|
Arson Daily posted:This is actually something I've been thinking about for a bit. Why isn't Russia using their hacking abilities to gently caress with countries giving aid to Ukraine? Are their capabilities overblown or would doing such a thing turn a cyber war into a blow poo poo up war? Probably a combination of beefing up cybersec infrastructure, successful attacks that arent being reported/arent known about, Russia not wanting to blow any of their zero day exploits without a drat good reason, and not wanting the NSA or whoever to use theirs on them. Edit: I did a research paper on their cyberwarfare stuff circa 2018 and it seemed to me they lean fairly heavily on nominally independent criminal operations for a lot of their day to day shenanigans, so who knows if that's playing a part. Defenestrategy fucked around with this message at 04:41 on Apr 18, 2022 |
#
?
Apr 18, 2022 04:33
|
|
|
|
| # ? Jun 5, 2024 18:01 |
|
|
Arson Daily posted:This is actually something I've been thinking about for a bit. Why isn't Russia using their hacking abilities to gently caress with countries giving aid to Ukraine? Are their capabilities overblown or would doing such a thing turn a cyber war into a blow poo poo up war? Most of their state-run hacking schemes were run from in-country, and that's a lot harder to do when the entire country is basically firewalled off from the polite section of the Internet
|
|
#
?
Apr 18, 2022 04:44
|
|
|
Mustang posted:In my unit there were some enterprising young NCO's that noticed there was some equipment in the arms room that wasn't on the books and they wanted it for themselves. They roped in their platoon leader who also wanted some of it, even went up to his commander and was like "hey sir, want any of this poo poo from the arms room that's not on the books?". when you say "for themselves" do you mean for the unit to use or to like....take home
|
|
#
?
Apr 18, 2022 04:44
|
|
|
Alan Smithee posted:when you say "for themselves" do you mean for the unit to use or to like....take home red dot sights are expensive
|
|
#
?
Apr 18, 2022 04:50
|
|
|
Arson Daily posted:This is actually something I've been thinking about for a bit. Why isn't Russia using their hacking abilities to gently caress with countries giving aid to Ukraine? Are their capabilities overblown or would doing such a thing turn a cyber war into a blow poo poo up war? The FBI did apparently disable a bunch of Russian malware, but I think there was an expectation that there'd be a lot more activity. I have a slight suspicion, backed by literally nothing but my own uninformed thoughts, that the young hackers who likely make up the core of Russia's cyber force are more likely to be more read and informed and less likely to support the war. If this was the case, they might either be not really going all in or Moscow might be holding them back because they don't trust them. Defenestrategy posted:Probably a combination of beefing up cybersec infrastructure, successful attacks that arent being reported/arent known about, Russia not wanting to blow any of their zero day exploits without a drat good reason, and not wanting the NSA or whoever to use theirs on them. You'd think if there's one situation when you'd want to turn on everything you had, it'd be if all your foreign reserves were seized and had crippling sanctions placed on you.
|
|
#
?
Apr 18, 2022 04:54
|
|
|
They could have also gotten a very clear warning that hey, that poo poo would be an act of war. And while nobody wants to jump into Ukraine themselves, Russia also really doesn’t want anyone to jump into Ukraine.
|
|
#
?
Apr 18, 2022 04:56
|
|
|
Defenestrategy posted:Probably a combination of beefing up cybersec infrastructure, successful attacks that arent being reported/arent known about, Russia not wanting to blow any of their zero day exploits without a drat good reason, and not wanting the NSA or whoever to use theirs on them. That’s a really good question I’m guessing a lot of highly paid people are worried about. Without any expertise I’d guess it’s for similar reasons their conventional army is face planting: looks great on paper and has an aura of power and easily steamrolls small foes and ransomware targets. But when trying to step up to powerhouse foes they’re badly stumbling. Probably also related to the massive ongoing tech sector brain drain. If someone is a talented computer person the appeal of working for a supervillain might get tiresome when you could move elsewhere and still be a top earner without being in a pariah state.
|
|
#
?
Apr 18, 2022 04:58
|
|
|
BeastOfExmoor posted:
It might also be a good time to not start a cyber war and find out how many dirty tricks the US has in store for you.
|
|
#
?
Apr 18, 2022 04:58
|
|
|
A infosec person who spends a lot of time on this had a good writeup: https://grugq.substack.com/p/putins-cyber-blind-spot
|
|
#
?
