U.S. Posts Traces of Ukraine Hacks As Part of Cyber Alliance Against Russia https://www.newsweek.com/us-posts-traces-ukraine-hacks-part-cyber-alliance-against-russia-1726429
Team OneFist Destroys Natural Gas System At Russian Oil Hub, Knocks Power Plant And Airport Offline https://www.ibtimes.com/team-onefis...ub-knocks-power-plant-airport-offline-3604641 Team Onefist hits Russia with another devastating SCADA attack The attack targeted the Khanty-Mansiysk city in the country's oil hub The attack comes on the heels of the one on a paper mill in Kupros Team OneFist, the internationathat l group of volunteer hackers which has repeatedly hit Russian infrastructure in an effort to hobble its war effort in Ukraine, has struck again. This time, its SCADA attack has left an important Russian oil hub dark and cold. An attack on supervisory control and data acquisition systems or SCADA, used to monitor and and quickly analyze real-time data, can disrupt industrial systems and power grids. It is also considered a very complex form of cyber attack. Team OneFist had carried out a similar attack earlier, operation Paper Mill, which it said added to the paper shortage in Russia and affected troop logistics. The latest hack targeted the natural gas system of Khanty-Mansiysk city, the administrative center of the Khanty-Mansi Autonomous Region. The attack destroyed the city's natural gas facility, knocked out its power plant and caused a blackout at its airport. Voltage, the founder of Team OneFist, said that the attack was a "priority mission" that forced the group to drop all their other attacks to shift their focus to a "very valuable target." As the world's second biggest oil producing region (before western sanctions hit Russian oil) Khanty Mansi was the center of the old Soviet oil industry. The Khanty Mansi Autonomous Okrug region still is home to about 70% of Russia's developed oil fields, roughly 450 in total. This includes Samotlor, the largest oil field in Russia and the sixth largest in the world. It is also the home of Russia's major oil players including Lukoil, Rosneft and Gazprom-Neft. The city also hosts the annual Biathlon World Cup competitions, a winter sport consisting of rifle shooting and cross-country skiing. It hosted the 2010 Chess Olympiads. In an exclusive interview to International Business Times, Voltage said the group moved swiftly into the attack, after a "quick study of the city," as soon as they forced their way into the natural gas SCADA system. They quickly realized that the city is a strategic target and an attack would hit at the core of the Russian oil industry itself -- the main source of funds for the Russian war effort in Ukraine. But it took Team OneFist weeks to "understand and interpret the SCADA system," considering its size and the hospital and civilian sites that could also be impacted by an attack. Voltage admitted that despite their research, they were not able to "see the backup system at the airport until the attack began," adding that they had to improvise on the fly. The cyber attack was like watching a thriller unfold before one's eyes in real time. It lasted four hours, of which three hours were spent fighting against a counter-attack by a Russian operative that Team OneFist members named "Vlad." Voltage boasted: "Vlad tried to save the system from the airport" but the team found him and destroyed his backup system, leaving him with nothing." The Team OneFist founder admitted that the Russian operative "was good," but his luck ran out when Voltage's team "deleted the database." The SCADA system of Khanty-Mansiysk city's natural gas network along with its backup system at the airport was completely destroyed in the attack. Team OneFist did a recee of the system again to see how successful the Russians have been in restoring it, but "18 hours later the systems are still down." Voltage said this shows the city "had no other backups and will have to rebuild from scratch." Voltage, however, clarified that Team OneFist scrupulously observes the rules of war and had taken steps to avoid potential damage to hospitals and civilians. The latest hack was launched by Team OneFist's new Ukrainian team members and Voltage as a "joint training-mission" to give the new members "a feel of what a SCADA attack is like."
