, however, there has not been the same scale of disruption as occurred in 2015, 2016 and 2017.
The purpose of such cyber activity is to weaken critical infrastructure, damage government’s ability to respond to any aggression, and to demoralize the population.
The U.S. has been warning the rest of the world against a potential widening scope of Russian cyber activity, and that cyber defenses generally should be tightened.
“Part of the worry,” said Willett, “is that cyberattacks against Ukraine might bleed over, like NotPetya, to affect other countries and cause wider damage unintentionally. There is some concern that the Russians may intentionally do stuff more widely, but that would probably be in retaliation for something that the U.S. or NATO might do.
This raises the whole question of ‘attribution’. The received belief is it is impossible to do accurate cyber attribution. ““It would be a mistake for any one nation to think it could attack another without being known,” said Willett.That is absolutely wrong,” said Willett.
But accidents happen. The two iconic cyberweapons have been Stuxnet and NotPetya. It is assumed that the U.S. developed Stuxnet (although this has never been admitted). NotPetya has been confidently attributed to the Russian government. Both malwares escaped from their assumed targets into the wider world. This was probably accidental – but similar accidents could lead to wider implications during a period of global geopolitical tension.
On the morning of February 24, 2022, Russian troops invaded Ukraine. This was accompanied by a further increase in cyber activity.

Ukraine Digital Army Brews Cyberattacks, Intel and Infowar
https://www.securityweek.com/ukraine-digital-army-brews-cyberattacks-intel-and-infowar
Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence.
Inventions of the volunteer hackers range from software tools that let smartphone and computer owners anywhere participate in distributed denial-of-service attacks on official Russian websites to bots on the Telegram messaging platform that block disinformation, let people report Russian troop locations and offer instructions on assembling Molotov cocktails and basic first aid.
The movement is global, drawing on IT professionals in the Ukrainian diaspora whose handiwork includes web defacements with antiwar messaging and graphic images of death and destruction in the hopes of mobilizing Russians against the invasion.
The cyber volunteers’ effectiveness is difficult to gauge. Russian government websites have been repeatedly knocked offline, if briefly, by the DDoS attacks, but generally weather them with countermeasures.
It’s impossible to say how much of the disruption — including more damaging hacks — is caused by freelancers working independently of but in solidarity with Ukrainian hackers.
A tool called “Liberator” lets anyone in the world with a digital device become part of a DDoS attack network, or botnet. The tool’s programmers code in new targets as priorities change.

Ukraine Cyber Official: We Only Attack Military Targets
https://www.securityweek.com/ukraine-cyber-official-we-only-attack-military-targets
A top Ukrainian cybersecurity official said Friday a volunteer army of hundreds of hackers enlisted to fight Russia in cyberspace is attacking only what it deems military targets, prioritizing government services including the financial sector, Kremlin-controlled media and railways.
Victor Zhora, deputy chair of the state special communications service, also said that there had been about 10 hostile hijackings of local government websites in Ukraine to spread false text propaganda saying his government had capitulated. He said most of Ukraine’s telecommunications and internet were fully operational.
Zhora told reporters in a teleconference that presumed Russian hackers continued to try to spread destructive malware in targeted email attacks on Ukrainian officials and — in what he considers a new tactic — trying to infect the devices of individual citizens.

Army of Cyber Hackers Rise Up to Back Ukraine
https://www.securityweek.com/army-cyber-hackers-rise-back-ukraine
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other “hacktivists” to stay out of a potentially very dangerous computer war.
According to Livia Tibirna, an analyst at cyber security firm Sekoia, nearly 260,000 people have joined the “IT Army” of volunteer hackers, which was set up at the initiative of Ukraine’s digital minister Mykhailo Fedorov.
The group, which can be accessed via the encrypted messaging service Telegram, has a list of potential targets in Russia, companies and institutions, for the hackers to target.
It’s difficult to judge the effect the cyber-army is having.

Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
https://thehackernews.com/2022/03/russia-releases-list-of-ips-domains.html
Russia Blocks Access to Facebook Over War
https://www.securityweek.com/russia-blocks-access-facebook-over-war
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine.
The agency, Roskomnadzor, said Friday it decided to cut access to Facebook over its alleged “discrimination” of the Russian media and state information resources. It said the restrictions introduced by Facebook owner Meta on the RT and other state-controlled media violate the Russian law.

Cyberattack Knocks Thousands Offline in Europe
https://www.securityweek.com/cyberattack-knocks-thousands-offline-europe
Thousands of internet users across Europe have been thrown offline after what sources said Friday was a likely cyberattack at the beginning of Russia’s offensive in Ukraine.
According to Orange, “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a “cyber event” on February 24 at Viasat, a US satellite operator of which it is a client.
Eutelsat, the parent company of the bigblu satellite internet service, also confirmed to AFP on Friday that around one-third of bigblu’s 40,000 subscribers in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were affected by the outage on Viasat.
In the US, Viasat said on Wednesday that a “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
Viasat gave no further details, saying only that “police and state partners” had been notified and were “assisting” with investigations.
General Michel Friedling, head of France’s Space Command said there had been a cyberattack.

Cybercriminals Seek to Profit From Russia-Ukraine Conflict
https://www.securityweek.com/cybercriminals-seek-profit-russia-ukraine-conflict
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations.
Just over a month ago, soon after the destructive WhisperGate attacks on multiple government, IT, and non-profit organizations in Ukraine, threat actors started to advertise on the dark web access to both breached networks and databases that allegedly contained personally identifiable information (PII).
Amid Russian invasion, Ukraine granted formal role with NATO cyber hub https://therecord.media/amid-russian-invasion-ukraine-granted-formal-role-with-nato-cyber-hub/
Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col.
Jaak Tarien, the institution’s director, said in a statement.

This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
In the days following Russia’s invasion of Ukraine, dozens of hacking groups have taken sides in the conflict, launching attacks on various organizations and government institutions. Cyber Unit Technologies, a Kyiv-based cybersecurity startup, has been particularly outspoken on Tuesday, the company started a campaign to reward hackers for taking down Russian websites and pledged an initial $100, 000 to the program.