Apr 18, 2022 05:06
|
|
|
On the early abandonment chat, I'll say it's a little odd to be criticizing the Russians for giving up the fight to save their military assets (cruiser Moscow) early when I hope the thread collectively wouldn't half mind if the Russians collectively left all of their stuff behind and walked home tonight. That said: The Russian navy is part of the same national defence structure as their army; it faces the same, or very similar, problems. It doesn't matter what a professional body of people could or should have done to save the ship; in context, nothing suggests these people existed in the first place.
|
|
#
?
Apr 18, 2022 05:14
|
|
|
It's not strange at all to look down on them for professional failures while also hoping their profession fails.
|
|
#
?
Apr 18, 2022 05:18
|
|
|
Lovely Joe Stalin posted:That's the НоҺомо the popolice?
|
|
#
?
Apr 18, 2022 05:19
|
|
|
Anyone know any economists who can give a guess on what Russia's default on its debt will do to its economy? Since they are unable to service their debt in dollars per the terms of the agreement, and seem to be saying "we don't need Western money anyways" It doesn't take an economist to know the above is Really Bad, but like, how bad is Really Bad is the question.
|
|
#
?
Apr 18, 2022 05:39
|
|
|
BeastOfExmoor posted:
Theres two big issues with using zero day exploits and why people dont tend toss them about willy nilly* 1) once you use them in any capacity you have a window between discovery and a patch or remediation being deployed for you to do what you need to do. Sometimes these are insanely quick turn arounds like hours if its a big enough issue or a day or two if its fairly niche and annoying to figure out. 2) because of needing to keep them secret once you release the zero day someone can turn around and hose you or some youd rather not get hosed with it. So if you're Russia and are holding on to a zeroday that lets you compromise any win10 system you point it at youd probably hold on to it unless you absolutely need an ace in the hole. *sometimes a conplete dufus will use them to own a minecraft server or some inconseqiential
|
|
#
?
Apr 18, 2022 05:43
|
|
|
orange juche posted:Anyone know any economists who can give a guess on what Russia's default on its debt will do to its economy? Since they are unable to service their debt in dollars per the terms of the agreement, and seem to be saying "we don't need Western money anyways" They should say its priced in cause the market should be expecting it. Its also not like the Russians couldn't pay their bills. They have a lot of resources people want and $350 billion, its all just locked up, this isn't a voluntary default. So if you are asking if people will lend to them in the future I would say yes, there's plenty of money to be made there. Deteriorata posted:It also seems a tough call because all we're seeing is the "after" picture. We don't know what the situation was when the Abandon Ship order was given. There may well have been a moment when staying on the ship was unsurvivable and it was the only reasonable thing to do. All we see is what it looks like after the fires had died down. I saw a video from Maersk on someone wrestling a braided inlet hose to an offline purifier spraying fuel at full pressure. My chief was laughing at it and I chuckled until I thought what if that was me. Someone was trying to do the best they could in a poo poo situation, I'm going to learn the lessons they learned the hard way but I'm not going to attach blame or judge them. I could very easily do much worse.
|
|
#
?
Apr 18, 2022 05:49
|
|
|
Oh the year was twenty-twenty-two How I wish I was in Sevastopol now!
|
|
#
?
Apr 18, 2022 05:51
|
|
|
Elviscat posted:Oh the year was twenty-twenty-two 
|
|
#
?
Apr 18, 2022 06:04
|
|
|
Arson Daily posted:This is actually something I've been thinking about for a bit. Why isn't Russia using their hacking abilities to gently caress with countries giving aid to Ukraine? Are their capabilities overblown or would doing such a thing turn a cyber war into a blow poo poo up war? They extremely are, the reason why it's had less impact than normal is pretty long and involved though.
|
|
#
?
Apr 18, 2022 06:24
|
|
|
FrozenVent posted:They could have also gotten a very clear warning that hey, that poo poo would be an act of war. It could definitely at least partly be this. Look back at their NotPetya in 2017. Yeah, it wreaked havoc in Ukraine. I remember reports of Ukrainian power plant workers sitting there totally defenseless as they literally watched the mouse cursor move around on their power plant operating computers turning poo poo off and sabotaging everything. But that malware attack very quickly bugged its way out of Ukraine and infected.. loving everything. France, Germany, the Maersk shipping company was completely dead in the water when it hit their systems, tons of NATO countries had minor and/or major hits from NotPetya. These malware attacks that are meant to be super heavy hitters just unfortunately have no real way of stopping inadvertent spread outside the target country. The internet is too complicated I think. So I could totally see NATO or the US saying to Russia.. something like this happens and “it’s the ballgame.”
|
|
#
?
