Russian Cybercriminal Group Was Behind Meat Plant Attack, FBI Says (nytimes.com) 69
An anonymous reader quotes a report from The New York Times: The perpetrators of a ransomware attack that shut down some operations at the world's largest meat processor this week was a Russian-based cybercriminal group known for its attacks on prominent American companies, the F.B.I. said Wednesday. The group, known as REvil, is one of the most prolific of the roughly 40 ransomware organizations that cybersecurity experts track and has been identified as responsible for a coordinated strike against operations in almost two dozen Texas cities in 2019. The group is among dozens of ransomware groups that enjoy safe harbor in Russia, where they are rarely arrested or extradited for their crimes.
REvil, which stands for Ransomware Evil, is known as a "ransomware as a service" organization, meaning it leases its ransomware to other criminals, even the technically inept. One of its previous affiliates was a group called DarkSide, which was responsible for the ransomware attack last month on Colonial Pipeline, a conduit for nearly half the gas and jet fuel to the East Coast. DarkSide is believed to have split off from REvil last year. REvil is considered one of the most sophisticated ransomware groups and has demanded as much as $50 million to recover data belonging to companies as prominent as Apple. Its attack on JBS, a Brazilian company that accounts for roughly a fifth of cattle and hog slaughter in the United States, temporarily shut down some operations at a time when prices were already surging for beef, poultry and pork. Jen Psaki, the White House press secretary, declined to say whether the U.S. government was planning to retaliate. "We're not taking any options off the table in terms of how we may respond, but of course there is an internal policy review process to consider that," she said. The administration is planning to bring up the issue with President Vladimir Putin of Russia when they meet in two weeks.
"Responsible states do not harbor ransomware criminals," she added.
REvil, which stands for Ransomware Evil, is known as a "ransomware as a service" organization, meaning it leases its ransomware to other criminals, even the technically inept. One of its previous affiliates was a group called DarkSide, which was responsible for the ransomware attack last month on Colonial Pipeline, a conduit for nearly half the gas and jet fuel to the East Coast. DarkSide is believed to have split off from REvil last year. REvil is considered one of the most sophisticated ransomware groups and has demanded as much as $50 million to recover data belonging to companies as prominent as Apple. Its attack on JBS, a Brazilian company that accounts for roughly a fifth of cattle and hog slaughter in the United States, temporarily shut down some operations at a time when prices were already surging for beef, poultry and pork. Jen Psaki, the White House press secretary, declined to say whether the U.S. government was planning to retaliate. "We're not taking any options off the table in terms of how we may respond, but of course there is an internal policy review process to consider that," she said. The administration is planning to bring up the issue with President Vladimir Putin of Russia when they meet in two weeks.
"Responsible states do not harbor ransomware criminals," she added.
Re: (Score:2)
Does it matter if one's going toe-to-toe or indirectly if the end result is global warfare? I should also point out before everyone get's onto this slippery slope, no one else's infrastructure is secure either. We just happened to be obsessed with our own, but tit-for-tat can happened to any industrialized society.
Re: (Score:2)
Re: (Score:2, Interesting)
Countries don't need to attack each other to be competitive. When a country decides to attack an other country, it is often due to leaderships lack of imagination or just following their gut reaction, and to appease the other idiots gut reactions who keep them in power.
The United States actually would like a good relationship with Russia and China. Both countries have a lot to offer the United States, as well the US can offer a lot to them. However each country seems to want to play by a different set of
Re: (Score:2, Insightful)
The US wants one-sided relationships with the rest of the world, where US companies can skim all the profits off cheap labour, hold culture hostage behind draconian IP laws, and so on. The US is not your friend. I'm not saying
Re: (Score:3, Interesting)
Whenever I see the whole "The US is exactly the same as Russia and China" nonsense, I just want to slap the person saying it. Because it's always a variant of "stealing $100000 is the same as stealing $1".
Re:Responsible states? (Score:4, Insightful)
So are you justifying petty theft? At any rate, the US is the one who's stealing $100,000 at this point, just because they're in the position to be able to do that. They can demand trade on their terms, depose governments, forcibly enact "regime change", and so on. China and Russia would do the same if they were in the same position, but right now they aren't so they can't.
Re: (Score:3)
They may not be equal, however what ever slights on each other get amplified over time.
You take $1 away from me. I may shove you and forcibly take it back, because it was my dollar. Then you will go and hit me, because I had shoved you. Then I will hit you back harder. So you will say it was unjust because I had assaulted you over stealing $1 and my crime is worse than yours. However I had assaulted you for assaulting me first...