One mindset is that this was bound to occur after all the weapons and associated documentation being sent to the Ukraine --- some of the information was going to land up on the underground dark web being peddled for profit by unscrupulous individuals trying to make a profit. However this particular situation involves a direct hack of an individual manufacturer selling data about an operation over the Baltic in 2020. The interesting point is that the documents are being peddled for profit on the dark web rather than simply being part of an organized effort by national intelligence agencies. NATO investigates online sale of classified military data, including blueprints of weapons being used in Ukraine https://fortune.com/2022/08/26/nato...-blueprints-of-weapons-being-used-in-ukraine/ NATO is probing the sale of documents online that are being advertised by hackers as classified military files. The BBC reports that a criminal group is touting what it claims are top secret files stolen from European weapons manufacturer MBDA Missile Systems. Among the documents for sale are blueprints of weapons being used by NATO allies in the war in Ukraine files, labeled “NATO Confidential,” “NATO Restricted” and “Unclassified Controlled Information”, according to the BBC, which was given access to a sample of the data. A NATO official told Fortune on Friday: “We are assessing claims relating to data allegedly stolen from MBDA.” “We have no indication that any NATO network has been compromised,” they added. “NATO takes all the necessary measures to keep our networks safe.” Missile systems manufacturer MBDA counts NATO as one of its clients. The company has operations across Europe and the United States. The MDBA files being sold reportedly specify details of a “communications intelligence” operation a U.S. air regiment carried out over the Baltics in 2020 – including the full name, phone number and coordinates of someone said to have been at the center of the mission. Hackers also gave BBC reporters access to additional documents labeled “NATO Secret.” NATO has four security classification levels: NATO Restricted, NATO Confidential, NATO Secret and Cosmic Top Secret. Cosmic Top Secret is the highest security clearance level given to documents by the military alliance. Dispute over data contents MBDA has not disputed being targeted by hackers. However, the company has insisted since the data breach several weeks ago that the stolen information is “neither classified data nor sensitive,” refuting the hackers’ claims about what they are selling. “No hacking of our secure networks has occurred,” a spokesperson for the company told Fortune on Friday. “MBDA can confirm that there is no protectively marked data from MBDA involved.” The data was stolen from an external hard drive, the company said, as opposed to its more sensitive information systems. “Following the company’s refusal to yield to this blackmail threat and pay a ransom demand, the criminal group has spread information on the internet, making it accessible for a payment,” MBDA said in a statement four weeks ago. “The company will take all possible legal actions in the face of what is a criminal act of blackmail.” It said it was complying with Italian authorities, who were investigating the data breach.
Hey, anyone need a cab? Putin humiliated AGAIN by Anonymous as cyber guerrillas unleash more chaos in Moscow VLADIMIR Putin was once again humiliated by activist hackers from the Anonymous group. https://www.express.co.uk/news/worl...ers-target-moscow-taxis-russia-ukraine-update
Ukrainian IT Army Hacks Russia's Wagner Mercenary Site; Gathers 'All Personal Data Of Mercenaries' https://www.ibtimes.com/ukrainian-i...gathers-all-personal-data-mercenaries-3614551
No wonder Russian government computer systems are so easy to hack, they are still using Windows XP on the desktops. Putin’s computer still runs Windows XP and ‘hasn’t been updated in 5 years’ Russia is often accused of cyber espionage by the international community – but perhaps the country isn’t as technically advanced as we thought. https://metro.co.uk/2019/12/23/putins-computer-still-runs-windows-xp-hasnt-updated-5-years-11950915/ Some new pictures have emerged showing President Vladimir Putin working away in his office in the Kremlin. And it’s pretty obvious that the computer on his desk is still running on Windows XP. Yep, the leader of Russia is still relying on an operating system that came out in 2001 and hasn’t been issued an update from Microsoft in five years. The telltale Windows XP blue taskbar and bulbous icons can be seen on Putin’s desktop – clearly visible in the background of pictures published by Russian website Open Media. According to Open Media, Windows XP (which was developed and built in the late 90s) is the last Microsoft system that was approved to be used for official Russian government computers. Putin has previously called the internet a CIA project and Russian spooks are famously jittery about using American software. Russia is planning to move away from the global internet in the coming decades and set up its own national network. The country wants to replace standard software made by the likes of Apple and Microsoft with Russian alternatives. Putin has also signed a law that requires all smartphones, TVs and computers sold in the country to come with pre-installed Russian software. Last year, Russia brought in the Digital Economy National Program which aims to protect the country’s online infrastructure even if other countries were able to cut it off. And Russian site Izvestia has reported that Russian officials want at least 95% of all internet traffic within the country to be routed locally by 2020. It’s basically the Russian version of the Great Firewall of China. Naturally, there are some that aren’t too sure about this plan. According to Reuters, the Russian Union of Industrialists and Entrepreneurs reckons it poses more of a risk to the functioning of the Russian internet segment than alleged threats from foreign countries.
Shortly we get to see how laughable the Russian hacker community is. Russian hackers launch devastating 'USA offline' campaign in 72-hour website blitz A Killnet tweet showing screenshots of the planned action, which is entitled "USA OFFLINE: F**K NATO", lists some of the targets, including state and federal websites https://www.mirror.co.uk/news/world-news/russian-hackers-launch-devastating-usa-28160777
Hackers release 1.2 terabytes of sensitive Russian national security files in blow to Putin and his top notch IT crowd. NRA Releases Full Trove of Data Critical to Russia’s National Security Russian hackers affiliated with the National Republic Army (NRA) have released 1.2 terabytes of sensitive Russian data. This includes information concerning Russia’s key national security infrastructure, blueprints for cyber security strategies and other related data. Kyiv Post was given exclusive access to the trove, which is made public here for the first time. https://www.kyivpost.com/russias-wa...ta-critical-to-russias-national-security.html