We should return the favor. Russia coordinating Ukraine hacks with missiles, could increasingly target European allies, Microsoft warns Microsoft’s report comes after nearly 10 months of brutal war in Ukraine, which has seen Russia hacking Ukrainian satellite systems, energy companies and other critical infrastructure. https://www.politico.com/news/2022/12/03/microsoft-warning-russian-ukraine-cyberattack-00071908 The Russian government is coordinating cyberattacks on Ukrainian critical infrastructure with missile and other physical strikes as Russian troops retreat from formerly occupied areas of Ukraine, Microsoft said in a report published on Saturday. And the Kremlin could seek to expand cyberattacks against Ukraine’s supportive neighbors in an attempt to disrupt military and humanitarian supply chains and weaken European populations’ support for Kyiv, according to the report. Bleak outlook: Microsoft’s report comes after nearly 10 months of brutal war in Ukraine, which has seen Russia hacking Ukrainian satellite systems, energy companies and other critical infrastructure, galvanizing international worries about how Moscow will next deploy its sophisticated cyber capabilities. Expanding battlefield: In November, Microsoft blamed Russia for October ransomware attacks on infrastructure companies in Ukraine and Poland aimed at attacking companies involved in providing military and humanitarian assistance to Ukraine.Now, the tech giant says that campaign could be “a harbinger of Russia further extending cyberattacks beyond the borders of Ukraine,” with a focus on “countries and companies that are providing Ukraine with vital supply chains of aid and weaponry this winter.” The October attacks had limited success — Microsoft said local defenders and its own experts “helped contain the attack’s impact to less than 20 percent of one targeted organization’s network” — but Microsoft assesses that Russian hackers “almost certainly collected intelligence on supply routes and logistics operations that could facilitate future attacks.” Splintering the alliance: Russia is likely to expand its use of influence operations to “reduce support for Ukraine’s defense” by exploiting tensions in Europe over energy prices and shortages, according to the report, which cited Russian propaganda outlets’ steady promotion of European protests over issues such as inflation. Russia could also seek to stoke anti-migrant resentment as more people flee Ukraine amid power outages. Missiles and malware: Microsoft has observed Russian cyberattacks targeting the same sectors as Moscow’s recent missile barrages retaliating against Ukrainian territorial gains. In addition, the report says that destructive cyberattacks spiked in October after two relatively quiet months, with wiper malware attacks — meant to erase hard drives and make recovery more difficult — on energy, water and transportation infrastructure paralleling Ukraine’s ground counteroffensive. Fifty-five percent of the roughly 50 organizations hit by Russian wiper attacks since February are critical infrastructure companies, Microsoft said. Allies on alert: Microsoft is not alone in tracking these threats. NATO has also been keeping a close eye on developments in Ukraine, and the alliance has also seen evidence of Russia coordinating physical strikes with cyberattacks. “We’ve seen cyber being used before the actual attack started, for example through defacing government websites and spreading disinformation to try to scare the population,” David van Weel, NATO’s assistant secretary general for emerging security challenges, told reporters during a virtual briefing on Friday. He said that NATO has tracked the use of deepfakes as well, including doctored videos of Ukrainian President Volodymyr Zelenskyy telling troops to surrender. “We’ve seen cyber being used in conjunction with kinetic attacks, so whilst the military infrastructure was hit physically, it was also hit by cyberattacks,” van Weel noted.
How Estonia is helping Ukraine take on Russian cyber threats https://news.yahoo.com/inside-estonia-efforts-help-ukraine-093000490.html?fr=sycsrp_catchall TALLINN, Estonia — Ukraine has surprised the world with its ability to fend off major cyberattacks from Russia. And one small country — Estonia — has played an outsized role in helping them do so. The nation of just over 1 million, which has fought off cyberattacks inside its borders from Russia for years, is now leading many of the efforts to provide cyber threat intelligence, funding and critical international connections to protect Ukraine from Russian hackers. In interviews in Tallinn, Estonian officials provided fresh details about how they aid cybersecurity workers in a besieged Ukraine and coordinate with more powerful allies in Europe and the U.S. in the global effort to defend against Russia’s digital attacks. It’s a partnership that illustrates a unique aspect of modern cyber warfare — some of the most sustained efforts to protect networks are coming from smaller or less-resourced countries that have been the repeated victims of attacks and have learned the hard way about the need to invest in cyber armies. Luukas Ilves, Estonia’s chief information officer, said he speaks with Ukrainian counterparts weekly, while some of his colleagues are in “daily contact.” Their assistance has included tasking Estonian cybersecurity professionals to help thwart attempted hacks of Ukrainian critical infrastructure such as power substations and satellites. “We have been one of the more active European countries in working with them,” Ilves said of Ukraine. While a spokesperson for the European Commission did not respond to a request for comment, it has been reported that Estonia is leading a European Union program worth almost €11 million to provide cyber and digital privacy services to Ukraine. In some ways, Estonia was forced to prioritize cybersecurity following a Russian cyberattack in 2007 that attempted to shut down the websites of government, banking and other critical services organizations in retaliation for the removal of a Soviet-era statue. Now, Ilves said, they aim to share the expertise they’ve accumulated. While Estonia has boosted cybersecurity investment at striking levels, other regular victims of Russian cyberattacks have also focused on strengthening cybersecurity. Ukraine itself has strong cyber experience following a decade of Russian cyberattacks, including two incidents that turned off the lights in portions of the country in 2015 and 2016, while the Czech Republic is drafting new legislation to vet third party suppliers of IT equipment used in the country’s critical infrastructure networks in the wake of several major cyberattacks in recent years. Ukraine’s