Cyber Firms Warn on Suspected Russian Plan To Attack Ukraine (reuters.com)

← Back to Stories (view on slashdot.org)

Cyber Firms Warn on Suspected Russian Plan To Attack Ukraine (reuters.com)

Posted by msmash on Wednesday May 23, 2018 @02:00AM from the breaking-news dept.

Jim Finkle, reporting for Reuters: Cisco Systems on Wednesday warned that hackers have infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software, possibly in preparation for another massive cyber attack on Ukraine. Cisco's Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign, dubbed VPNFilter, because the hacking software shares code with malware used in previous cyber attacks that the U.S. government has attributed to Moscow. Cisco said the malware could be used for espionage, to interfere with internet communications or launch destructive attacks on Ukraine, which has previously blamed Russia for massive hacks that took out parts of its energy grid and shuttered factories. Head of Ukraine's cyber police said on Wednesday that the agency is aware of new large malware campaign, and that it is working to protect Ukraine against possible new cyber threat.

34 of 76 comments (clear)

Duh! by Anonymous Coward · 2018-05-23 01:44 · Score: 1

Ya think?
Actually, name one country that they aren't attacking.
1. Re:Duh! by Oswald+McWeany · 2018-05-23 02:56 · Score: 4, Funny
  
  Ya think?
  Actually, name one country that they aren't attacking.
  According to all the people named Ivan that post on Slashdot; Russia is a model democracy, a shining beacon of friendship in the world, and would never consider violating another country's rights on stability. Russia certainly are not cyber attacking any country.
  Wait for the correct timezone to hit rushhour Slashdot traffic.
  
  --
  "That's the way to do it" - Punch
2. Re:Duh! by cascadingstylesheet · 2018-05-23 04:42 · Score: 2
  
  According to all the people named Ivan that post on Slashdot; Russia is a model democracy, a shining beacon of friendship in the world, and would never consider violating another country's rights on stability. Russia certainly are not cyber attacking any country.
  Wait for the correct timezone to hit rushhour Slashdot traffic.
  I wish I had known years ago that all I had to do to become Russian was to disagree with someone on the internet.
3. Re:Duh! by Oswald+McWeany · 2018-05-23 05:03 · Score: 2
  
  Hi Ivan!
  
  --
  "That's the way to do it" - Punch
4. Re:Duh! by K.+S.+Kyosuke · 2018-05-23 09:55 · Score: 1
  
  I wish I had known years ago that all I had to do to become Russian was to disagree with someone on the internet.
  I'm pretty sure they'd give offer you at least a work visa for that. Citizenship comes after that.
  
  --
  Ezekiel 23:20
How massive? by Lije+Baley · 2018-05-23 01:49 · Score: 2

So just how much damage was done in those "massive" previous attacks, and how long did it take to restore the power grid and factories? Was it worse than squirrels or a hurricane?

--
Strange things are afoot at the Circle-K.
1. Re:How massive? by KixWooder · 2018-05-23 02:02 · Score: 3, Insightful
  
  Squirrels and/or hurricanes aren't malicious actors with intent.
  
  --
  I hate fat people.
2. Re:How massive? by AlwinBarni · 2018-05-23 07:41 · Score: 1
  
  So just how much damage was done in those "massive" previous attacks, and how long did it take to restore the power grid and factories? Was it worse than squirrels or a hurricane?
  I have to say: Amazing. The Moscow school of altering, twisting and diminishing facts is pretty good.
3. Re: How massive? by Lije+Baley · 2018-05-23 11:50 · Score: 1
  
  Can you explain why that matters, in terms of the economics of what I should be hysterical about?
  
  --
  Strange things are afoot at the Circle-K.
4. Re: How massive? by Tranzistors · 2018-05-23 20:19 · Score: 1
  
  in terms of the economics
  Terms of economics are not the only terms out there. If in the USA terrorist organization per year killed as much people as smoking, policy makers would not debate if they should tackle terrorism or smoking first.
5. Re:How massive? by Lije+Baley · 2018-05-26 18:41 · Score: 1
  
  Thank you. A 3 hour outage is run-of-the-mill for for wind storms 2 or three times every winter in my location. Storms regularly cause much longer outages that actually kill people, most recently on the U.S. East Coast this past winter. Money spent on chasing "cyber" (a disgusting use of the term) terrorists would be better spent on tree-trimming.
  
