Russian Cyberspies Targeted MH17 Crash Investigation

itwbennett writes: Security researchers from Trend Micro have found evidence that the Pawn Storm cyberespionage group set up rogue VPN and SFTP servers to target Dutch Safety Board employees before and after the report on the crash of Malaysia Airlines Flight 17 (MH17) was finalized. It is likely that the rogue servers were set up with the goal of phishing login credentials from people involved in the MH17 crash investigation in order to obtain access to confidential information, the researchers said.

Who is surprised?

[mi]

For a country that shot a passenger airliner to begin with — and not for the first time — for such a country to attempt to affect the investigation of the crime is no surprise at all. What may be surprising, is that none of the Dutch officials involved were killed or blackmailed. But it ain't over yet, is it?..

Re:Who is surprised?

[Zocalo]

Dumb thing is that KAL007 should have taught them nothing much would come of it even if they did own up, and in this case they could quite easily have pegged the blame on some unidentified rogue elements of the Pro-Russian forces in Eastern Ukraine right from start and probably have walked away from the whole affair without so much as a slap on the wrist. Instead, all the heavy handed actions, conspiracy theory level alternative theories and random protestation, just make it look all the more likely that they have something to hide - which is kind of ironic coming from the nation that pretty much made the concept of "if you've got nothing to hide, then you've got nothing to fear..." not all that long ago.

Re:Who is surprised?

[mi]

it was rebels from Ukraine which were armed by Russia

False. Operating the Buk system is too complicated for "peaceful coal-miners" to have done it — certainly not the mere 3 months into the insurrection. It was Russian military — even if disguised as locals. Whether they targeted a passenger liner by mistake or deliberately is still a question, but it obviously was not the rebellious locals.

I'm pretty sure a good number of the commercial airplanes which were shot down could be attributed to the US.

For an accusation of such gravity, you better have more solid citations than your own "pretty sure". Do you?

Finally, Ukraine also shot a Russian commercial aircraft in 2001.

First of all, that was an honest mistake. Second, Ukraine hasn't denied it. And third — and most intriguing — the missile was fired from Crimea and the servicemen responsible are now all Russians. Temporarily.

And by the way, the US certainly played an important role in the current Ukrainian situation

Whether that's true or not, how is this relevant to the conversation?..

The ones who are in power right now in Ukraine had support from the US and Europe

So?.. Your desperation in trying to switch the topic is really showing. Mr. Kiselev would've done a better job — were he not busy blaming some non-existent Ukrainian jets for the crime.

Imagine if Russia was supporting a successful coup in Mexico.

Why imagine it in Mexico, when saw it actually happen in Cuba and, more recently, Venezuela? No passenger airliners were shot down in either place...

Go back to watching Kremlin-TV...

Re:Who is surprised?

[Rei]

It was not Russia who shot down MH17, it was rebels from Ukraine which were armed by Russia.

Because random untrained individuals can operate a SAM site?

If you count that as Russia, than considering the US have armed rebels pretty much everywhere around the world, I'm pretty sure a good number of the commercial airplanes which were shot down could be attributed to the US.

Since when does the US give SAM sites to random rebel groups? The US doesn't even give (and actively blocks attempts to give) even groups it supports MANPADs, let alone SAM sites. The latter poses a vastly greater threat to commercial airliners - MANPADs can only hit them shortly after takeoff or shortly before landing, while SAM sites can hit them during cruise phase. They're also far more complicated systems and require a lot more training.

I'd also like to remind you that the US also directly shot a commercial airplane (Iran air flight 655), killing 290 civilians. Finally, Ukraine also shot a Russian commercial aircraft in 2001.

So peacetime accidents are equivalent to pumping military hardware and troops into a neighboring country to try to rip off part of it and shooting at anything that flies without warning civil aviation that you're supplying hardware that can shoot their planes down? And FYI, Russia initially tried to hide the fact that Ukraine had accidentally shot down Siberia Airlines Flight 1812, because they were actively propping up Ukraine's then government, claiming that it was impossible for the S200 to overshoot by 250 kilometers. And in the former case the US military made 10 attempts to hail Flight 655, three of which it received, and none of which it responded to.

In the former case, Ukraine initially denied its culpability, but later admitted it. In the latter case, the US admitted its involvement pretty much immediately. Russia to this date continues to deny, obfuscate, and apparently, hack too to try to avoid culpability.

