Slashdot Mirror
State-Sponsored Russian Hackers Actively Seeking To Hijack Essential Internet Hardware, US and UK Intelligence Agencies Say (bbc.com)
State-sponsored Russian hackers are actively seeking to hijack essential internet hardware, US and UK intelligence agencies say. BBC reports: The UK's National Cyber Security Centre (NCSC), the FBI and the US Department of Homeland Security issued a joint alert warning of a global campaign. The alert details methods used to take over essential network hardware. The attacks could be an attempt by Russia to gain a foothold for use in a future offensive, it said. "Russia is our most capable hostile adversary in cyber-space, so dealing with their attacks is a major priority for the National Cyber Security Centre and our US allies," said Ciaran Martin, head of the NCSC in a statement. The alert said attacks were aimed at routers and switches that directed traffic around the net. Compromised devices were used to look at data passing through them, so Russia could scoop up valuable intellectual property, business information and other intelligence.
We need moose and squirrel to thwart them.
I mean, who enjoys competition in their core business?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
What do we want?
WWIII!
When do we want it?
NOW!
...every country's spy agencies are trying to suborn every other country's switching gear.
Are we back to the "exceptionalism" or "world police" nobnsense whereby it's ok ok if we do it to them, but not vice-versa, because we're the good guys? Every country's spy agencies think they're the good guys.
'nobnsense" is rubbish stated by one of the elite :)
Hopefully they came up with better names than the NSA. "Cannoli" and "Earl Grey" are terrible names for networking malware.
Somewhat we are missing half (or maybe far more than half) of the story, the part of "we do". Most people not even know that they don't know.
And make them pay for it!
Ok.
Comment removed based on user account deletion
Amid all the snarky comments about how Russia's encroaching on the U.S. and U.K.'s state cyber hacking business, Russia does seem more dark and foreboding than anytime post Cold War- and Perestroika/Glasnost.
It always seemed to me the U.S. and its NATO allies lost an enormous opportunity to reach out to Russia after the dissolution of the Soviet Union to help them economically and socially embrace the West's principals. It would have been to our mutual advantage. Instead, it felt like we wasted that opportunity gloating over the USSR's demise, and secretly cheering on the corruption that took hold.
With Putin cemented in power, it feels like we've been transported back 30 years.
When ever they tell you some bad actor is doing bad things, they are actually telling you what they themselves are doing.
As part of my work I write various network standards, having anything but basic security requirements inserted into any network standard is fought tooth and nail by CISCO certification team. They oppose anything that would result in additional development time and try to insert poison pills through public review to undercut competition. They are largely successful, as such we have hard-to-secure infrastructure with insecure-by-design protocols and standard implementations.
Dont believe any idiot who tells you otherwise.
You mean only Russia does that? US is not, China is not? Iran is not? Those morons in EU are not?
Your glowing nostalgia neglects the facts the Russians turned to and trusted Americans in the fallout of the USSR and what they got were Ogliarchs and rule by the 18th century robber-baron reborn. THAT is the end rgame of American capitalism.. and it'll be you too inside 15 years.
I know telling Putin that he would have "more flexibility" on lowering the USA defense, then giving Puttins friends a bunch of money. What was he thinking?
Between them, the Americans and Chinese design and manufacture pretty much most the world's digital network.
Russians and all their hacking can't replace glaring disadvantage that they are, as a nation, basically a pilotfish getting dragged around by a shark they can only peripherally try to influence. Given such a disadvantage, their own IT security must be compromised eleventy billion interesting and critical ways I suspect.
Write laws that prevent hardware manufacturers from putting security patches behind paid fees. In the enterprise space, this is far too common, under the guise of "service contracts" and is fucking ridiculous. Its just a way for large companies to milk more money from other large companies, and those smaller companies that cannot always afford to pay continual service contracts are the ones getting fucked over and exploited because of things like this. Seriously, it is sad that there is an actual community dedicated to pirating and distributing security patches from major enterprise hardware manufacturers.
"Every country's spy agencies think they're the good guys."
If only security had gotten more that a passing nod from the manufacturers of that equipment, we would not be having this problem.
