Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Ukraine War, Geopolitics Fuelling Cybersecurity Attacks - EU Agency 32

Geopolitics such as Russia's invasion of Ukraine has led to more damaging and widespread cybersecurity attacks in the year to July, EU cybersecurity agency ENISA said in its annual report on Thursday. From a report: ENISA's study follows concerns about the role of state actors and the growing range of threats to governments, companies and essential sectors such as energy, transport, banking and digital infrastructure. The agency said geopolitical situations - in particular the Russian invasion of Ukraine - were game-changers during the period under review. Zero-day exploits in which hackers exploit software vulnerabilities before developers have a chance to fix the flaws, as well as artificial intelligence-enabled disinformation and deepfakes resulted in more malicious and widespread attacks with more damaging impact, it said.
This discussion has been archived. No new comments can be posted.

Ukraine War, Geopolitics Fuelling Cybersecurity Attacks - EU Agency

Comments Filter:
  • by david.emery ( 127135 ) on Thursday November 03, 2022 @10:49AM (#63021879)

    What surprises me is how ineffective Russia's cyber attacks have been, not just on Ukraine, but on 'the West' in general (Baltics, Sweden, Finland, NATO, etc.) There were some initial successes in Ukraine, and in particular Russia tried to synchronize cyber with kinetic attacks. But since the efforts to counter them (and full credit to Microsoft for helping), Russia hasn't had much success anywhere. Now this could have been from 'lack of trying,' but so far Putin has pulled out just about every other reference in his arsenal short of Nuclear/Chemical/Biological weapons. So I think "holding back" isn't that likely an explanation for Russian failures in the cyber domain.

    This is not to claim "We're winning the cyber war," but it does appear we're able to at least mitigate large scale impacts. And That's A Good Thing.

    (I still think the primary way to prevent cyber attacks is to substantially reduce vulnerabilities in software. And the way to do that is to make the software vendor legally/financially liable...)

    • Shouldn't military systems be separated from the Internet by an air gap? In other words, cyber attacks should only affect civilian networks.
      • by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Thursday November 03, 2022 @11:00AM (#63021913) Homepage Journal

        Shouldn't military systems be separated from the Internet by an air gap?

        It depends, do they depend on information from the internet? In that case, they're probably connected to it. Lots of military systems are air-gapped, though. I've taken support calls where one guy was on the phone, shouting commands to another guy holding a door open (they can legally hold the door open, but they can't prop it open) who's shouting to another guy sitting at a console, because they weren't even allowed to have a phone in the room.

        • by Darinbob ( 1142669 ) on Thursday November 03, 2022 @11:44AM (#63022017)

          One of the many many snags in the botched invasion was reliance of mobile phones. When encrypted, they're still blocked just by shutting down the network (or Russians blowing up the tower). When unencrypted everyone is listening in. Some even stole Ukrainian mobile phones and used those, after which the "find my phone" app would reveal troop positions. Do they just not have a signal corps?

          • Some of the Russian fighters (Chechen?) posted selfies from the front lines. Geotagged selfies. Ukrainians sent missiles to those coordinates. Soldiers go BOOM! Yeah, it's hard to comprehend how technologically clueless some people are.
            • by Darinbob ( 1142669 ) on Thursday November 03, 2022 @12:38PM (#63022173)

              Recruiter: We need some volunteers for our army.
              Guy: Do I need to meet any eligibility requirements?
              Recruiter: No.
              Guy: Do I need any special training?
              Recruiter: No.
              Guy: Are there rules I have to follow?
              Recruiter: No.
              Guy: Do I get to shoot people?
              Recruiter: Yes.
              Guy: Sign me up!

              • "And I went up there, I said, "Shrink, I want to kill. I mean, I wanna, I Wanna kill. Kill. I wanna, I wanna see, I wanna see blood and gore and Guts and veins in my teeth. Eat dead burnt bodies. I mean kill, Kill, KILL, KILL." And I started jumpin up and down yelling, "KILL, KILL, " and He started jumpin up and down with me and we was both jumping up and down Yelling, "KILL, KILL." And the sargent came over, pinned a medal on me, Sent me down the hall, said, "You're our boy." Arlo Guthrie, Alice's Restaur
    • and full credit to Microsoft for helping

      Should they get credit thou. The machine they are installed on are prolly crashing and I don't think Microsoft is allowed to give Russia patches at the moment.

      • From what I read, Microsoft's help went beyond just identifying missing patches in Microsoft products. It included pro-active analysis of attacks, advice on mitigation such as domain/IP blocking, etc. And I believe this has been discussed here, e.g. https://yro.slashdot.org/story... [slashdot.org]

        Now yeah, I agree Microsoft's vulnerabilities are a big part of the problem. But I really don't see a lot of emphasis from the cybersecurity stuff I've read on 'preventing vulnerabilities,' the emphasis seems to be much more o

      • No, Microsoft is helping Ukraine fend off the cyberattacks, they're not helping Russia.

    • I think the truth is that Russian military/state hackers are not as competent as the Russian criminal/mafia hackers. Simplest explaination.
    • Re: (Score:2, Interesting)

      by Darinbob ( 1142669 )

      Maybe they inadvertently conscripted their best hackers and put them on the front lines.

      Now I'm glad Russia is doing so badly, but it really is amazing just how utterly inept Russia is here. Putin probably honestly thought that it would be quick and easy, like it was in Crimea, and so there was no real planning. Probably he believed his own propaganda that the citizens there would welcome the murderous soldiers with open arms. But there is so much shoddiness uncovered. Uneducated soldiers from the hinterl

      • Now I'm glad Russia is doing so badly, but it really is amazing just how utterly inept Russia is here.

        Russia is more criminal enterprise than functioning state. Raising a competent military would have required Russians to behave in ways their culture renders them fundamentally incapable of.