State Service of Special Communications and Information Protection did not provide a response to a request for comment. On the financial front, Estonia has consistently been a major contributor in funding to Ukraine. According to data from the non-profit Kiel Institute for World Economy, Estonia ranks second in overall financial support for Ukraine according to its GDP. And while Ilves said it was hard to pin down the amount given for digital efforts, it was certainly “in the millions.” And Estonia has tasked its Information Security Authority, or RIA, which works to protect critical Estonian systems against cyberattacks, with providing cybersecurity support and sharing threat information with counterparts in Ukraine. Gert Auväärt, the head of cybersecurity and deputy director of RIA, noted that Estonia has long been a “test base” for Russian cyberattacks, such as multiple major efforts to shut down the Estonian Parliament’s websites. While he declined to go into specifics of the support due to security reasons, Auväärt said Estonia was using its “personal experiences” with Russia to help inform its support to Ukraine and that it’s in a “regular information-sharing partnership” with Ukraine. Estonia “will continue to do everything humanly possible to help them to win this war, both in the physical and in cyberspace,” Auväärt said. In terms of expertise on Russian cyberattacks, few nations surpass Estonia. Cyberattacks from Moscow have kept up at a steady pace in the years since the 2007 strikes, including an August attack on the Estonian Parliament’s website during the Estonian government's effort to remove a Soviet tank from the Eastern border with Russia. According to Auväärt, the August cyberattack was 100 times higher in volume than the 2007 attack. On another occasion, when the Estonian Parliament declared the Russian Federation a terrorist state, Russian hackers flooded the Parliament’s website with the equivalent of seven years of its usual internet traffic in a single 24-hour period. Estonia managed to fend off the attack and the platform didn’t crash. “We’ve seen these waves of attacks, it’s calm, calm, calm and then there comes a big wave, then again there is quiet, quiet, quiet, then again it comes,” Auväärt said. “The constant threat level has not changed.” One reason Estonia has been able to help Ukraine: Its investments in its own cybersecurity means it has the people at the ready. RIA doubled its personnel and its budget in the last year, and last week, Estonian President Alar Karis visited RIA’s headquarters for a briefing on threats in cyberspace. According to Ilves, 50 percent of the government’s overall spending on technology goes toward cybersecurity, and Estonia added €60 million to the budget for cybersecurity this year. The goal is to increase that spending in the future. That has turned Estonia into a leading force in NATO on cybersecurity issues. The bloc’s Cooperative Cyber Defense Center of Excellence — which provides cyber training for NATO members and allies such as Ukraine — is headquartered in Tallinn, along with its training base for cybersecurity experts. While a spokesperson for NATO declined to comment on Estonia’s level of cyber support for Ukraine versus other NATO countries, Estonia is certainly viewed as a key ally in the fight against cyberattacks from Russia. “It’s no accident that the Cyber COE is there given the Estonian government and the Estonian people’s investment in high tech and information technology and the related industries,” David Cattler, assistant secretary general for NATO’s Joint Intelligence and Security Division, said during a virtual briefing with reporters last week. “They are a strong ally and a strong contributor on many things and especially on cyber issues.” The nation also shares threat intelligence extensively with its NATO partners and with Ukraine. This includes regular contact with the United States’ Cybersecurity and Infrastructure Security Agency on both threats from Russia and how to secure elections. The relationship is warm, demonstrated by Auväärt during the interview as he sipped coffee from a CISA mug given to him by agency Director Jen Easterly, a closeness reciprocated by CISA officials. Eric Goldstein, executive assistant director for Cybersecurity at CISA, would not go into details on U.S. work with Estonia, but said: “CISA has strong relationships around the globe, including in Estonia, and we regularly exchange timely and actionable information with our international partners,” Estonia’s expertise on technology issues is also something that Ukraine and other nations have learned from, and Ilves noted that Estonia was a driving force behind the Ukrainian government’s efforts to move Ukraine toward being a “digital society.” These lessons have stuck, as Ukraine is developing tools such as a digital ID to help track refugees, an effort Ilves said Estonia is attempting to emulate. “In some ways the teacher is outshining the master,” Ilves said.
Russian state TV ‘hit by cyber attack’ during Putin’s speech https://www.msn.com/en-gb/news/worl...cyber-attack-during-putins-speech/ar-AA17KnX9
Russian radio stations play out 'fake' air raid warning after 'hack', Kremlin officials claim In a post on Telegram, Russia's Ministry of Emergency Situations claimed that the information about the air raid was "not true" and the result of a "hacker attacker". https://news.sky.com/story/russian-...g-after-hack-kremlin-officials-claim-12817070
Ukraine invasion blew up Russian cybercrime alliances Study: Old pacts ditched the moment Moscow moved in https://www.theregister.com/2023/02/24/russian_cybercrime_economy/ The so-called "brotherhood" or Russian-speaking cybercriminals is yet another casualty of the war in Ukraine, albeit one that few outside of Moscow are mourning. (More at above url)
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics https://www.theguardian.com/technol...tins-global-and-domestic-cyberwarfare-tactics Documents leaked by whistleblower angry over Ukraine war Private Moscow consultancy bolstering Russian cyberwarfare Tools support hacking operations and attacks on infrastructure Documents linked to notorious Russian hacking group Sandworm Russian program aims to control internet and spread disinformation (Much more at above url)
How Russian hackers got unplugged in the Ukraine War https://straightarrownews.com/commentary/how-russian-hackers-got-unplugged-in-the-ukraine-war/
'Wagner' Ransomware Targets Computers in Russia The ransomware drops a note that promotes the paramilitary group and adds, 'Let's go to war against Shoigu,' a reference to the general under Russian President Vladimir Putin. https://www.pcmag.com/news/wagner-ransomware-targets-computers-in-russia?