Apr 18, 2022 06:26
|
|
|
Arson Daily posted:This is actually something I've been thinking about for a bit. Why isn't Russia using their hacking abilities to gently caress with countries giving aid to Ukraine? Are their capabilities overblown or would doing such a thing turn a cyber war into a blow poo poo up war? There’s been a variety of reporting on this over the last week as Russia has not only been attempting to target Ukrainian power and transportation infrastructure with cyber attacks, but has been targeting American power and LNG infrastructure as well. So far they haven’t been as successful as in past years, partly due to proactive defense on the part of Ukrainian and American cybersecurity officials. https://www.businessinsider.com/russia-cyberwarfare-ukraine-us-attacks-2022-4
|
|
#
?
Apr 18, 2022 08:29
|
|
|
BeastOfExmoor posted:[url=https://news.yahoo.com/fbi-removed-. Or they mostly bailed and left Russia.
|
|
#
?
Apr 18, 2022 09:00
|
|
|
Alan Smithee posted:when you say "for themselves" do you mean for the unit to use or to like....take home Taking stuff home to use with their personal guns. Stuff that's not on the books won't come up missing on monthly inventories or when checking everything in the arms room.
|
|
#
?
Apr 18, 2022 09:10
|
|
|
Regarding abandoning ship too early or not, the mariners of the Black sea fleet might have been influenced by the history of the sinking of a previous flagship of theirs, the battleship Novorossiysk, nee Giulio Cesare. In 1955 the 23 000 t ship hit a mine in Sevastopol harbour and started to sink over a matter of hours. However, dithering and confusion about chain of command meant that several hundred men remained aboard when the ship eventually capsized. It's an infamous story among russian sailors apparently. https://wwiiafterwwii.wordpress.com/2015/09/20/the-novorossiysk-mystery/ catfry fucked around with this message at 11:13 on Apr 18, 2022 |
|
#
?
Apr 18, 2022 11:10
|
|
|
Elviscat posted:Oh the year was twenty-twenty-two Incroyable
|
|
#
?
Apr 18, 2022 11:14
|
|
|
I don't think the hacker guys can leave Russia, that opens them up to prosecution for their past crimes. And it's much easier to see them just cynically and or patriotically staying on the team that keeps them paid than suddenly rocking the boat.
|
|
#
?
Apr 18, 2022 11:42
|
|
|
Kaal posted:There’s been a variety of reporting on this over the last week as Russia has not only been attempting to target Ukrainian power and transportation infrastructure with cyber attacks, but has been targeting American power and LNG infrastructure as well. So far they haven’t been as successful as in past years, partly due to proactive defense on the part of Ukrainian and American cybersecurity officials. Good article. One of the points made is that "There wasn't a sort of coordination across the GRU and FSB and the other organizations that would normally carry out these more sophisticated and sustained kinds of attacks simply because they didn't know that the invasion was coming."
|
|
#
?
Apr 18, 2022 12:34
|
|
|
aphid_licker posted:I don't think the hacker guys can leave Russia, that opens them up to prosecution for their past crimes. And it's much easier to see them just cynically and or patriotically staying on the team that keeps them paid than suddenly rocking the boat. I'm sure some of them would find a home with some intelligence agencies if they were willing to spill some beans and they're good at what they do?
|
|
#
?
Apr 18, 2022 12:44
|
|
|
Roblo posted:I'm sure some of them would find a home with some intelligence agencies if they were willing to spill some beans and they're good at what they do? That's a spicy bet on whether you believe that you can set that up and leave the country sneakily and on whether your new masters can keep you from getting novichok'd afterwards E: not saying that you're wrong, just that it'd be hairy and there's incentive to just stay where you are and keep on keeping on indefinitely
|
|
#
?
Apr 18, 2022 12:56
|
|
|
Going to toss out their that a lot of these cybercrime gangs aren't so much Russian as Russian speaking and have had members from other eastern bloc states. The Conti ransomware gang was one of the first to publicly declare support for Russia. Except it had Ukrainian members who promptly leaked their entire source code, infrastructure map, and years worth of internal communications.Blind Rasputin posted:It could definitely at least partly be this. Look back at their NotPetya in 2017. Yeah, it wreaked havoc in Ukraine. I remember reports of Ukrainian power plant workers sitting there totally defenseless as they literally watched the mouse cursor move around on their power plant operating computers turning poo poo off and sabotaging everything. But that malware attack very quickly bugged its way out of Ukraine and infected.. loving everything. France, Germany, the Maersk shipping company was completely dead in the water when it hit their systems, tons of NATO countries had minor and/or major hits from NotPetya. These malware attacks that are meant to be super heavy hitters just unfortunately have no real way of stopping inadvertent spread outside the target country. The internet is too complicated I think. Also notPetya was summer 2017 and was a wormable wiper. It was introduced through a supply chain attack against basically Ukrainian TurboTax. Foreign multinationals like Maersk didn't have good internal segmentation so once it got into their Ukraine offices it jumped to the rest of the worldwide corporate network. https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ The powergrid attacks were December 2016 and involved the industroyer malware. An attack by the next gen industroyer malware, industroyer2 was recently blunted: https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/ and https://thehackernews.com/2022/04/russian-hackers-tried-attacking.html. Also if you want more reading about Russian attacks against the energy sector: https://www.cisa.gov/uscert/ncas/alerts/aa22-083a
|
|
#
?