High Above Ukraine, Satellites Get Embroiled in the War
https://www.wired.com/story/ukraine-russia-satellites/
While the Russian invasion rages on the ground, companies that operate data-collecting satellites find themselves in an awkward position.
Some researchers are worried that the reliance on satellite imagery has given too much power to the companies that control this technology. “There’s companies like Maxar and Planet that are privately owned and they have the final say on whether or not they want to share the information, ” says Anuradha Damale. The role of private companies in conflicts such as Ukraine means commercial satellites could become targets. In the days before Russia invaded, US space officials warned satellite companies that the conflict could extend into space.

CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations
CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.
Alert: https://www.cisa.gov/uscert/ncas/alerts/aa22-057a

US firms should be wary of destructive malware unleashed on Ukraine, FBI and CISA warn – CNNPolitics
https://www.cnn.com/2022/02/26/politics/ukraine-malware-warning-cybersecurity-fbi-cisa/index.html
EU Activates Cyber Rapid Response Team Amid Ukraine Crisis

https://www.bankinfosecurity.com/eu-activates-cyber-rapid-response-team-amid-ukraine-crisis-a-18584

Amid rapid escalation in the Russia-Ukraine conflict derived from historical grievances and qualms with Ukraine’s plan to join the military alliance NATO, the world’s network defenders remain on high alert. And on Tuesday, the European Union confirmed that it will activate its elite cybersecurity team to assist Ukrainians if Russian cyberattacks occur.

UK alludes to retaliatory cyber-attacks on Russia
https://therecord.media/uk-alludes-to-retaliatory-cyber-attacks-on-russia/
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.

Amazon: Charities, aid orgs in Ukraine attacked with malware
https://www.bleepingcomputer.com/news/security/amazon-charities-aid-orgs-in-ukraine-attacked-with-malware/
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia’s war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.

Ransomware Used as Decoy in Destructive Cyberattacks on Ukraine
https://www.securityweek.com/ransomware-used-decoy-destructive-cyberattacks-ukraine
Destructive ‘HermeticWiper’ Malware Targets Computers in Ukraine

https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine

Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
The new malware, dubbed “HermeticWiper” by the cybersecurity community, is designed to erase infected Windows devices. The name references a digital certificate used to sign a malware sample — the certificate was issued to a Cyprus-based company called Hermetica Digital.
“At this time, we haven’t seen any legitimate files signed with this certificate. It’s possible that the attackers used a shell company or appropriated a defunct company to issue this digital certificate,” explained endpoint security firm SentinelOne, whose researchers have been analyzing the new malware.
The malware has also been analyzed by researchers at ESET and Symantec. Each of the companies has shared indicators of compromise (IoCs) associated with HermeticWiper.
ESET first spotted HermeticWiper on Wednesday afternoon (Ukraine time) and the company said hundreds of computers in Ukraine had been compromised.

HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine https://www.sentinelone.com/labs/hermetic-wiper-ukraine-under-attack/
On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. Our analysis shows a signed driver is being used to deploy a wiper that targets Windows devices, manipulating the MBR resulting in subsequent boot failure. This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack. This sample is actively being used against Ukrainian organizations, and this blog will be updated as more information becomes available. Also:
https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/

HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine https://blog.malwarebytes.com/threat-intelligence/2022/03/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine/
The day before the invasion of Ukraine by Russian forces on February 24, a new data wiper was unleashed against a number of Ukrainian entities. This malware was given the name “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd. This wiper is remarkable for its ability to bypass Windows security features and gain write access to many low-level data-structures on the disk. In addition, the attackers wanted to fragment files on disk and overwrite them to make recovery almost impossible.

In Ukraine, Online Gig Workers Keep Coding Through the War
https://www.wired.com/story/gig-work-in-ukraine/
Freelancers or gig workers who piece together work on online platforms are a hidden engine of the Ukrainian economyand the world’s. They work as software engineers, project managers, IT technicians, graphic designers, editors, and copywriters. And they work for everyone.
Invading Russian forces have plunged freelancers’ home offices into chaos and uncertainty. Vlad, a video editor in southern Ukraine, says he’s grown accustomed to the air alarm signal, and hiding until it has passed. Now there are battles 30 miles from his home. “But as long as there is water, electricity, and internet, I can work, ” he says.
“Because we all need to live for something, eat

Leaving Russia? Experts Say Wipe Your Phone Before You Go
https://www.forbes.com/sites/thomasbrewster/2022/03/04/russians-escaping-putins-repression-urged-to-wipe-their-phones/
Russians fleeing President Vladimir Putin’s regime as it cracks down on anti-war sentimentand rumors of martial law grow louderare being advised to wipe their phones, especially of any traces of support for Ukraine. If they don’t, experts say they may face detention. They’re starting by deleting messages on Signal, Telegram or any app that promises security. For those leaving the country, they’re deleting the apps themselves, and urging others to do the same. Russian media has first-hand accounts of lengthy interrogations at the border, along with phone and laptop searches, though Forbes could not corroborate those claims.

Why ICANN Won’t Revoke Russian Internet Domains
The organization says cutting the country off would have “devastating” effects on the global internet system.
https://www.wired.com/story/why-icann-wont-revoke-russian-internet-domains/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi
Ukraine on Monday asked ICANN to revoke Russian top-level domains such as .ru, .рф, and .su; to “contribute to the revoking for SSL certificates” of those domains; and to shut down DNS root servers in Russia. Fedorov argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
Ukraine’s request to cut Russia off from core parts of the internet has been rejected by the nonprofit group that oversees the Internet’s Domain Name System (DNS). CEO Göran Marby of the Internet Corporation for Assigned Names and Numbers (ICANN) said the group must “maintain neutrality and act in support of the global internet.”
“Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the internet—regardless of the provocations,” Marby wrote in his response to Ukraine Vice Prime Minister Mykhailo Fedorov.
https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf

TikTok Was Designed for War
As Russia’s invasion of Ukraine plays out online, the platform’s design and algorithm prove ideal for the messiness of war—but a nightmare for the truth.
https://www.wired.com/story/ukraine-russia-war-tiktok/#intcid=_wired-bottom-recirc_8e802014-a05f-48c5-89e8-9dad931361ad_text2vec1-reranked-by-vidi

2,195 Comments

  1. Tomi Engdahl says:

    CISA Director: US has lessons to learn about anticipating threats, disruption https://therecord.media/cisa-jen-easterly-black-hat-cyberthreats-resilience

    U.S. residents and businesses need to be better prepared for inevitable disruptions caused by cyberattacks, according to the head of the country’s cybersecurity agency.