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
(posting anonymously) The state of almost all network security is terrible. We have many things that are on networks that shouldn't be because of convenience. Some of those things are accidentally on the internet (think industrial control). However for the things that are on networks and should be there our biggest problem is complexity. If I want to secure something I have to know what I'm securing and then have some sort of logical perimeter. Now ideally I should have also depth of security, that is multiple perimeters. If we look at a good network like SWIFT, it was designed many years ago and had a specific purpose and well defined access and security. The tools are all simple. If I look at anything made in the last 10 years no one person can even describe the entire thing, there are applications built on tools, built on frameworks built on node.js running on some machine somewhere else. People through everything together. Then they sort of add generic security but I can't describe even one perimeter. No wonder a thermostat for a fish tank has access to a casino database. The guy who set up the database had no idea who was going to access it and couldn't have secured it if he wanted to.
Let's put all this nonsense to rest. There was no collusion and the Russians aren't adept enough to hack into our infrastructure. The whole thing is an FBI conspiracy.
Ah, okay, I understand. Others maybe do it, too, that makes it great then. We should all engage in constant cyberwarfare.
Only in the West do it's own citizens think themselves the bad guys. So much self hatred. Didn't religion use to deflect this?
Well, the original oligarchs got their starting capital through the inevitable corruption of the communist state... it's really a multi-factor disease. The only feet at which the blame can be firmly placed is the oligarchs themselves, and they don't care about blame one bit.
Someone had to do it.
Comment removed based on user account deletion
because you're someone who has been definitely proven to do exactly this, and now you're trying to trick us into believing someone else is, someone who has (again unlike you) never been proven to do so before.
Nice try, but your propaganda gets checked at the door.
Sure that wasn't Obama?
What Russians failed to understand is that capitalism doesn't mean handouts from the West. It means you're on your own without government interference, including from their own government. When they sat on their asses expecting to get rich because they were now "democratic" obviously it failed. Now they blame us.
The summary said Russia was the greatest threat. Even though China makes so much of our electronics. It would be a shame (a shame!) if some imperfections were to slip into the manufacturing process.
Any guest worker system is indistinguishable from indentured servitude.
If Putin had to hand to pick anyone to do a counterintelligence investigation on him (and I do mean anyone at all), he would pick someone whose last name is Mueller (and, no, I don't mean this Mueller... any Mueller). Putin built his entire political career on having an alter ego of a Russian spy embedded in Germany in 1945. The spy's arch-nemesis is an SS counter-intelligence general by the name of Heinrich Müller. No matter what Mueller's findings are in the end, the fact that he was the one handling the investigation will already make Putin a legend at home. Putin was handed a domestic prize beyond anything even remotely conceivable the moment Mueller was appointed as a special prosecutor.
But, hey, good luck with that partisan hackery of yours. I am sure you'll drown it in some 1st grade pot after taking yet another seditious rhetorical piss at the President.
Any guest worker system is indistinguishable from indentured servitude.
That's not true. There was a collusion. Russia very clear bought Clintons. They just didn't want to stay bought. So Russia subtly confessed to the buying. Hence all the deflections by the Democrats.
Any guest worker system is indistinguishable from indentured servitude.
Well, the original oligarchs got their starting capital through the inevitable corruption of the communist state
No, that's not true. Vast fortunes were made after the collapse of the USSR because there was a market for everything. This was post-USSR. The wealth became concentrated in a few hands because the rule of law didn't exist. Russia was a failed state. So both the "well-wishing" from Russia is retarded (because US has retained its rule of law despite Obama) and your libtard world view won't effect anything, either. The disease that is the modern Democratic Party will be healed.
Any guest worker system is indistinguishable from indentured servitude.
Vast fortunes were made after the collapse of the USSR because there was a market for everything.
...and the people in position to be the sellers of that everything were the corrupt and connected people from before the fall.
Someone had to do it.
And all of the above was planned in Leo Tolstoy's basement.
