Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Firms Warn on Suspected Russian Plan To Attack Ukraine (reuters.com)

Posted by msmash on from the breaking-news dept.

Jim Finkle, reporting for Reuters: Cisco Systems on Wednesday warned that hackers have infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software, possibly in preparation for another massive cyber attack on Ukraine. Cisco's Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign, dubbed VPNFilter, because the hacking software shares code with malware used in previous cyber attacks that the U.S. government has attributed to Moscow. Cisco said the malware could be used for espionage, to interfere with internet communications or launch destructive attacks on Ukraine, which has previously blamed Russia for massive hacks that took out parts of its energy grid and shuttered factories. Head of Ukraine's cyber police said on Wednesday that the agency is aware of new large malware campaign, and that it is working to protect Ukraine against possible new cyber threat.

20 of 76 comments (clear)

  1. How massive? by Lije+Baley · · Score: 2

    So just how much damage was done in those "massive" previous attacks, and how long did it take to restore the power grid and factories? Was it worse than squirrels or a hurricane?

    --
    Strange things are afoot at the Circle-K.
    1. Re:How massive? by KixWooder · · Score: 3, Insightful

      Squirrels and/or hurricanes aren't malicious actors with intent.

      --
      I hate fat people.
  2. Black List by Only+Time+Will+Tell · · Score: 4, Interesting

    At what point can we just sever as much internet traffic out of Russia to the world? I know I'm massively oversimplifying that effort, but should there not be some sort of 'death penalty' against countries engaging in cyber warfare? China and some other smaller nations would likely keep connections which would make it hard to filter between Russian and Chinese communications, but any directly from Russia could be subject to either massive slowdown or complete blocking.

    1. Re:Black List by Anonymous Coward · · Score: 3, Interesting

      Don't throw stones inside a glass house. Stuxnet was perpetrated by the USA and Israel. If some other country did the same thing to the USA, it would be counted as an act of war and the USA has stated it would retaliate with any means it sees fit and not limit the response to "cyber" warfare.

    2. Re:Black List by ColdWetDog · · Score: 2

      We can put them on Facebook perhaps. That ought to do them in.

      --
      Faster! Faster! Faster would be better!
  3. Russia failing to make friends by Anonymous Coward · · Score: 5, Insightful

    If Russia is trying to convince Ukraine to ally with Russia instead of the European Union, they are going about it in exactly the wrong way.

    1. Re:Russia failing to make friends by Anonymous Coward · · Score: 2, Insightful

      The Ukraine is just the example to all the others.

    2. Re:Russia failing to make friends by JaredOfEuropa · · Score: 2

      They are not trying to be convincing, they are bullying them. Perhaps not to ally with Russia, but most certainly to not align themselves any further with the EU or NATO

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    3. Re:Russia failing to make friends by Nidi62 · · Score: 4, Informative

      And the US position on Crimea's right to self determination is exactly the opposite of the US position on Kosovo's right to self determination.

      It's hardly "Self determination" when Russia buses in a bunch of Russian citizens and gives them the right to vote in the Crimea right before the election. Next you'll tell me the "separatists" in the Donbass just happened to find a bunch of Russian tanks and air defense systems lying around in barns.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
    4. Re:Russia failing to make friends by Anonymous Coward · · Score: 2, Informative

      Ukraine is probably beyond their modern and rather peaceful divide and conquer strategy through information warfare at this point. That strategy works great in a time of relative peace, where you can make people sympathize with your side. But when you're already in a state of (proxy) war and have one side directly blaming the other for people's deaths on your doorstep other measures may be more appropriate on top of information warfare.
      And cyberwarfare seems to be a smart way of fighting since it does not expose your assets to greater risks of losing them in the process. Your soldiers are pretty safe while the havoc you may cause will harm your opponent.

    5. Re:Russia failing to make friends by Rick+Schumann · · Score: 2

      It's only the 'wrong way' if Russia/Putin was trying to 'convince' them of something. If you look at it from the perspective of 'Putin's plans to build USSR v2.0 via military conquest', then it looks exactly the way you'd expect it to.