    Speaking alongside Ukrainian cybersecurity chief Viktor Zhora at the Black Hat cybersecurity conference, Cybersecurity and Infrastructure Security Agency
    (CISA) Director Jen Easterly said Americans need to mirror Ukraine’s resilience in the face of an onslaught of damaging cyberattacks.

    “We know, given the state of networks today — the connectivity, the interdependence, the vulnerabilities that persist because technology is not secure by design — we are very likely to see attacks that cause great disruption, so [we are] learning from you about the resilience of cyber, operational resilience of cyber,” Easterly said before turning to Zhora.

    Reply
  2. Tomi Engdahl says:

    NSA, Viasat say 2022 hack was two incidents; Russian sanctions resulted from investigation https://therecord.media/viasat-hack-was-two-incidents-and-resulted-in-sanctions

    Officials from the National Security Agency (NSA) and satellite internet provider Viasat provided new details on the headline-grabbing cyberattack on the company at the onset of Russia’s invasion of Ukraine.

    The cyberattack last February left Viasat’s KA-SAT modems inoperable in Ukraine. The attack had several other downstream effects, causing the malfunction of 5,800 Enercon wind turbines in Germany and disruptions to thousands of organizations across Europe.

    According to U.S. and European Union officials, the attack on Viasat was intended to degrade the ability of the Ukrainian government and military to communicate.

    Reply
  3. Tomi Engdahl says:

    NYT: Lähes puoli miljoonaa haavoittunut tai kuollut Ukrainan sodassa – suurin osa kuolleista venäläisiä https://www.is.fi/ulkomaat/art-2000009598881.html

    Reply
  4. Tomi Engdahl says:

    HS: Venäjä pystyy lähetystöstään käsin seuraamaan matka­puhelinten käyttöä ja sijainteja Helsingin ydin­keskustassa https://www.is.fi/kotimaa/art-2000009795975.html

    Asiantuntijat arvioivat, että Venäjä käyttää todennäköisesti Tehtaankadun suurlähetystön katolla olevia antenneja vakoiluun ja viestiliikenteen sieppaamiseen.

    Reply
  5. Tomi Engdahl says:

    Venäjän lähetystön väitettiin pystyvän sala­kuuntelemaan matka­puhelimia Helsingissä – asian­tuntija eri linjoilla https://www.is.fi/kotimaa/art-2000009796766.html

    Reply
  6. Tomi Engdahl says:

    Ukrainian hackers claim to leak emails of Russian parliament deputy chief https://therecord.media/ukrainian-hackers-claim-to-leak-emails-of-russia-duma-deputy

    Ukrainian hackers claim to have broken into the email account of a senior Russian politician and exposed documents that allegedly prove his involvement in money laundering and sanction evasion schemes. A group calling itself Cyber Resistance leaked 11 GB of emails allegedly belonging to Alexander Babakov, a deputy chairman of Russia’s parliament, and made them public on Monday.

    Reply
  7. Tomi Engdahl says:

    Elon Musk kävi ”hienon keskustelun Putinin kanssa” – ja harkitsi sen jälkeen katkaisevansa Ukrainalta netin
    https://www.tivi.fi/uutiset/tv/8ab2453f-403c-4c4d-8dcd-86d9d993b5f9

    Musk on jo pitempään hiertänyt sekä Ukrainaa että Pentagonia, koska hän on estänyt satelliittinettinsä käytön vastahyökkäyksiin Venäjää kohtaan.

    Reply
  8. Tomi Engdahl says:

    Salaperäisestä Venäjää kurittavasta ryhmästä paljastui tietoa https://www.is.fi/digitoday/tietoturva/art-2000009797433.html

    Alun perin vapaaehtoisten muodostama joukko on muuntunut kahteen osaan jaetuksi, tiukasti johdetuksi organisaatioksi.

    VENÄJÄN Ukrainaan kohdistuvan hyökkäyssodan alusta asti verkossa on toiminut monia Venäjän vastaisia ryhmittymiä. Yksi merkittävimmistä on Ukrainan it-armeija (IT Army of Ukraine), joka on kohdistanut venäläisiin organisaatioihin niin palvelunestohyökkäyksiä kuin tietomurtoja.

    Kyseessä on vapaaehtoisten muodostama ryhmittymä, jonka kohteet määritellään julkisella Telegram-kanavalla, ja palvelunestohyökkäyksiin käytettäviä ohjelmistoja jaellaan sen verkkosivuilla.

    Reply
  9. Tomi Engdahl says:

    “Hakkeriryhmän mukaan se on vienyt Tehtransilta 3,5 teratavua dataa ja lukinnut kaikki sen verkot ja järjestelmät, Tehtransin rautatieliikennettä käsitteleviä palvelimia myöten. Julkaisemiensa kuvien perusteella Nebula on ottanut haltuunsa myös Tehtransin kokoushuoneiden kamerat.”

    Venäläinen rautatieyhtiö kuljetti sotatarvikkeita rintamalle – ukrainalaiset hakkerit romuttivat koko yhtiön
    Jori Virtanen24.8.202310:46|päivitetty24.8.202310:46KYBERSOTAHAKKERITUKRAINAN KRIISI
    Hakkeriryhmä Nebula kertoo tuhonneensa venäläisen kuljetusyhtiö Tehtransin järjestelmät
    https://www.tivi.fi/uutiset/tv/c72240d5-dc48-4055-886d-21f38196176d?utm_term=Autofeed&utm_medium=Social&utm_source=Facebook&fbclid=IwAR3FS896h0mxJgHQQAf2P1ba3rNcFIdwTQ3dYbHJZnHQ3h8ZcNM8awWGrYg#Echobox=1692863749

    Reply
  10. Tomi Engdahl says:

    Hackers Attack Russian Railroad Company that Transports Military Goods
    The “Nebula” hacker collective attacked the Russian corporation, TEHTRANS, which had allegedly worked with the Russian military to transport weapons and soldiers.
    https://www.kyivpost.com/post/20862

    Reply
  11. Tomi Engdahl says:

    Kommentti: Putinin Venäjä painostaa nyt Nato-Suomea – näitä karmeita temppuja ja ”ilkeyksiä” voi olla tulossa
    https://www.is.fi/politiikka/art-2000009814576.html

    Venäjän propaganda syytää Suomi-vastaisia viestejään, joiden typeryydelle on helppo naureskella. Venäjä on kuitenkin valmistautunut Suomen kampittamiseen jo vuosia, kirjoittaa pääkirjoitustoimittaja Timo Paunonen.