A retribution to a slight, is rarely equal, but it is higher than the origina
America has Silicon Valley, Russia has Ransomware (Score:1, Insightful)
Russia will never have a real technology sector or economy as long as their primary export is cybercrime and extortion.
Sure, America pays a price for unsecure infrastructure.
But the price Russia pays for being a haven for cyber-criminals with almost no legitimate technology industry is far higher.
I'd rather have a legit paycheck than chase infrequent paydays from know criminals who may pay me, or may kill me. There is no honor among thieves.
Politics is war (Score:2)
There is no moral duty to an opponent for necessity trumps law (and ALL law relies on force so force trumps law).
The Cold War never ended nor should it. One good outcome is threats like ransomware FORCE companies to take security seriously in a way nothing else can do.
Convenience trumped security since the early days of computing but now the real world is coercing change. PHBs like Colonial Pipeline management will take security seriously now or be rightly humiliated.
Re: (Score:2)
Crime is also bad for business. When everyone knows you're going to knife them in the back at the first opportunity, nobody is willing to do business with you.
The Russian solution to the Prisoner's Dilemma is to rat out their partners, 100% of the time. And that works great until people start getting tired of it. Then, everyone loses.
Re: (Score:2)
Cyberblockade may just be another word we introduce into our vocabulary. But since Russia is a primitive agrarian society there's no dependence on an internet to sustain them.
Re:Gonna 'bring it up' (Score:5, Insightful)
Would you prefer he came out and said: "I just had a call with 'Puten' and he says he didn't do it and I believe him!"...?
Re: (Score:3)
Yeah, so we shouldn't even try diplomacy and just give up and take it in the ass for as long as Russia feels like they can get away with it, which will essentially be forever?
What's your solution then, if not starting with diplomacy? Violence? Violation of laws in the furtherance of whataboutism?
You've made your bed, now lie in it (Score:5, Insightful)
Today we have a situation where most of infrastructure is not secure and most of hardware and software that is used operationally requiring constant maintenance and patching. I am talking about patching your network switches, industrial control systems, HVAC systems and so on. Absolute nightmare, you will have to pay early retirement-level money to someone qualified to step up into CISO role in one of these companies.
Re:You've made your bed, now lie in it (Score:5, Insightful)
The consequences of years of ignoring even basic consideration of the brittleness implied by extreme consolidation of key supply chain elements by transnational operators.
^There fixed that for you.
IT Security is just a part of it, its an easy avenue for sabotage so it gets exploited. The real issues is there are a handful of large operators in key industries that keep us warm in the winter and food on our tables and other basic necessities that represent such a large portion of and critical component in the supply chain their disasters are societies disasters.
It might be 'efficient' but it isnt safe. It can never be 'secure' either because its fundamentally and availability risk. No level of IT spending mandated or otherwise will change that. Domestic to-big-to-fails and globalism alike are simply to dangerous, the pandemic itself and the supply chain challenges it presented should be all the proof of that anyone needs.
Re: (Score:2)
It might be 'efficient' but it isn't safe.
Consumers didn't mind that if it translated into cheaper goods and services.
Re: (Score:2)
Consumers didn't mind that if it translated into cheaper goods and services.
That is until those goods and services are no longer cheap nor available.
To Whom Are You Referring? (Score:5, Insightful)
The consequences of years of ignoring even basic consideration of the brittleness implied by extreme consolidation of key supply chain elements by transnational operators.
Are you referring to meat packers or Microsoft software and services?
Re: (Score:2)
The packers - but you could make a solid argument for BOTH
Re: (Score:2)
This is an interesting point, as I generally agree with you that nothing is totally secure. I'm just not sure how we enforce multiple "not to big to fail" options.
Re: (Score:1)
Speaking ex-cathedra from my belly button, let's just say that while the USA is technically barred from the assassination of civilians or killing "non-combatants" doesn't mean they won't break those rules. There are a few people with outstanding kill orders and the last two hacker group
Re: (Score:2)
The consequences of years of ignoring even basics of information security...
That's the thing though. The "basics" of security aren't nearly enough to protect against a sophisticated and possibly state-sponsored hacking group. If a large-footprint organization is targeted by a group with enough skill and determination, chances are good they'll find a way in.
I am talking about patching your network switches, industrial control systems, HVAC systems and so on...
Don't underestimate how hard it is to make a complex system secure when there are highly-skilled people working around the clock to find a way around your defenses. You can patch a hundred vulnerabilities, but miss just one and y
Re: (Score:2)
I will add to that - two decades of sabotaging any form of judicial cooperation and insisting that judicial cooperation is only a one way street where the Empire is entitled to alter the deal any time it likes.