And by the way, the US certainly played an important role in the current Ukrainian situation. The ones who are in power right now in Ukraine had support from the US and Europe.

Oh yes, the US clearly cares so tremendously much for Ukraine - that's why they won't even toss them a single Javelin, let alone heavy hardware, to help them defend their country, right? Clearly Russia had no choice but to flood the country with troops and vast amounts of heavy military hardware!

Re:Who is surprised?

[Zocalo]

I don't think that's the issue that the Russians are so touchy about. Realistically, it's highly unlikely that the Russians would just "give" a BUK to the separatists and let them drive it away without there being some unofficial advisors along for the ride to provide at least some training/oversight. That implies that not only are Russian personnel officially on the ground (something they are still denying, despite all the evidence to the contrary) but that they were almost certainly on hand when the BUK was used since a BUK apparently requires override to enable it to fire at a commercial aircraft that was presumably broadcasting its IFF, something untrained personnel wouldn't have been likely to know how to do.

I don't think it's about the slap on the wrist for culpability they might have got (or not, given what happened in the aftermath of all the events you listed), and others like KAL007 and KAL902, it's about maintaining the pretense that they have no official involvement on the ground. Basically, in their panic after MH17 was shot down, the Russian government rushed out a story to maintain that pretense that was never going to stand up to scrutiny instead of taking their time and coming up with something that might at least have raised enough doubt. Now they are stuck with either trying to defend a story that has more holes in it than the fuselage of MH17 or changing their story and risking blowing away the fiction of their non-involvement they have spun for their own people.

Re:Who is surprised?

[Rei]

BUK is a surface to air system. It's mobile (vehicle mounted) rather than fixed, but that's usually the case these days. What it isn't is a MANPAD.

The US stopped giving anti-air missiles to rebel groups after the late 80s, after proliferation concerns were raised about the Stingers in Afghanistan. Nowadays the US on a rather anti-MANPAD crusade, including a MANPAD buyback program that buys MANPADs from anywhere, no questions asked, spending a small fortune ($40M/year) to try to get them off the black market.

Honestly, I think the US has gone a bit overboard in its anti-MANPAD obsession. They let Syria get flooded with TOWs in batches of 250-500 with a potential supply of over 13.000 (the amount that they sold to Saudi Arabia for that purpose), but finds the concept of a single MANPAD - which requires that you smuggle it to near the airport if you want to hit a commercial plane - unthinkable. A TOW can of course take out a passenger train, a truck carrying hazardous waste, attack nuclear facilities, hit a plane on the ground, etc. But the US has this weird distinction of "MANPADs = Unthinkable, Antitank = Use as many as you need". That's not to say that the TOWs are unrestricted - they have a pretty good policy for their distribution, requiring returning the spent tubes and filming the attacks and a bunch of other things; of the thousands that have been sent only 2-4 are believed to have been captured by al-Nusra, who's already used some if not all of them. But still...

And with the anti-MANPAD crusade, you'd think that they'd have poured more money into anti-proliferation countermeasures. Yet you don't see that hardly at all. In fact, it looks like the next version of the Grom is going to be the first anti-proliferation MANPAD, and that's Polish. And sometimes people talk about "ways anti-proliferation measures could be cheated", but these arguments are usually based around really dumb implementations of anti-proliferation measures. They don't have to be limited to electronic lockout mechanisms, you can have the missiles additionally be literally designed to degrade, with a "guaranteed to still work" time of X months and a "guaranteed to not work" time of Y months. Degradation isn't some unusual thing, it's much harder to *stop* than to cause. Replace for example gold interconnects on the circuitboards with sulfrous silver, or even calcium metal. Great conductor in the beginning, but it'll oxidize fast, especially if moist. Seal it in a casing with silica gel to slow the rate of decay to the desired length. Anyone opening the casing would only make it degrade even faster. Have the explosives and propellant similarly degrade so that for X months they're still fine, but after Y months they're no longer useful. You could even have the casing rust - and probably save yourself money in the process.

You can easily make it to the point where it'd be far, far easier to make a new MANPAD than to fix the degrading one.

Re:Who is surprised?

[quantaman]

it was rebels from Ukraine which were armed by Russia

False. Operating the Buk system is too complicated for "peaceful coal-miners" to have done it — certainly not the mere 3 months into the insurrection. It was Russian military — even if disguised as locals.