    Reply
  12. Tomi Engdahl says:

    Two Men Arrested Following Poland Railway Hacking
    https://www.securityweek.com/two-men-arrested-following-poland-railway-hacking/

    Polish police have arrested two men suspected of illegally hacking into the national railway’s communications network, causing disruption to 20 trains.

    Polish police on Sunday arrested two men suspected of illegally hacking into the national railway’s communications network, which destabilized traffic in some areas of the country this weekend.

    “The two men arrested are Polish citizens,” said Tomasz Krupa, a police spokesman in the eastern city of Bialystok where the arrest occurred.

    Police also seized radio equipment from the apartment where the men, who are 24 and 29 years of age, were detained.

    On Friday night, the radio communication network of the Polish PKP railway was hacked near the northwestern city of Szczecin leading to the issuing of several stop signals which brought to a standstill or delayed some 20 trains.

    Traffic resumed a few hours later, according to PKP.

    Media reports said the signals were interspersed with renditions of the Russian national anthem and a recording of a speech by Russian President Vladimir Putin.

    Poland, a loyal ally of Ukraine, plays a key role in the transit of Western arms into the country.

    The country’s internal security agency said Saturday it was investigating the incident.

    “We know that for some months there have been attempts to destabilise the Polish state. Such attempts have been undertaken by the Russian Federation in conjunction with Belarus,” deputy coordinator of special services Stanislaw Zaryn told the PAP news agency.

    The attack “did not pose risks to passengers’ health or lives”, he added.

    During the week Polish railways saw several accidents, including two derailments, in which nobody was hurt.

    Reply
  13. Tomi Engdahl says:

    Swedish man charged with passing hi-tech equipment to Russia
    Russian-born man in his 60s suspected of transferring Swedish and US technology with potential military use
    Miranda Bryant Nordic correspondent
    Mon 28 Aug 2023 17.59 BST
    https://amp.theguardian.com/world/2023/aug/28/swedish-man-charged-with-passing-hi-tech-equipment-to-russia

    A man in his 60s whose arrest in a residential area near Stockholm last year prompted shock has been charged with gross illegal intelligence activities against Sweden and gross illegal intelligence activities against a foreign power.

    According to the indictment, the suspect’s business activities were intended to provide Russia with sought-after sensitive technology to increase Russia’s military capability.

    The man, who has always denied wrongdoing, is suspected of having transferred technology and equipment to Russia through his business activities and is also suspected of procuring technology from the US which he then passed on to Russia via Sweden.

    Daniel Stenling, head of counterintelligence at Sweden’s security police, said: “It is about suspected serious crime, which could mean a serious security threat to Sweden and other states, where Swedish technology is used, among other things, in Russia’s war against Ukraine.

    “Sweden must not be a platform for a foreign power to conduct illegal intelligence activities. The security police act forcefully against security threats that target Sweden’s security.”

    In recent years, the threat against Sweden from illegal intelligence activities and foreign powers has intensified.

    Stenling added: “The Russian intelligence services have a great interest in procuring Swedish hi-tech products. They also use Sweden as a transit country for the acquisition of high technology from other western countries.

    Reply
  14. Tomi Engdahl says:

    GRU hackers attack Ukrainian military with new Android malware https://www.bleepingcomputer.com/news/security/gru-hackers-attack-ukrainian-military-with-new-android-malware/

    Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, more commonly known as the GRU, have been targeting Android devices in Ukraine with a new malicious framework named ‘Infamous Chisel.

    Reports today from the UK National Cyber Security Center (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) dive deeper into the technical details of Infamous Chisel, showing its capabilities and sharing information that can help defend against it.

    Reply
  15. Tomi Engdahl says:

    Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices
    https://www.securityweek.com/five-eyes-report-new-russian-malware-targeting-ukrainian-military-android-devices/

    Five Eyes report details ‘Infamous Chisel’ malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices.

    Five Eyes agencies have issued a joint report on the malware used recently by Russian state-sponsored hackers to target Android devices belonging to the Ukrainian military.

    The new malware, named Infamous Chisel, is actually a collection of components designed to provide persistent backdoor access to compromised Android devices over the Tor network, and enable the attackers to collect and exfiltrate data.

    The campaign has been linked to the threat actor known as Sandstorm, which was previously connected to Russia’s GRU foreign military intelligence agency.

    According to the agencies, the Infamous Chisel malware is designed to periodically scan infected Android devices for information and files that could be of interest to the attackers.

    https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/infamous-chisel/NCSC-MAR-Infamous-Chisel.pdf

    Reply
  16. Tomi Engdahl says:

    Ukraina teki oman pitkän kantaman aseen – ulottuu Moskovaan saakka
    PENTTI PERTTULA
    JULKAISTU 02.09.2023 | 08:40
    PÄIVITETTY 01.09.2023 | 16:13
    Neptune-meritorjuntaohjuksesta kehitettiin risteilyohjus.
    https://www.verkkouutiset.fi/a/ukraina-teki-oman-pitkan-kantaman-aseen-ulottuu-moskovaan-saakka/?fbclid=IwAR0A5f8julAUqyzuQX5zcSpP69ba4kr2MRf42xphkkpQhheVe–5Ml83vb4#2fda1e22

    Koska länsi ei ole antanut Ukrainan käyttää toimittamiaan kaukovaikutteisia aseita Venäjällä sijaitseviin maaleihin, Ukraina on päättänyt luoda omat asejärjestelmänsä. Ukrainan kansallisen turvallisuus- ja puolustusneuvoston johtaja Oleksiy Danilov myönsi 26. elokuuta Clash Reportin mukaan, että kolme päivää aiemmin Krimin niemimaalla Venäjän S-400-ilmatorjuntaohjuslavetti oli tuhottu uudella ukrainalaisella risteilyohjuksella.

    Jo huhtikuussa monet puolustusalan aikakauslehdet raportoivat Ukrainan kehittävän omia ohjuskykyjään. R-360 Neptune -meritorjuntaohjuksen, jolla viime vuonna upotettiin Venäjän ohjusristeilijä Moskva, havaittiin jo kolme vuotta sitten olevan sopiva muokattavaksi kaukovaikutteiseksi risteilyohjukseksi. S-400 saattoi olla sen ensimmäinen uhri – tai ainakin ensimmäinen, jonka Ukraina myöntää.