        • by sfcat ( 872532 )

          Now I'm glad Russia is doing so badly, but it really is amazing just how utterly inept Russia is here.

          Russia is more criminal enterprise than functioning state. Raising a competent military would have required Russians to behave in ways their culture renders them fundamentally incapable of.

          While true it is a bit inaccurate. The ideology of Putin [youtube.com] is even stranger and more absurd than calling Russia a mafia state. The video is a hard watch (I had to take a couple of breaks) but it does explain WTF is going on in Putin's head a bit better than imagining him as Don Corleone (as the character is far smarter than Putin).

      • If Ukraine had welcome Russia with open arms, there would have been no soldiers murdering and raping. You see, this is indeed the fault of the nazi satanist Ukrainians, forcing Russian soldiers into murdering and raping civilians.
    • For the Ukraine side, the U.S. sent a cyber team [bbc.co.uk]into help back in December, prior to Russia's invasion. They worked with the Ukrainians, installed equipment, updated software, etc, and showed them what was being done to harden their systems as well as providing training and other assistance.

      Not to mention, Ukraine has had 8 years to learn from Russia's attacks, so they had a wealth of data to go back to as well as provide to others. This allowed western countries to inspect what was going on and how to de

    • What surprises me is how ineffective Russia's cyber attacks have been, not just on Ukraine, but on 'the West' in general (Baltics, Sweden, Finland, NATO, etc.)

      Imho, to be fair they've had a pretty long and successful run culminating with the 2020 Solarwinds attack. As for the current, it would surprise me if they have a functioning organisation.
      https://en.wikipedia.org/wiki/... [wikipedia.org] https://en.wikipedia.org/wiki/... [wikipedia.org]

  • by Okian Warrior ( 537106 ) on Thursday November 03, 2022 @11:03AM (#63021923) Homepage Journal

    Sounds like a good time for an update. Here's a scorecard [ukrinform.net].

    The best overall source for fine-grained tactical analysis is the Critical Threats [criticalthreats.org] website. This is an analysis group that looks at all news reports and aerial photos and makes an assessment of how the war is going in Ukraine. It also reads milblog assessments from both sides.

    The next best site is Ukrinform [ukrinform.net], which is the official news site of Ukraine regarding the war. I strongly suspect that Ukraine decided that ground-level truth is far more valuable (to them) than propaganda for its effect on world sentiment, so this site has been rock solid since the beginning of the war. I've seen 1 or 2 minor corrections of no great import, and have seen no news source contradict their reports.

    It's *completely* one-sided, but apparently accurate for that one side. Ukraine has stated that they will not release the (for example) number of Ukranian soldiers killed or any other costs from their side until after the war. I know of no similar site for Russia, and of the sites I *do* know it's all propaganda.

    Check the 1st line on the scorecard [ukrinform.net]: The number of Russian soldiers killed daily has been steadily growing, and it's now in the range of 600+ each day. Yow!

    The Russian standing army is about 1 million (with 2 million reservists), and 74K casualties on 1 million is huge, considering that some of that army is support/non combat, and much of it is needed elsewhere in Russia.

    Ukraine has stated explicitly that they are keeping operational secrecy, so we don't get news reports of their upcoming campaigns, but a couple of weeks ago they took back most of the Karkiv area, about 25% of the total area lost in February, in a couple of days.

    It looks like they are on the verge of taking back much of the Kherson region, up to the Dnipro river, and Russians are retreating from this area as well.

    Russia is running on fumes at this point, and it's looking increasingly likely that Ukraine will take back all of its territory.

    • by Anonymous Coward

      The best overall source for fine-grained tactical analysis is the Critical Threats website. This is an analysis group that looks at all news reports and aerial photos and makes an assessment of how the war is going in Ukraine. It also reads milblog assessments from both sides.

      I was about to be all irate because you didn't mention The Institute for the Study of War, [understandingwar.org] but it appear that the Critical Threats updates are the same as ISW's minus the source links. If you're not into clicking through to a bunch of Telegram accounts by Russian bloggers, CT seems just fine.

    • Has somebody made a map of the front line with a scrollbar for time so you can see how the front has moved over time?

      I see the scorecards, and lots of videos of Russian hardware going boom, but it's difficult to know the overall significance of that. Watching a grunt in a foxhole get wasted by a drone dropping a grenade doesn't really tell you a thing about the course of the war.

      During Vietnam our stats on bombs dropped and communists killed always looked good. And they weren't gross exaggerations as

      • by sfcat ( 872532 )

        Has somebody made a map of the front line with a scrollbar for time so you can see how the front has moved over time?

        I see the scorecards, and lots of videos of Russian hardware going boom, but it's difficult to know the overall significance of that. Watching a grunt in a foxhole get wasted by a drone dropping a grenade doesn't really tell you a thing about the course of the war.

        Your live map link [deepstatemap.live]. Click on the box in the bottom right and it will bring up a little control to change the date and move update by update through time. And you might get nothing from watching drone drops, but that isn't true for others. You can see the quality of the Russian equipment, you can see their tactics, how well they are dug in, etc. There is quite a bit you can learn from seeing 1st hand video of the war. That being said, there are lots of propaganda videos from both sides too. So seeing i

        • Thanks. That map even has a play button, so it's only one step away (a screen recorder) from having a video with a time scrubber which I think I will do.
          • by sfcat ( 872532 )
            No problem. One thing I forgot, we are in a Ukrainian SecOp blackout in Kherson right now. So that part of the line hasn't be updated in a few weeks. This will probably be the case until Ukraine retakes everything northeast of the Dnipro river (a couple of weeks maybe). The rest I believe should be mostly up to date.
  • Nothing to see here .. move on ...

news: gotcha

Working...