Tag Archive for: war’

Cyber Element in the Russia-Ukraine War & its Global Implications

/in


The recent Taiwan visit by US Congresswoman Nancy Pelosi brought the increasing cyber threats to national security to light again. According to Taipei Times, systems like electronic bulletin boards at railway stations and convenience stores were hacked, and government websites were attacked and brought down, even before Pelosi arrived on the island nation.

It was reported that television screens behind cashiers in some of the 7-Eleven convenience stores—a US-based multinational retail company—were compromised to display statements like “Warmonger Pelosi, get out of Taiwan!”. In another instance, an electronic board at the Sinzuoying railway station showed a message in simplified Chinese which translated into “The visit of the old witch to Taiwan is a serious challenge to the core of the country. Those who actively welcome it will eventually be judged by people, the blood ties of the same race will continue to be separated, great China will eventually be unified”.

Audrey Tang, Taiwan’s digital minister, highlighted that before and after the visit, Taiwan observed 23 times higher cyberattacks than the previous daily record. However, without directly blaming any state or non-state actor for the attacks, Taipei underlined that the attacks originated from addresses in China and Russia.   

At the recently concluded DEFCON—a US-based annual hacker convention—the White House National Cyber Director, Chris Inglis, remarked that “the way forward for cybersecurity is defence, defined roles and responsibilities, and investing in resilience and robustness”. He stressed the ‘three-wave of attacks’ observed in recent years. The three waves focus on –

  1. Holding data and systems at risk
  2. Keeping the data and systems at risk but abstracting it into holding critical functions at risk
  3. Attack on confidence

He asserted that while there is a lack of imagination and anticipation of future attacks, there is also a need for clarity on roles and responsibilities, strengthening supply chains, and focus on collective defence. According to him, “the attackers seek to defeat one, and in the process, they are able to defeat all.”

From this perspective,…

Source…

This was H1 2022: Part 3 – Beyond the War

/in


Being caught up in all the events and media attention stemming from the Russo-Ukrainian conflict, one could forget that there is still activity outside the realm of the war. True, the war shifted the focus and priorities of the nations and some crime groups alike, but others went on with their business as usual. The war, and its repercussions on the threat landscape, did not entirely eliminate pre-existing threats. I would argue that some threats are showing potential for growth in the shadow of the war. There is an upside or opportunity for rogue, organized and nation-linked agents to roam undetected and even accelerate their offensive operations.

This is the third and final blog in our three-part series, which was written to shine a light on cyber activities in the first half of 2022. This particular blog covers events, attacks and heists that took place outside the Russian and Ukraine cyber war.

AppSec/API Security 2022

Roaming APTs

The undeniable focus on threats and events relating to the invasion of Ukraine by Russia does not mean other threat actors suspended their activities. On the contrary, while the eyes of the world are upon Russia, other actors have been roaming across the internet almost unnoticed.

On January 13, 2022, Trend Micro linked cyberespionage campaigns against governments, which are typically seen in state-backed campaigns, as well as financially driven attacks against several gambling companies in China and various cryptocurrency platforms to a new Chinese actor, dubbed “Earth Lucsa.” Earth Lucsa targeted government institutions in Taiwan, Thailand, the Philippines, Vietnam, the United Arab Emirates, Mongolia and Nigeria; educational institutions in Taiwan, Hong Kong, Japan and France; media agencies in Taiwan, Hong Kong, Australia, Germany and France; pro-democracy and human rights political organizations and movements in Hong Kong; COVID-19 research organizations in the United States; telecom companies in Nepal; religious movements that were banned in mainland China; and various cryptocurrency trading platforms. The threat actors leveraged spear-phishing, watering hole attacks and known vulnerabilities, such as ProxyShell and Oracle GlassFish. The payloads used during the…

Source…

China's military drills reveal plans for Taiwan blockade in case of war: experts – The New Indian Express

/in



China’s military drills reveal plans for Taiwan blockade in case of war: experts  The New Indian Express

Source…

SSU dismantles an infowar botnet. HIMARS, atrocities, provocation, and disinformation. A Russian disinformation mouthpiece raises the prospect that there are highly placed traitors in the GRU. Rewards for Justice works toward securing elections from Russian meddling. The case that Russia’s war is genocidal. The case that pan-Slavism has found wayward, but sincere, expression in Mr. Putin’s war.

/in


At a glance.

  • SSU dismantles an infowar botnet.
  • HIMARS, atrocities, provocation, and disinformation.
  • A Russian disinformation mouthpiece raises the prospect that there are highly placed traitors in the GRU.
  • Rewards for Justice works toward securing elections from Russian meddling.
  • The case that Russia’s war is genocidal.
  • The case that pan-Slavism has found wayward, but sincere, expression in Mr. Putin’s war.

Ukraine claims to have taken down a massive Russian bot farm.

The Security Service of Ukraine (SSU) says it dismantled a large Russian botnet operation that was being used to spread Russian propaganda and disinformation. The bots, about a million strong, were herded from locations within Ukraine itself, in the cities of Kyiv, Kharkiv, and Vinnytsia, BleepingComputer reports. Their output took the form of social media posts from inauthentic accounts associated with fictitious personae. The SSU describes the operation as follows: “Their latest ‘activities’ include the distribution of content on the alleged conflict between the leadership of the President’s Office and the Commander-in-Chief of the Armed Forces of Ukraine as well as a campaign to discredit the first lady. To spin destabilizing content, perpetrators administered over 1 million of their own bots and numerous groups in social networks with an audience of almost 400,000 users. In the course of a multi-stage special operation, the SSU exposed the leader of this criminal group. He is a russian citizen who has lived in Kyiv and positioned himself as a ‘political expert.’”

On the other side of the information war, BleepingComputer also reported earlier this week that Ukrainian hacktivists, “Torrents of Truth,” were bundling instructions on how to bypass Russian censorship into movie torrents whose intended audience would be Russian viewers.

HIMARS, atrocities, provocation, and disinformation.

The killing of Ukrainian prisoners of war in Olenivka is by now clearly a Russian atrocity–the prisoners were apparently murdered by their captors. (And we note in passing that the International Committee of the Red Cross still has not been given the access to the prison international law requires.) The prisoners did not die in a…

Source…