    Reply
  17. Tomi Engdahl says:

    Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

    Five Eyes report details ‘Infamous Chisel’ malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices.

    https://www.securityweek.com/five-eyes-report-new-russian-malware-targeting-ukrainian-military-android-devices/

    Reply
  18. Tomi Engdahl says:

    James Clayton / BBC:
    EU study: social media companies have failed to stop pro-Russian disinformation since 2022 and the “reach and influence of Kremlin-backed accounts” grew in 2023 — Social media companies have failed to stop “large-scale” Russian disinformation campaigns since the invasion of Ukraine, the EU has said.

    Tech firms fail to tackle Russian propaganda – EU
    https://www.bbc.com/news/technology-66693156

    Reply
  19. Tomi Engdahl says:

    Venäjän propaganda levittää hurjia väitteitä ”Suomen maaperältä tehtävästä drone­iskusta” https://www.is.fi/ulkomaat/art-2000009832760.htm

    Nyt kun iskusta on kulunut jo viikon verran, mahdollisten ”vaihtoehtoisten syyllisten” joukkoon on liitetty joissakin artikkeleissa jo Suomikin.

    – Yölliset dronet Pskoviin lähetettiin lentoon Latviasta, Suomesta ja Virosta: Nato-maat iskevät Venäjälle? muotoilivat otsikossaan muun muassa VKpress-sivusto ja Bezformata.

    Reply
  20. Tomi Engdahl says:

    International sponsors of war
    https://sanctions.nazk.gov.ua/en/boycott/

    Kuva: Pepsi vaihtui kokikseen eduskunnassa
    Pepsin tuotteita ei enää myydä eduskunnan tiloissa.
    https://www.iltalehti.fi/politiikka/a/c1d222ad-80a3-4932-8b49-1be4aac57933

    Pepsin tuotteita ei enää myydä eduskunnan tiloissa. Päätös liittyy Ukrainan ylläpitämään boikottilistaan, jossa on Venäjän sotatalouteen kytköksissä olevia yrityksiä.

    Reply
  21. Tomi Engdahl says:

    Ukrainalaiset raivostuivat YK:lle – komitea ei ole todennut Venäjän toimintaa kansan­murhaksi https://www.is.fi/ulkomaat/art-2000009832674.html

    Reply
  22. Tomi Engdahl says:

    Yle: Ukraina syyttää Hartwallia Venäjän hyökkäys­sodan tukemisesta – ”veripepsi” kuohuttaa Suomessa https://www.is.fi/taloussanomat/art-2000009833934.html

    Reply
  23. Tomi Engdahl says:

    Ukraina: Hartwall tukee Venäjän hyökkäyssotaa, koska valmistaa Pepsiä
    Ukrainalaisvirasto lisäsi Pepsicon ”sotasponsorilistalleen” ja kehottaa Pepsin suomalaista valmistajaa lopettamaan yhteistyön virvoitusjuomajätin kanssa.

    https://yle.fi/a/74-20048578

    Reply
  24. Tomi Engdahl says:

    What’s in a NoName? Researchers see a lone-wolf DDoS group https://therecord.media/noname-hacking-group-targets-ukraine-and-allies

    Every morning at roughly the same time, a Russian hacker group known as
    NoName057(16) carries out distributed denial-of-service (DDoS) attacks on European financial institutions, government websites or transportation services.

    Last week, the group claimed responsibility for disrupting the websites of several banks and financial institutions in the Czech Republic and Poland, which it considers hostile to the Russian state because of its support to Ukraine.

    Like other pro-Kremlin hacktivist gangs, including Killnet or the Cyber Army of Russia, NoName057(16) orchestrates relatively simple and short-lived DDoS incidents with the help of hundreds of volunteers. The goal is to disrupt daily life, even for a few minutes.

    But there are some things that set this group apart, researchers say.

    Reply
  25. Tomi Engdahl says:

    Näin Venäjä voi yllättää talvella – Asiantuntija: ”Mitään rajojahan Venäjällä ei ole”
    https://www.iltalehti.fi/ulkomaat/a/f7d29143-8594-4e2a-ad52-437b214f0bb1

    Viime talvena Venäjän tehokkaimpiin aseisiin kuului energia sekä Ukrainassa että lännessä. Iltalehti kysyi asiantuntijoilta, millaisiin yllätyselementteihin Venäjä saattaa tukeutua tulevana talvena.

    Paineen alla ovat etenkin Ukrainan padot ja rautatiet, sekä sitä kautta koko maan huoltovarmuus.
    Venäjältä voidaan odottaa myös enemmän suoria iskuja Kiovan hallintoa vastaan.
    Suomea voidaan painostaa laivaliikenteen avulla. Itämeren uhkakuviin on vaikea varautua.

    Reply
  26. Tomi Engdahl says:

    Ukraine says an energy facility disrupted a Fancy Bear intrusion https://therecord.media/ukraine-energy-facility-cyberattack-fancy-bear-email

    An infamous Russian cyberespionage group was caught attacking a critical energy facility in Ukraine, a government agency said on Tuesday.

    A cybersecurity expert working for the targeted organization thwarted the attack, according to the report from Ukraine’s computer emergency response team (CERT-UA). The agency attributed the incident to Kremlin-controlled hackers known as Fancy Bear or APT28.

    CERT-UA said the group targeted an unspecified energy facility in Ukraine, using phishing emails to gain initial access to the targeted systems. Fancy Bear is believed to be associated with the Russian military intelligence agency GRU, and its history includes the attack on the U.S. Democratic National Committee during the 2016 elections.

    Reply
  27. Tomi Engdahl says:

    Niinistö: Euroopassa vallitsee ”kauhun balanssi” – presidentiltä synkkä arvio Ukrainan sodan jatkosta
    https://www.is.fi/politiikka/art-2000009838210.html

    Presidentti Sauli Niinistö puhui torstaina politiikan toimittajille.

    ROMANIAAN maanantaina osuneet venäläisten miehittämättömät lennokit tai niiden osat kertovat siitä, että Euroopassa vallitsee ”kauhun balanssi” Ukrainan sodan takia, arvioi presidentti Sauli Niinistö torstaina puhuessaan politiikan toimittajille.

    – Kaikki muistamme Puolaan päätyneen ohjuksen, joka samalla tavalla havahdutti. Mutta kovin herkällä ollaan siis. Pienetkin asiat voivat muuttaa asioita paljon ja valitettavasti pahempaan suuntaan.