"Russia is our most capable hostile adversary in cyber-space, so dealing with their attacks is a major priority for the National Cyber Security Centre and our US allies," said Ciaran Martin, head of the NCSC
Ciaran seems to have forgotten the tens of thousands of US trained crackers in the PRC
Comment removed based on user account deletion
Comment removed based on user account deletion
Trump cares about upsetting Putin about as much as he cares about upsetting a doorman in one of his buildings. President Trump doesn't see any particular reason to raise hay with him except for those times when he is a problem.
Any guest worker system is indistinguishable from indentured servitude.
When his portrayer Vyacheslav Tikhonov died in December 2009, the Foreign Intelligence Service—one of the successor organisations of the former Soviet KGB—sent its condolences to his family. Ivan Zassoursky notes that Russian Prime Minister (and former and current President) Vladimir Putin, a former KGB agent, has been portrayed as "embod[ying] the image—very important for the Russian television audience—of Standartenführer von Stierlitz... If anyone missed the connection between Putin, who served in Germany, and von Stierlitz, articles in the press reminded them of the resemblance and helped create the association."[3] The connection went both ways; Putin was strongly influenced by the novels, commenting: "What amazed me most of all was how one man's effort could achieve what whole armies could not."
Any guest worker system is indistinguishable from indentured servitude.
Just so we are clear, Trump challenged Putin after Russia presented US with a military ultimatum. Russia declared Syria its protectorate and stated the policy that it would not only attempt to shoot any missiles fired at Syria, but also any launch sites. This was an ultimatum to back off from Syria. And Trump ordered a strike the next day. That's how much he cares about Putin.
Any guest worker system is indistinguishable from indentured servitude.
...and the people in position to be the sellers of that everything were the corrupt and connected people from before the fall.
No, anyone who could scrape enough money to go abroad for a week would see a return of a few multiples just by selling junk they brought back.
Any guest worker system is indistinguishable from indentured servitude.
... that CERT never sends out TA's about United States state sponsored cyber actors?
Hmmm...
Warning: This signature may offend some viewers.
I just leave this here: https://en.wikipedia.org/wiki/Kabuki_dance
They already own the Democratic Party. Why bother with the clandestine stuff if they can buy Clintons in the open?
Sjeesh, the Rightwing echo chamber is getting more and more detached from reality every day. I know this is futile to ask, but do you have even the smallest hint of a proof for this allegation, or is this just your brainwashing speaking?
Because you don't want to be sick, and if you just wish the problem away hard enough, it'll go away. Or you'll drop dead. One of the two.
I've been thinking this since the first Trump volley. Didn't know the name though, thanks for the link
Right. Only the true Messiah would deny that he is a Messiah. I take it George Bush was then playing into Saddam's hands. This is nuts. Clintons got a hundred million dollars from Russia. And that's just what's in the public record. This was while HRC was a Secretary of State. She practically blew the Russian foreign minister while fawning over him with the "reset" button. But the first US President to kill Russian military personal since Woodrow Wilson is not enough of a Russia hater for you. The fact the he completely ignored a Russian ultimatum (forcing Russia to save face for domestic audience by claiming that they did shut down the missiles) makes him a President who "won't criticize Putin." Seek help. https://en.wikipedia.org/wiki/...
Any guest worker system is indistinguishable from indentured servitude.
You should check once again whom the government agencies that issue all these Russia warnings are currently working for.
Why is these even a discussion? Why is there a difference of opinion between Dems and Reps on this other than the fucking russians joining the debate trying to influence every single topic on every single forum on the internet including this one.
Fact: The Russians *are* out to get us. It doesn't matter if you're "opposed" to the Russians right now as the enemy of the moment (Dems) or not. The Russians are nobody's friend if you are a democracy.
Jebus.
I'm right wing as fuck but I haven't bought into the current party line. Russia is 100% our adversary regardless of the fact that *conveniently* the Dems are all hot and bothered right now about the Russians.
In fact I find it very fucking *suspicious* that the Dems are so hot and bothered about the Russians.
If state "sponsored" efforts are getting detected during the "seeking" part they are not state sponsored.
Governments have the skills to ensure they can get in, stay in and escape without detection.
