cyberwar – Page 2 – WindowsTechs.com

Russian Cyberwarfare Documents Leaked

Posted on March 30, 2023 by Bruce Schneier

Now this is interesting:

Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet.

The company’s work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia’s foreign intelligence organisation.

Lots more at the link…

Continue reading Russian Cyberwarfare Documents Leaked→

‘Hackers’ Behind Air Raid Alerts Across Russia: Official

Posted on February 28, 2023 by AFP

Russian authorities said that several television and radio stations that have recently broadcast air raid alerts had been breached by hackers.
The post ‘Hackers’ Behind Air Raid Alerts Across Russia: Official appeared first on SecurityWeek.
Continue reading ‘Hackers’ Behind Air Raid Alerts Across Russia: Official→

Cyberwar Lessons from the War in Ukraine

Posted on February 23, 2023 by Bruce Schneier

The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “The Cyber Defense Assistance Imperative Lessons from Ukraine.”

Its conclusion:

Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations have better defended themselves and achieved higher levels of resiliency due to the efforts of CDAC and many others. But this is not the end of the road—the ability to provide cyber defense assistance will be important in the future. As a result, it is timely to assess how to provide organized, effective cyber defense assistance to safeguard the post-war order from potential aggressors…

Continue reading Cyberwar Lessons from the War in Ukraine→

The Lessons From Cyberwar, Cyber-in-War and Ukraine

Posted on February 13, 2023 by Kevin Townsend

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question the nature of modern warfare and the role of cyber in its operation.
The post The Lessons From Cyberwar, Cybe… Continue reading The Lessons From Cyberwar, Cyber-in-War and Ukraine→

SecurityWeek Cyber Insights 2023 Series

Posted on February 13, 2023 by Kevin Townsend

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present new and expanded risk for cybersecurity teams in 2023 and beyond.
The post SecurityWeek Cyber I… Continue reading SecurityWeek Cyber Insights 2023 Series→

Cyber Insights 2023: The Geopolitical Effect

Posted on February 1, 2023 by Kevin Townsend

While cyber eyes are trained on Russia, we should remember that it is not the West’s only cyber adversary. China, Iran, and North Korea will all increase their activity through 2023 under cover of the European war.

The post Cyber Insights 2023: The Geopolitical Effect appeared first on SecurityWeek.

Continue reading Cyber Insights 2023: The Geopolitical Effect→

The Limits of Cyber Operations in Wartime

Posted on May 31, 2022 by Bruce Schneier

Interesting paper by Lennart Maschmeyer: “The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations“:

Abstract: Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear. Many expect cyber operations to provide independent utility in both warfare and low-intensity competition. Underlying these expectations are broadly shared assumptions that information technology increases operational effectiveness. But a growing body of research shows how cyber operations tend to fall short of their promise. The reason for this shortfall is their subversive mechanism of action. In theory, subversion provides a way to exert influence at lower risks than force because it is secret and indirect, exploiting systems to use them against adversaries. The mismatch between promise and practice is the consequence of the subversive trilemma of cyber operations, whereby speed, intensity, and control are negatively correlated. These constraints pose a trilemma for actors because a gain in one variable tends to produce losses across the other two variables. A case study of the Russo-Ukrainian conflict provides empirical support for the argument. Qualitative analysis leverages original data from field interviews, leaked documents, forensic evidence, and local media. Findings show that the subversive trilemma limited the strategic utility of all five major disruptive cyber operations in this conflict…

Continue reading The Limits of Cyber Operations in Wartime→

Microsoft Issues Report of Russian Cyberattacks against Ukraine

Posted on April 28, 2022 by Bruce Schneier

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war:

At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating. However, collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions and undermine the public’s trust in those same institutions…

Continue reading Microsoft Issues Report of Russian Cyberattacks against Ukraine→

Russian Cyberattack against Ukrainian Power Grid Prevented

Posted on April 13, 2022 by Bruce Schneier

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used.

Key points:

ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company

The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks

The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems

We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine
…

Continue reading Russian Cyberattack against Ukrainian Power Grid Prevented→

White House Warns of Possible Russian Cyberattacks

Posted on March 22, 2022 by Bruce Schneier

News:

The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion.

[…]

Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors. But there’s been no sign so far of major disruptive hacks against U.S. targets even as the government has imposed increasingly harsh sanctions that have battered the Russian economy.

The public alert followed classified briefings government officials conducted last week for more than 100 companies in sectors at the highest risk of Russian hacks, Neuberger said. The briefing was prompted by “preparatory activity” by Russian hackers, she said.
…

Continue reading White House Warns of Possible Russian Cyberattacks→