    Viime marraskuussa Puolaan osui ohjus tappaen kaksi ihmistä. Yhdysvaltojen mukaan kyseessä oli Ukrainan oma ilmatorjuntaohjus.

    Maanantaina Ukraina kertoi Venäjän lennokkien osuneen Romanian maaperälle ja räjähtäneen.

    Romania kiisti ensin väitteet. Tiistaina Romanian presidentti Klaus Johannis kertoi puolustusministerinsä kertoneen iskuista, jotka olivat osuneet lähelle Romanian rajaa.

    Romanian puolustusministeri Angel Tîlvăr sanoi keskiviikkona, että venäläislennokin osia saattoi pudota Romanian puolelle maanantaina.

    Niinistön mukaan mikään ei viittaa siihen, että sota Ukrainassa olisi loppumassa.

    – Tällä hetkellä ei ole ratkaisua näköpiirissä.

    Reply
  28. Tomi Engdahl says:

    Putin laukoi Ukrainasta niin paksua tekstiä, että Google kieltäytyi kääntämästä sitä
    Putinin sensuroimaton puhe oli Googlen tekoälyn ”moraalifiltterille” liikaa.
    https://www.is.fi/digitoday/art-2000009836382.html

    Venäjän johtaja Vladimir Putin kommentoi Ukrainaa ja Ukrainan presidenttiä Volodomyr Zelenskyitä hyvin suorasanaisesti Venäjän voitonpäivän järjestelykomitean kokouksessa 5. päivänä syyskuuta.

    Itse kokouksessa Putin syytti ukrainalaisia juutalaisten kansanmurhasta.

    Putinin kommentit olivat sisällöltään niin paksuja, että niiden kääntäminen oli liikaa jopa Googlen Bard-tekoälylle, huomasi Meduzan toimituspäällikkö Kevin Rothrock.

    IS Digitoday toisti Rothrockin havainnon. Haku- ja käännöskoneena toimiva Googlen keskusteleva Bard-tekoäly kieltäytyi kääntämästä Putinin kommenttia suomeksi sen sisältöön vedoten.

    ChatGPT:hen perustuva Microsoftin Bing-tekoäly käänsi tekstin ilman vastalauseita. Keskustelevat tekoälyt eroavat toisistaan siinä, miten tiukat ”moraalifiltterit” niillä on.

    Reply
  29. Tomi Engdahl says:

    Nyt kysyttiin heiltä, jotka vaihtoivat jo länsiautonsa kiinalaisiin – surkeaa korityötä, jäätä ja huurretta
    Kiina on käytännössä jo vallannut Venäjän uusien autojen markkinat. Mutta minkälaisin tuottein?
    https://www.is.fi/autot/art-2000009837908.html

    Reply
  30. Tomi Engdahl says:

    Yhdysvaltain sotilaallista läsnäoloa tulee Suomeen
    IL:n tietojen mukaan Yhdysvaltain ilmavoimat alkaa käyttää Lapin lennoston infrastruktuuria eli Rovaniemen lentokenttää.
    https://www.iltalehti.fi/politiikka/a/c5302dc1-662b-4531-ad0d-13806ebc289a

    Suomen ja Yhdysvaltain neuvottelut kahdenvälisestä puolustusyhteistyösopimuksesta (engl. DCA) ovat pitkällä.

    Tasavallan presidentti Sauli Niinistö vahvisti torstaina Politiikan toimittajien yhdistyksen tilaisuudessa, että Suomen maaperälle tulee Yhdysvaltain sotilaallista läsnäoloa.

    Reply
  31. Tomi Engdahl says:

    Traficomin palvelunestohyökkäyksen takana voi olla venäläinen hakkeriryhmä –
    Kyberturvallisuuskeskus: kohteena useita eurooppalaisia tahoja
    https://yle.fi/a/74-20049061

    Liikenne- ja viestintävirasto Traficomin verkkosivut ovat tänään olleet palvelunestohyökkäyksen kohteena. Venäläinen hakkeriryhmä NoName 057(16) on ilmoittanut olevansa Traficomin kyberturvallisuuskeskuksen verkkosivuihin kohdistuneen hyökkäyksen takana.

    Traficomin Kyberturvallisuuskeskus kertoo tietävänsä venäläisten hakkereiden lausunnoista.

    – Hakkeriryhmä ilmoitti tänään Telegram-kanavallaan hyökänneensä useita eurooppalaisia viranomaistahoja kohtaan. Liikenne- ja viestintävirasto Traficomin Kyberturvallisuuskeskus oli yksi ilmoitetuista kohteista, kertoo Ylelle Kyberturvallisuuskeskuksen johtava asiantuntija Juhani Eronen.

    Reply
  32. Tomi Engdahl says:

    New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware https://securityintelligence.com/x-force/new-hive0117-phishing-campaign-imitates-conscription-summons-deliver-darkwatchman-malware/

    IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads.

    Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as the emails reference then-recent amendments regarding conscription. Under the new ordinance, the state will bar individuals who fail to report for service from applying for loans, conducting real estate transactions, engaging in international travel, and suspend their driver’s license.

    Reply
  33. Tomi Engdahl says:

    CNN: Elon Musk vesitti Ukrainan vastahyökkäyksen
    Uuden elämäkerran mukaan Elon Musk pelkäsi ydinsodan mahdollisuutta, jos Ukraina iskisi Venäjän laivastoa vastaan Krimillä Starlinkin avulla.
    https://www.iltalehti.fi/ulkomaat/a/f07c9cca-1fb9-48d3-9883-31339534dc95

    Miljardööri Elon Musk antoi salaa käskyn sammuttaa Starlink-satelliittijärjestelmän yhteydet lähellä Krimiä häiritäkseen Ukrainan iskua Venäjän sotilasaluksia vastaan. Näin väittää toimittaja ja kirjailija Walter Isaacson uudessa pian ilmestyvässä Elon Musk -elämäkerrassa.

    Asiasta uutisoi CNN.

    Kun räjähteillä varustetut ukrainalaiset vedenalaiset droonit lähestyivät Venäjän laivastoa, ne ”menettivät yhteyden ja huuhtoutuivat rantaan harmittomasti”, Isaacson kirjoittaa teoksessaan. Isaacsonin mukaan Muskin päätös katkaista yhteydet johtui pelosta, että Venäjä vastaisi drooni-iskuun ydinasein.