  --
  Strange things are afoot at the Circle-K.
Black List by Only+Time+Will+Tell · 2018-05-23 01:57 · Score: 4, Interesting

At what point can we just sever as much internet traffic out of Russia to the world? I know I'm massively oversimplifying that effort, but should there not be some sort of 'death penalty' against countries engaging in cyber warfare? China and some other smaller nations would likely keep connections which would make it hard to filter between Russian and Chinese communications, but any directly from Russia could be subject to either massive slowdown or complete blocking.
1. Re:Black List by Anonymous Coward · 2018-05-23 02:49 · Score: 3, Interesting
  
  Don't throw stones inside a glass house. Stuxnet was perpetrated by the USA and Israel. If some other country did the same thing to the USA, it would be counted as an act of war and the USA has stated it would retaliate with any means it sees fit and not limit the response to "cyber" warfare.
2. Re:Black List by ColdWetDog · 2018-05-23 04:24 · Score: 2
  
  We can put them on Facebook perhaps. That ought to do them in.
  
  --
  Faster! Faster! Faster would be better!
Looks good for CISCO by brucekeller · 2018-05-23 02:03 · Score: 1

Cyber warfare seems to be becoming the new way to tax governments aside from climate change.
Russia failing to make friends by Anonymous Coward · 2018-05-23 02:10 · Score: 5, Insightful

If Russia is trying to convince Ukraine to ally with Russia instead of the European Union, they are going about it in exactly the wrong way.
1. Re:Russia failing to make friends by Anonymous Coward · 2018-05-23 02:22 · Score: 2, Insightful
  
  The Ukraine is just the example to all the others.
2. Re:Russia failing to make friends by JaredOfEuropa · 2018-05-23 03:20 · Score: 2
  
  They are not trying to be convincing, they are bullying them. Perhaps not to ally with Russia, but most certainly to not align themselves any further with the EU or NATO
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
3. Re:Russia failing to make friends by Nidi62 · 2018-05-23 03:26 · Score: 4, Informative
  
  And the US position on Crimea's right to self determination is exactly the opposite of the US position on Kosovo's right to self determination.
  It's hardly "Self determination" when Russia buses in a bunch of Russian citizens and gives them the right to vote in the Crimea right before the election. Next you'll tell me the "separatists" in the Donbass just happened to find a bunch of Russian tanks and air defense systems lying around in barns.
  
  --
  The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
4. Re:Russia failing to make friends by Anonymous Coward · 2018-05-23 04:01 · Score: 2, Informative
  
  Ukraine is probably beyond their modern and rather peaceful divide and conquer strategy through information warfare at this point. That strategy works great in a time of relative peace, where you can make people sympathize with your side. But when you're already in a state of (proxy) war and have one side directly blaming the other for people's deaths on your doorstep other measures may be more appropriate on top of information warfare.
  And cyberwarfare seems to be a smart way of fighting since it does not expose your assets to greater risks of losing them in the process. Your soldiers are pretty safe while the havoc you may cause will harm your opponent.
5. Re:Russia failing to make friends by Rick+Schumann · 2018-05-23 04:22 · Score: 2
  
  It's only the 'wrong way' if Russia/Putin was trying to 'convince' them of something. If you look at it from the perspective of 'Putin's plans to build USSR v2.0 via military conquest', then it looks exactly the way you'd expect it to.
6. Re:Russia failing to make friends by Kjella · 2018-05-23 05:18 · Score: 3, Insightful
  
  On the contrary, an ongoing territorial dispute may be the best way to lock Ukraine in a stalemale, the way Cyprus had the EU stalled and like China and Taiwan are today. Russia has been losing allies since the 90s, back then the dividing line ran through Germany now they've lost pretty much all of Eastern Europe from the Baltics in the north to the Slavic countries in the south and the western sphere of influence has been crawling eastwards into ex-Soviet territory. Maybe the country was divided when the unrest started but I think in a few years Russia would be holding the short end of that stick anyway.
  A full membership in EU/NATO would put them right at Putin's doorstep. Not just the proximity to Moscow, Ukraine is big both in terms of territory and manpower while Crimea is absolutely essential to Russia's navy. Maybe this will push the people in a pro-western direction but formally this makes Ukraine a hot potato because either you acknowledge their full territory which would make you a party to the conflict or you de facto recognize that Russia has taken it and isn't going to give it back, both of which are politically untenable. Even if it's not a hot conflict it can potentially stall things for decades and if anyone gets too cozy I'm sure the unrest will flare up for reasons "unknown".
  I think Putin got all he could reasonably hope for, maybe he was hoping for a massive overreaction so he could send Russian tanks all the way to Kiev to protect the Russian minority but I doubt it as it would have been really messy. The Ukrainian response was also clearly limited to avoid provoking an all-out war with Russia, they certainly could have struck back harder. As for Putin, how many allies does he have left to lose? There's Belarus that he got in his pocket, he's supporting a few whack jobs down in the Middle East but as a military and economic bloc he's pretty lonely unless he gets friendly with China. I think he just wants it to stop before Russia has their own Euromaidan...
  