USA (and its allies) at present are a safe heaven for a long list of fraudsters and criminals which have fed on the ruins of the Eastern Block in the 1990es.
If we want Russia to cooperate we have to cooperate too. That starts with extraditing people who claimed half-a
Prove it (Score:5, Interesting)
Re:Prove it (Score:5, Informative)
This meat packing plant is a little less clear, but go back to Colonial for a moment.
Imagine if you will some foreign actors did some kind of damage to a site with a truck bomb and snarled fuel deliver to the Eastern US for days! What would have the response looked like. We probably would have identified the group responsible and demanded they be brought to face justice. If whatever country was sheltering them refused we probably would escalate to either a military conflict or imposed economic sanctions to sufficient to do reciprocal harm.
The fact there is no such response to these cyber attacks tell you all you need to know. The top officials have no real confidence in their attribution. They don't for example its not any one of our other enemies executing the attack made to look Russian. Its not like any of them could not grab to Russian malware, hire some former soviet block Russian speakers to modify it and target it at critical infrastructure while maintaining a 'Russian fist' to the code. Its not like the Russian's could not do the same thing with China or Iran etc.
As far as the bag men and the follow the money aspect goes; I would expect an intelligence service of even limited means to be able to develop some local assets in their desired false flag's territory to receive the cash in exchange for a cut. Nobody knows who is pulling the strings here except the folks that pulled them.
Re: (Score:2)
Attribution isn't really that simple, even when it comes to non-peer states. Sometimes the attribution you have isn't attribution you want to share publicly because it can expose intelligence assets.
Plus, even with *good* attribution, are you really expecting a US cruise missile strike on the Russians? They are still a meaningful military power who will reciprocate in a non-trivial way to an overt military strike that could easily escalate into nuclear war.
My take on Russian attribution is that it's highl
Distributed monitors can track attacks (Score:2)
Re: (Score:1)
This thing shows up in EVERY story, and someone always bites at it ( and yes, I know, I'm biting too). Stop responding.
Re: (Score:2)
Unlike the con artist who couldn't wait to suck Putin's dick, right? Unlike the con artist who literally mouthed Russian propaganda [theguardian.com], right?
Smart people don't advertise what they'll do in response to a situation like this. They wait for the opportune moment and simply do it.
Re: (Score:1)
Re: (Score:2)
People only care about style, not substance. SO they'll take serious talk and no action over clown talk and some results.
It's sad but true. Heck, look at the current California governor. I personally know three woman who voted for him because of his looks, and admitted to it.
"we're tired of old ugly guys on the news"...
Re: (Score:2)
lol. still drinking the Koolaid I see. You must really miss be able to bitch about Trump so much.
Re: (Score:2)
Re: (Score:2)
Yeah, or maybe they didn't want CNN broadcasting to people that are about to get their doors kicked in and bags slipped over their heads that they are about to get their doors kicked in and bags slipped over their heads.
This statement is no different from any kind of "conventional" response of firing cruise missiles into terrorist training camps - we don't pre-announce those either for reasons that should be painfully obvious.
Don't be a dumbass please.
Privateers (Score:3)
Since these cybercriminals mostly seem to be based in Russia and the government there doesn't do anything about them, perhaps it's time for the U.S. government to issue letters of marque to American hackers and let them do the same to Russian companies and government organizations, similar to how privateers operated in the 18th and early 19th centuries.
Re: (Score:2)
I thought of the same thing and started a petition
Russia? but of course! (Score:1)
*sigh* Never seen bullshit so real
Re: (Score:1)
Re: (Score:1)
Still brings in the big bucks, can't argue with success
Great, a fucking paywall (Score:2)
Re: (Score:2)
Right, so the FBI should give up their sources and probably get those people killed just to placate your curiosity? Sorry, that's not how it works.
The FBI will have no problem telling people that have the proper levels of security clearance more details and verifiable evidence, as long as they are not compromising sources that can continue to deliver needed information inside these criminal enterprises.
Not sure why that's hard to understand, unless you're a sock puppet for an ongoing criminal enterprise ju
Its going to get ugly (Score:2)
I don't advocate this, but its the onl
That's enough cyber BS for one day! (Score:1)
Ominous... (Score:1)
All Your Meats Are Belong To Us
Privateers or Public Servants (Score:1)
What's next? (Score:1)
Meat is harmful to the environment (Score:1)