    Muskin SpaceX-yritys tarjosi Starlink-järjestelmää Ukrainan käyttöön pian Venäjän täysimittaisen hyökkäyksen alettua helmikuussa 2022.

    Starlink on ollut Ukrainalle yksi sen tärkeimmistä aseista, sillä sen satelliittiyhteyksien kautta Ukrainan joukot ovat saaneet pidettyä itsensä internetissä. Viestiyhteyksien ylläpitämisen lisäksi Ukraina on Starlinkin avulla saanut kerättyä reaaliaikaista dataa Venäjän joukkojen liikkeistä ja sijainneista.

    Kun Ukraina alkoi käyttää Starlinkiä vastahyökkäyksissään, Musk alkoi epäröidä.

    – Kuinka minä olen mukana sodassa? Starlinkin ei ollut tarkoitus sekaantua sotiin. Se oli sitä varten, että ihmiset voivat katsoa Netflixiä, rentoutua, tehdä koulutehtäviä verkossa ja tehdä hyviä, rauhanomaisia asioita. Ei drooni-iskuja varten, Musk pohtii Isaacsonin mukaan.

    Ukrainan varapääministeri Myhailo Fedorov pyysi tekstiviestitse Muskia palauttamaan yhteydet. Musk vastasi, että hän oli vaikuttunut Ukrainan vedenalaisista drooneista, mutta hän ei kytkisi yhteyksiä takaisin Krimillä, koska Ukraina ”menee nyt liian pitkälle”, Isaacson kertoo.

    Lokakuussa 2022 Musk sanoi, että Starlinkiä ei pystyttäisi enää ylläpitämään Ukrainassa korkeiden kustannusten takia. Hän pyysi Pentagonilta rahoitusta Starlinkin ylläpitokuluja varten.

    Musk sai osakseen kritiikkiä lausuntonsa jälkeen, ja pian hän pyörsi päätöksensä ja ilmoitti, että Starlink pysyy käytössä Pentagonin tuesta riippumatta.

    – Helvetti sentään…vaikka Starlink edelleen menettää rahaa ja muut yritykset saavat miljardeja dollareita veronmaksajilta, jatkamme Ukrainan hallituksen rahoittamista ilmaiseksi, Musk twiittasi tuolloin.

    – Pentagon oli valmis kirjaimellisesti ojentamaan minulle 145 miljoonan dollarin sekin. Sitten Elon antoi periksi Twitterin paskanjauhannalle ja Pentagonin vihaajille, jotka vuotivat uutisen, Shotwell sanoo Isaacsonin mukaan.

    Reply
  34. Tomi Engdahl says:

    CNN Exclusive: ‘How am I in this war?’: New Musk biography offers fresh details about the billionaire’s Ukraine dilemma
    https://edition.cnn.com/2023/09/07/politics/elon-musk-biography-walter-isaacson-ukraine-starlink/index.html

    Reply
  35. Tomi Engdahl says:

    ”Venäjä testaa Natoa luomalla riskitilanteita” – Romanian rajalle putosi lennokki, mutta Kristi Raikin mukaan pelolle ei pidä antaa valtaa
    Nato haluaa välttää eskalaation riskiä, sanoo Viron ulkopoliittisen instituutin johtaja Kristi Raik Ylelle. Hän ei usko ydinaseriskin yht’äkkiä kasvaneen.
    https://yle.fi/a/74-20049026?fbclid=IwAR0hNjPPK4Af6DdaFgzt0VXLrWl4xzLa5a2fYT6VklkjQcnWa9XyDmEsoNA

    Reply
  36. Tomi Engdahl says:

    Niinistön varoitukset ydinsodan vaarasta todennäköisesti kuitataan “radiohiljaisuudella”, vaikka vinha perä niissä on. Sodilla on taipumus laajeta, niiden tapahtunakulut ovat kaoottisia tiettyjen konfliktipisteiden murtumisen jälkeen jälkeen.

    The biography, due out on Tuesday, alleges Musk ordered Starlink engineers to turn off service in the area of the attack because of his concern that Vladimir Putin would respond with nuclear weapons to a Ukrainian attack on Russian-occupied Crimea. He is reported to have said that Ukraine was “going too far” in threatening to inflict a “strategic defeat” on the Kremlin.

    Elon Musk ordered Starlink to be turned off during Ukraine offensive, book says
    Biography alleges Musk told engineers to turn off communications network to hobble Ukraine drone attack on Russian warships
    https://www.theguardian.com/technology/2023/sep/07/elon-musk-ordered-starlink-turned-off-ukraine-offensive-biography?CMP=share_btn_fb&fbclid=IwAR1Bje4HbWMPLm3VN97aUlBBlnMopDvL6x5pTVVfedVzvKD5rqCsGAjBFHg

    https://twitter.com/nexta_tv/status/1699779179519349036?t=Uz20y_Fjk3X77rlx5vqKZA&s=19&fbclid=IwAR213zFCCeM6jUPGJkC5GoMrH2vllLBEmEmkJwpBYkfxYkeDJU_RknNPheE

    Reply
  37. Tomi Engdahl says:

    CNN: Elon Musk vesitti Ukrainan drone-iskun Venäjän laivastoa vastaan viime vuonna – taustalla venäläisviranomaisten kanssa käydyt keskustelut
    https://www.ksml.fi/uutissuomalainen/6196350?fbclid=IwAR0V6ZgUXu_w9NGHPuMfY6QfpZ5pY_JgUBZb__iwCBBXFDW9L6TMqVR4aN0

    Miljardööri Elon Musk määräsi työntekijöitään salaa sulkemaan Starlink-satelliittiviestintäverkon Krimin niemimaan rannikon lähistöllä estääkseen Ukrainan yllätysiskun Venäjän laivastoa vastaan viime vuonna.

    Asiasta uutisoi amerikkalaiskanava CNN Muskista kirjoitettuun elämänkertateokseen perustuen.

    CNN Exclusive: ‘How am I in this war?’: New Musk biography offers fresh details about the billionaire’s Ukraine dilemma
    https://edition.cnn.com/2023/09/07/politics/elon-musk-biography-walter-isaacson-ukraine-starlink/index.html

    Reply
  38. Tomi Engdahl says:

    U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members https://thehackernews.com/2023/09/uk-and-us-sanction-11-russia-based.html

    The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang.

    “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said, adding it has “ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including hospitals.”