With the mission done.
Some random code litter left for security researchers to ponder.
Domestic spying is now "Benign Information Gathering"
Fact: The Russians *are* out to get us.
Maybe. I am not sure why, but there could be some historical gripes. But another fact is that every time a Democrat mentions it, they are talking out of their ass and it's very, very transparent.
Any guest worker system is indistinguishable from indentured servitude.
Sure. I'll check. Links to the agency warnings, please? Not 3rd party accounts, but the actual links to the warnings. I'll go collect crickets while so I have something to listen to while you don't post.
Any guest worker system is indistinguishable from indentured servitude.
Russia is 100% our adversary
define "adversary". trolling is not an act of war. so even if every other spam message was from russia, that would not make it a war. when you apologists trying to justify russian occupation of georgia and ukraine, yeah, that's russian propaganda. but just mischief trying to amplify social problem? even if it is russia, they are just doing the muckraking that our own media isn't.
Any guest worker system is indistinguishable from indentured servitude.
US and UK can tell us about compromising internet infrastructure routers. Thanks to Edward Snowden, we know they are experts in that field.
I mean, who enjoys competition in their core business?
Obviously in any competition between US and Russian state interests all patriotic Americans should side with Russia.
"Maybe. I am not sure why, but there could be some historical gripes"
Did you somehow miss the invasion of Ukraine and the imposition of sanctions on Russia?
The Russians have a victim mentality, even when they're the aggressors. Fair enough for those at the bottom of society who have been victims forever but not for Putin, his goons, the mafias and those who have plundered their country and now blame the west. Maybe they believe it. They complain about NATO on their borders because they want the freedom to invade their neighbours.
Did you somehow miss the invasion of Ukraine and the imposition of sanctions on Russia?
Invasion of Ukraine was a profoundly dumb decision on the part of RF. But it doesn't make RF a US adversary. Yes, we imposed sanctions on some financial institutions in Russia (not on Russia itself, btw).
The Russians have a victim mentality, even when they're the aggressors.
Why do I have to care about their mentality? Their actions is what concerns me. The claim that they are acting in an adversarial manner towards the US is dubious at best. And it's made loudest by the party which had a lot to cover up (the Criminal Democratic Party). So excuse me when I call "bull shit".
Putin, his goons, the mafias and those who have plundered their country and now blame the west. Maybe they believe it. They complain about NATO on their borders because they want the freedom to invade their neighbours.
Blah, blah, balh. Ok. You convinced me. They have historic gripes. They are really just using those for internal consumption in order to divert the public's attention from their invasions (aka propaganda) and then the English-speaking RF citizens are just spewing right back out on the Internet. But this has nothing to do with what Russia actually did with respect to the US on the Internet. It's just a hyperbole of the pro-crime Criminal Democratic Party trying to create a boogie man to divert attention from the fact that they nearly destroyed the country.
Any guest worker system is indistinguishable from indentured servitude.
Comey seemed keen to let the world know that Trump is concerned about the 'pee tape'. It could be that Trump is acting like Putin's his friend because he's being blackmailed. Putin certainly has the means, motive and form - likewise Trump. I expect if that is the case, then once it's been milked for all it's worth, it will be revealed, just for the chaos that will ensue.
Strange times
Russian government trying to protect their citizens' own Internet-of-Things devices from attack by US and UK intelligence services, which they must not even think about trying to do.
Comment removed based on user account deletion
Only thing worse that creimer is this fucking sad sack following him around. Get a fucking life.
Comment removed based on user account deletion
Comment removed based on user account deletion
You are welcome, Hillary.
Any guest worker system is indistinguishable from indentured servitude.
No, religion caused it. SHAME on you for bringing the "West is going down because they abandoned religion" false flag to the party. (Why do I see Forrest Gump apologizing for ruining the Black Panther Party in my head?)
lots of slinging matches going on by parliamentarians and congress men/women.. but seriously.. when was the last time you trusted what a politician said about anything.. let alone about the internet... I want to see the data... how the hell can they tell its "originating" from anywhere when so many people have compromised computers.