Well it apparently was too complicated since they shot down the wrong kind of plane. There's a big difference between experts that years of military training creates and a couple weeks back in Russia being taught which buttons to push in order to shoot down planes. I'm not saying it was locals (or foreign volunteers) for certain, but I don't think we can really know.

Whether they targeted a passenger liner by mistake or deliberately is still a question, but it obviously was not the rebellious locals.

Why is that a question? What possible motive would the rebels have for shooting down a civilian airliner? Why claim to have shot down an AN-26 instead only to go into massive denials once it turned out to be a civilian plane? There are even recordings of phone calls from the first rebels who went to the crash site and called back freaking out when they realized it was full of civilian bodies.

There's overwhelming evidence that the plane was shot down by Russian rebels (active Russian military or not) who thought they were shooting down a Ukrainian military plane. That's already damning enough, we don't need our own unsupported conspiracy theories.

They just can't do that

[Trachman]

Internal propaganda keeps telling to the Russian audience of 150 million people that Russia does not participate, and that all the weapons, heavy flamethrowers, drones and tanks, are merely bought at military surplus stores.

Entire story would just collapse.

Russia does have a history of keeping the parallel history and making it official.

Re:They just can't do that

That and the fact that Putin is a coward who would rather kill a few thousand people more than admitting that he might have misjudged something.

Re:They just can't do that

[Zocalo]

Sure they could. They'd only have needed to have done a little handwavium over where the BUK launcher used actually came from (not too much of a stretch given that the Ukrainian military operates the launchers), continued to deny any official Russian military involvement, and insisting that it was all the work of separatists. That still fits the official internal Russian storyline, yet provides a much more plausible story to everyone else that maybe the Ukrainian government really might have "misplaced" a BUK in the turmoil and that it fell into the hands of separatists who, not being suitably trained in its use, then proceeded to shoot down a target without adequately verifying it wasn't civilian - or even did so regardless. Not perfect, certainly, but a heck of a lot better than all the indications of a cover-up that they are now ensnared in.

Re:They just can't do that

[Rei]

Their latest propaganda line by the Russians is "the report is flawed, as the Russian findings were not taken into account" and that Russia was "kept out of the loop of the investigation". Which, of course, is total BS.
 

Re:They just can't do that

[quantaman]

Internal propaganda keeps telling to the Russian audience of 150 million people that Russia does not participate, and that all the weapons, heavy flamethrowers, drones and tanks, are merely bought at military surplus stores.

Entire story would just collapse.

Russia does have a history of keeping the parallel history and making it official.

They still could have come up with a better story than they did. ie:
"The rebels stole a loaded BUK from a Ukrainian base (let the Ukrainian's try to disprove that) and tragically shot down a civilian airliner by accident! Oh and we think the Ukrainians left the civilian airspace open to deliberately confuse the rebels about which planes were safe to shoot down."

If Russia pushes that narrative they've instantly acknowledged the obvious with the only major downside being that if the DPR survives they'll probably need to throw them an extra chunk of money to pay off the settlement. The arguments over the origin of the BUK and Ukrainian intensions over leaving the airspace open are fairly academic and the whole thing mostly goes away in the media.

That's one of the problems with being an authoritarian state. There's no one to tell you that you're being an idiot trying to sell a bunch of bizarre conspiracy theories when you can dodge most of the blame with a half-truth.

Re:They just can't do that

[Incadenza]

Sure they could. They'd only have needed to have done a little handwavium over where the BUK launcher used actually came from (not too much of a stretch given that the Ukrainian military operates the launchers)

The report states that the explosive head of the BUK was of the type 9N314M, a newer type of explosive head that was never supplied to the Ukrainian army. This was proven by the typical shapes of this head's load, that were retrieved from the bodies of the crew.

Interestingly, this conclusion was first made by the Russian members of the investigation team, shortly before they were being recalled to Moscow.

Re:Linked to the Russians, you say?

[The+Grim+Reefer]

How charming that you think the US _doesnt_.

How charming that you didn't hear that loud WHOOSH.

Trend Micro and the Russian Cyberspies ..

[nickweller]

I don't understand how these Russian Cyberspies are so careless as to leave a trail all the way back to Moscow.

Equation: The Death Star of Malware Galaxy