    The targets of the sanctions are administrators, managers, developers, and coders who are believed to have provided material assistance in its operations.

    Reply
  39. Tomi Engdahl says:

    Venäjällä on pulaa poltto- ja voiteluaineista – ministerin mukaan tilanne on jo katastrofitasoa, raportoi Tass
    https://www.is.fi/autot/art-2000009841697.html

    Tilanne on kysymyksiä herättävä, sillä Venäjä kuuluu maailman suurimpiin öljytuottajiin.

    Venäjän maatalousministeriö pelkää nyt jopa syystöiden katkeamista yhä vain pahentuneen polttoaine- ja voiteluainepulan vuoksi, kertoo uutistoimisto Tass.

    Pula on tiettävästi seurausta useita Venäjän öljynjalostamoita vaivaavista tuotanto-ongelmista sekä maan rautatieverkon osin hyvinkin heikosta tilasta.

    Tilannetta on pahentanut myös heikentynyt rupla, jonka vuoksi venäläiset öljy-yhtiöt ovat vieneet ulkomaille niin paljon polttoaineita, ettei myytävää ole juuri tahtonut riittää kotimarkkinoille.

    Käytännössä kyse on pitkälti myös samoista öljytuotteista, joita kuluu myös Ukrainan rintamalla valtavia määriä.

    Maatalousministeriöstä ehdotetaan nyt jopa öljytuotteiden viennin keskeyttämistä, kunnes tilanne tasaantuu.

    – Viikko sitten puhuimme siitä, että tarvitsemme polttoainetta ja voiteluaineita halvemmalla koska hinta on noussut huimasti, mutta nyt puhumme jostain aivan muusta. Koska meillä on ongelma saatavuuden kanssa. Nyt lopetamme sadonkorjuun, emmekä pudota talvisatoja. Tämä on katastrofi, sanoo Venäjän federaation maatalousministeri Dmitri Patrusev.

    https://tass.ru/ekonomika/18668727

    Reply
  40. Tomi Engdahl says:

    How Cyberattacks Are Transforming Warfare https://thehackernews.com/2023/09/how-cyberattacks-are-transforming.html

    There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole.

    >From the 2009 South Korea DDoS attacks to the 2010 attacks on Burma and
    >the
    2016 US election interference attacks on the Democratic National Committee, the list of historical cyberwarfare incidents continues to expand. The main players? Nation-state-supported cybercriminal groups and organizations linked to Russia, North Korea, China, and several countries in the Middle East. This report dives into three top cyberwarfare trends in an effort to understand their impact.

    Reply
  41. Tomi Engdahl says:

    Exiled Russian journalist had phone hacked with Pegasus spyware https://therecord.media/meduza-ceo-hacked-pegasus-spyware-russian-journalist

    The phone of a prominent Russian journalist and critic of the Kremlin was infected with Pegasus spyware, according to new research.

    The notorious spying software developed by the Israeli company NSO Group was reportedly installed on the iPhone of Galina Timchenko, owner of the Russian independent media outlet Meduza, while she was in Berlin for a private conference with other Russian independent journalists living in exile. It is the first documented case of a Pegasus infection targeting a Russian citizen, according to Access Now, one of the nonprofits that investigated the hack.

    The attack took place in February, two weeks after the Russian government outlawed Meduza for its critical coverage of Vladimir Putin’s regime and the war in Ukraine, the researchers said.

    Reply
  42. Tomi Engdahl says:

    Threat Group Assessment: Turla (aka Pensive Ursa)
    https://unit42.paloaltonetworks.com/turla-pensive-ursa-threat-assessment/

    Turla (aka Pensive Ursa, Uroburos, Snake) is a Russian-based threat group operating since at least 2004, which is linked to the Russian Federal Security Service (FSB). In this article, we will cover the top 10 most recently active types of malware in Pensive Ursa’s arsenal: Capibar, Kazuar, Snake, Kopiluwak, QUIETCANARY/Tunnus, Crutch, ComRAT, Carbon, HyperStack and TinyTurla.

    Reply
  43. Tomi Engdahl says:

    More Russian journalists investigating possible spyware infections https://therecord.media/more-russians-investigating-spyware

    More Russian journalists have come forward this week expressing concern that they too may have been targeted with spyware, following the news that the prominent media figure Galina Timchenko was hacked with Pegasus.

    Apple notified two of the journalists — Maria Epifanova, the CEO of Novaya Gazeta Europe, and Evgeniy Pavlov, a correspondent for Novaya Gazeta Baltia — in August. The third, Evgeny Erlich, a journalist-in-exile at the Russian-language outlet Current Time, did not say when he was notified.

    Reply
  44. Tomi Engdahl says:

    German spy chief warns of cyberattacks targeting liquefied natural gas terminals https://therecord.media/german-intelligence-warning-lng-terminals-cyberattacks

    Bruno Kahl, the head of Germany’s foreign intelligence service, warned that liquefied natural gas (LNG) terminals in the country could be targeted by state-sponsored hackers.

    As a result of the Russian invasion of Ukraine last year — believed to have cut Germany’s GDP by about 2.5% due to its dependence on gas pipelined from Russia — the country chartered three new LNG terminals, with plans for additional facilities in the future.

    But these “new LNG landing facilities should be considered possible targets”
    for future cyberattacks, warned the spy chief at the Baden-Württemberg Cybersecurity Forum on Friday.

    Reply
  45. Tomi Engdahl says:

    Venäjä-mielinen hakkeri­ryhmä väittää tehneensä verkko­hyökkäyksiä ”suomalaista kuljetus­alaa” vastaan https://www.hs.fi/talous/art-2000009863515.html

    VENÄJÄ-MIELINEN hakkeriryhmä Noname 057(16) väittää Telegram-sivullaan hyökänneensä ”suomalaista kuljetusalaa” vastaan palvelunesto­hyökkäyksillä.

    Ryhmän Telegram-viestin mukaan taustalla on Suomen päätös kieltää Venäjällä rekisteröityjen henkilöautojen maahantulo ”solidaarisuuden osoituksena Baltian maita kohtaan”.

    Hakkeriryhmä väitti Telegramissa ”vierailleensa” liikenne- ja viestintävirasto Traficomin, Väyläviraston, Expressbusin sekä Saimaan Saaristo- ja Veneilypalvelut oy:n verkkosivuilla.

    Myös https://www.is.fi/digitoday/tietoturva/art-2000009862919.html

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*