  --
  Live today, because you never know what tomorrow brings
7. Re:Russia failing to make friends by guacamole · 2018-05-23 08:00 · Score: 1
  
  What sort of alternative reality are you living in? The majority of Crimean population are ethnic Russians. The Russian federation did not need to bus anyone to win the referendum there. And this is why neither Ukraine or USA would ever agree to a pieaceful resolution of the Crimean dispute through a internationally recognized referendum because it's simple as 1-2-3-4 that the Crimeans will vote for union with Russia again and again.
8. Re:Russia failing to make friends by painandgreed · 2018-05-24 02:36 · Score: 1
  
  I think it's just how many allies does Putin have left to gain? Russia had nowhere near the reputation that the USSR had as a world power and foil to the USA. Now, after all the SSRs decided to flee, I think Putin sees a greater reputation in being foil to the USA once again and is building up on that, and constructing a sphere of influence based on being the center of anti-US interests once again. They have Belarus, joined up with Iran, playing off Turkish interests to include them and Syria. I'm surprised we don't hear Russia and North Korea in the same sentence more often.
  In theory, Russia could have just tried to join the EU and NATO itself even after the USSR fell and become part of greater Europe. However, as seen by the desertion of all the SSRs away, it shows that they are more the abusive uncle of Europe, never content to be equals, always wanting to be better and commanding. There are plenty of metaphors such as wishing to rather be a big fish in a small pond, or perhaps better to rule in Hell rather than what they see as serving in Heaven, which is probably the better one as I think they see themselves as the adversary of the USA and perhaps Europe.
Interesting by nehumanuscrede · 2018-05-23 02:18 · Score: 1

While Cisco and others are warning the sky is about to fall, I didn't see in the article as to which vendor the routers / storage devices belong to.
Nor any mention of how said malware got there in the first place.
Cisco ? Juniper ? What ?
Don't tell me the digital world is about to end, then leave off the details. :|
1. Re:Interesting by oh_my_080980980 · 2018-05-23 02:38 · Score: 1
  
  But that would kill a good story....
Re:Do not believe Fake News! by CaffeinatedBacon · 2018-05-23 02:22 · Score: 1

He'd give you the shirt of his back.
Re:"Head of Ukraine's cyber police" LOL! by Dzimas · 2018-05-23 02:37 · Score: 3, Informative

In English, the translation is "Department of cyber police." Serhiy Demedyuk is its head.
In the USA, Douglas Maughan is Director, National Cyber Security Division of the Office of Cyber Security & Communications. Try saying that fast five times.
Wrong question. by Anonymous Coward · 2018-05-23 02:59 · Score: 2, Insightful

How massive? So just how much damage is done when you're lying on the ground and someone kicks you in the face? How long did it take to recover from that? Was it worse than the other one kicking your crotch?
If not, let's imply that it's ok to be kicked in the crotch.
Re: Confidence level is high! by Anonymous Coward · 2018-05-23 03:45 · Score: 1

I see you aren't well versed in the topic of cyber security.
In a field full of abstractions, routing, rerouting, and what not, it isn't very easy to have conclusive proof of anything. All you really have is "this matches the fingerprint of what we have seen before from this group" and "the motivations exist for this group to be the main potential actor".
But keep requiring an impossible burden of proof if it helps sow doubt, Ivan.
Re: Confidence level is high! by king+neckbeard · 2018-05-23 03:54 · Score: 2, Insightful

The concern is that there are lots of political reasons to lie, and absent hard evidence, they can turn "uses off-the-shelf-malware and a tor exit node" into "high confidence." Basically, if we can't see the evidence ourselves, we should give an assessment from anybody with major government contracts zero confidence until we see direct evidence.

--
This is my signature. There are many like it, but this one is mine.
Full technical Talos VPNFilter post by Khopesh · 2018-05-23 04:26 · Score: 4, Informative

See also the full Cisco Talos post, New VPNFilter malware targets at least 500K networking devices worldwide, which has all of the technical details, including all indicators of compromise (IOCs).

--
Use my userscript to add story images to Slashdot. There's no going back.
San Marino by raymorris · 2018-05-23 04:52 · Score: 2

I haven't seen any evidence that they are attacking San Marino.
Ukraine? by jbmartin6 · 2018-05-23 08:49 · Score: 1

According to the article, Ukraine claimed the campaign was in preparation for an attack on Ukraine, not any security firm. Bit strange that the summary claims otherwise

--
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.