    6. Re:Russia failing to make friends by Kjella · · Score: 3, Insightful

      On the contrary, an ongoing territorial dispute may be the best way to lock Ukraine in a stalemale, the way Cyprus had the EU stalled and like China and Taiwan are today. Russia has been losing allies since the 90s, back then the dividing line ran through Germany now they've lost pretty much all of Eastern Europe from the Baltics in the north to the Slavic countries in the south and the western sphere of influence has been crawling eastwards into ex-Soviet territory. Maybe the country was divided when the unrest started but I think in a few years Russia would be holding the short end of that stick anyway.

      A full membership in EU/NATO would put them right at Putin's doorstep. Not just the proximity to Moscow, Ukraine is big both in terms of territory and manpower while Crimea is absolutely essential to Russia's navy. Maybe this will push the people in a pro-western direction but formally this makes Ukraine a hot potato because either you acknowledge their full territory which would make you a party to the conflict or you de facto recognize that Russia has taken it and isn't going to give it back, both of which are politically untenable. Even if it's not a hot conflict it can potentially stall things for decades and if anyone gets too cozy I'm sure the unrest will flare up for reasons "unknown".

      I think Putin got all he could reasonably hope for, maybe he was hoping for a massive overreaction so he could send Russian tanks all the way to Kiev to protect the Russian minority but I doubt it as it would have been really messy. The Ukrainian response was also clearly limited to avoid provoking an all-out war with Russia, they certainly could have struck back harder. As for Putin, how many allies does he have left to lose? There's Belarus that he got in his pocket, he's supporting a few whack jobs down in the Middle East but as a military and economic bloc he's pretty lonely unless he gets friendly with China. I think he just wants it to stop before Russia has their own Euromaidan...

      --
      Live today, because you never know what tomorrow brings
  4. Re:"Head of Ukraine's cyber police" LOL! by Dzimas · · Score: 3, Informative

    In English, the translation is "Department of cyber police." Serhiy Demedyuk is its head.

    In the USA, Douglas Maughan is Director, National Cyber Security Division of the Office of Cyber Security & Communications. Try saying that fast five times.

  5. Re:Duh! by Oswald+McWeany · · Score: 4, Funny

    Ya think?

    Actually, name one country that they aren't attacking.

    According to all the people named Ivan that post on Slashdot; Russia is a model democracy, a shining beacon of friendship in the world, and would never consider violating another country's rights on stability. Russia certainly are not cyber attacking any country.

    Wait for the correct timezone to hit rushhour Slashdot traffic.

    --
    "That's the way to do it" - Punch
  6. Wrong question. by Anonymous Coward · · Score: 2, Insightful

    How massive? So just how much damage is done when you're lying on the ground and someone kicks you in the face? How long did it take to recover from that? Was it worse than the other one kicking your crotch?
    If not, let's imply that it's ok to be kicked in the crotch.

  7. Re: Confidence level is high! by king+neckbeard · · Score: 2, Insightful

    The concern is that there are lots of political reasons to lie, and absent hard evidence, they can turn "uses off-the-shelf-malware and a tor exit node" into "high confidence." Basically, if we can't see the evidence ourselves, we should give an assessment from anybody with major government contracts zero confidence until we see direct evidence.

    --
    This is my signature. There are many like it, but this one is mine.
  8. Full technical Talos VPNFilter post by Khopesh · · Score: 4, Informative

    See also the full Cisco Talos post, New VPNFilter malware targets at least 500K networking devices worldwide, which has all of the technical details, including all indicators of compromise (IOCs).

    --
    Use my userscript to add story images to Slashdot. There's no going back.
  9. Re:Duh! by cascadingstylesheet · · Score: 2

    According to all the people named Ivan that post on Slashdot; Russia is a model democracy, a shining beacon of friendship in the world, and would never consider violating another country's rights on stability. Russia certainly are not cyber attacking any country.

    Wait for the correct timezone to hit rushhour Slashdot traffic.

    I wish I had known years ago that all I had to do to become Russian was to disagree with someone on the internet.

  10. San Marino by raymorris · · Score: 2

    I haven't seen any evidence that they are attacking San Marino.

  11. Re:Duh! by Oswald+McWeany · · Score: 2

    Hi Ivan!

    --
    "That's the way to do it" - Punch