Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Microsoft Security

Microsoft Warns Russia May Plan More Ransomware Attacks Beyond Ukraine (bloomberg.com) 27

Posted by msmash from the closer-look dept.
Microsoft warned an infamous hacking group that is tied to Russia's military intelligence agency GRU could be gearing up for more ransomware attacks both inside and outside of Ukraine. From a report: Microsoft calls the group Iridium, but it is perhaps best known as Sandworm. It has been accused of attacks on Ukraine's electric power grid and government agencies, the 2018 Winter Olympics and businesses across the globe. Now, it appears to be preparing for a renewed destructive campaign, the software company said in a threat intelligence report on Wednesday. Russian hackers have been accused of bombarding Ukrainian institutions with "wiper malware" and DDoS attacks, a campaign that began even before President Vladimir Putin ordered troops to invade more than a year ago. However, Ukraine's defenses have largely fended off a major cyberwar with the help of foreign tech companies including Microsoft. The ransomware attack on Polish and Ukrainian transport services in October, attributed to Sandworm, may have been "a trial balloon" for further attacks, the report said. Microsoft warned it was a potential precursor to further Russian hacks beyond Ukrainian soil.
This discussion has been archived. No new comments can be posted.

Microsoft Warns Russia May Plan More Ransomware Attacks Beyond Ukraine More

Microsoft Warns Russia May Plan More Ransomware Attacks Beyond Ukraine

Comments Filter:

  • Cut their ties... (Score:3, Insightful)

    by dark.nebulae ( 3950923 ) on Wednesday March 15, 2023 @02:40PM (#63373741)

    Why don't we just cut the lines and remove their internet access?

    If they want to be a pariah, let them. But that doesn't mean we need to give them open access that they apparently want to abuse in a "burn everything to the ground" campaign...

    • Well for a start, that's kind of racist dude. It would also cut off tens of millions of ordinary Russians, including those dissidents and opposition figure that Putin hasn't imprisoned or poisoned yet, from what little access they currently have, to information that's not Kremlin propaganda. That especially would cut all Russians off entirely from accurate information about the invasion of Ukraine So lets not "just cut the lines and remove their internet access", eh?

      • Re: (Score:2, Interesting)

        by dark.nebulae ( 3950923 )

        Putin's already filtering what is getting into the country.

        I'm just saying cut the lines to filter what is getting out of the country.

        And it's not racist, I'm not asking for citizen tests or anything. I'm saying that if a state is a bad actor, then cut them out until they get their act together.

        • They are messing with you, dude. No one owns the internet. It is decentralized cooperation. We can cut our "lines" but not "theirs".

        • Putin's already filtering what is getting into the country.

          I'm just saying cut the lines to filter what is getting out of the country.

          And it's not racist, I'm not asking for citizen tests or anything. I'm saying that if a state is a bad actor, then cut them out until they get their act together.

          I don't think it would be effective.

          Sure, you could create an international agreement* to cut every cable, which kicks the vast majority of the population off the Internet, but not everyone.

          A few satellites, radio transmitters, and hidden cables and they could get their traffic into another country. From there it goes through a router that strips anything that suggests a Russian origin and you've got connectivity.

          It's not something that works at scale, but it's enough for the elites and the state sponsored

    • The Internet death penalty.

      And yes, I think cutting all links would be a good idea. Even though they'd still route through their allies, I doubt they'd be interested in being identified as a point of origin of Russian cyber-warfare.

      China would likely want to keep foreign access simply to enable more efficient selling of goods to Western consumers.

    • Re: (Score:2)

      by ksw_92 ( 5249207 )

      It might be some help but so much of this crappy activity is run off of so many commercial hosting platforms, including Azure, that you can't contain it with simple null-routing/blocklisting.

      With an inventory of stolen credit cards and some basic scripting it is easy to set up and tear down attack infrastructure in the short amount of time it takes a provider to spin up whatever instances you've ordered. It's a big old game of whack-a-mole that won't go away because we value privacy over security. That's th

    • It won't work. The call is coming from inside the house.

    • Because then the only access to information that the Russian people will have is state edited. This was discussed by RIPE.

      Here's RIPE's views:

      https://labs.ripe.net/author/s... [ripe.net]

  • Microsoft warned an infamous hacking group that is tied to Russia's military intelligence agency GRU

    Do they still use an IP address registered to their own street address /s

  • Is this kind of 'a bunch of bad actors are going to keep acting badly'?

  • Protect yourself: don't use Windows.

  • I mean afterall the US has no doubt planned for when the Minbari attack earth, so did the author mean implement?
  • So did the cylons.

Slashdot Top Deals

Trap full -- please empty.

Close