Apr 18, 2022 12:57
|
|
|
EasilyConfused posted:Good article. One of the points made is that "There wasn't a sort of coordination across the GRU and FSB and the other organizations that would normally carry out these more sophisticated and sustained kinds of attacks simply because they didn't know that the invasion was coming." That's nuts. How the hell could they not know the invasion was coming? I mean, the French didn't know because they were only seeing what they wanted to, but how the hell could a Russian agency with a vital role to perform not know that a war was on the day planner?
|
|
#
?
Apr 18, 2022 13:01
|
|
|
A.o.D. posted:That's nuts. How the hell could they not know the invasion was coming? I mean, the French didn't know because they were only seeing what they wanted to, but how the hell could a Russian agency with a vital role to perform not know that a war was on the day planner? When they're deliberately kept in the dark.
|
|
#
?
Apr 18, 2022 13:15
|
|
|
Lol no one in Russia knew except putin
|
|
#
?
Apr 18, 2022 13:20
|
|
|
https://twitter.com/uatv_en/status/1516030415789768709?s=21&t=9vKgWDDFgLkXhLkqAPR3ew
|
|
#
?
Apr 18, 2022 13:27
|
|
|
The VLS for up to 64 S-300F missiles is on the back half of the ship, between the two superstructures. They appear to be undamaged on the Moskva, but I just thought this was ... something. https://twitter.com/Saturnax1/status/1078263088116367360?s=20
|
|
#
?
Apr 18, 2022 13:48
|
|
|
#MakeRussiaStronkAgain
|
|
#
?
Apr 18, 2022 13:48
|
|
|
That is a.. lot of uncompartmentalized space. They really don't have a culture of damage control at all, do they?
|
|
#
?
Apr 18, 2022 13:51
|
|
|
Arson Daily posted:This is actually something I've been thinking about for a bit. Why isn't Russia using their hacking abilities to gently caress with countries giving aid to Ukraine? Are their capabilities overblown or would doing such a thing turn a cyber war into a blow poo poo up war? Whoa, a question I can answer! They are (using their hacking abilities). But cyber attacks at the level a country does isn't like the movies, it takes a lot of preparation work and planning. I'm sure they had some degree of a foothold in lots of places, but they surely lack the capacity to go after the entire planet (except India, China, and Saudi Arabia) at once. It's like, we're 2 years into this campaign to get into this refrigerator company's smart fridge and you want us to turn on our heels and, what exactly? Hack the entire planet? I mean, I guess we can launch a bunch of distributed denial of service attacks, but we can really only do that to one target at a time. E: and also the more garden variety "bad actor on internet" groups are just russian-speaking, as a previous poster pointed out. They have to be asked to go after a target on, presumably, a news show or something. cruft fucked around with this message at 14:08 on Apr 18, 2022 |
|
#
?
Apr 18, 2022 13:55
|
|
|
Darknet Diaries podcast had a really good episode going into all the behind the scenes paperwork to get the US to authorize offensive use of a zero-day. https://podcasts.google.com?feed=aH...C1taXNoYXAubXAz
|
|
#
?
Apr 18, 2022 14:04
|
|
|
shame on an IGA posted:Darknet Diaries podcast had a really good episode going into all the behind the scenes paperwork to get the US to authorize offensive use of a zero-day. Thanks for the link, I’ve actually been wondering how the policy ins and outs of this stuff works!
|
|
#
?
Apr 18, 2022 14:24
|
|
|
|
| # ? Jun 5, 2024 18:01 |
|
|
Lake of Methane posted:The VLS for up to 64 S-300F missiles is on the back half of the ship, between the two superstructures. They appear to be undamaged on the Moskva, but I just thought this was ... something. That’s insane looking. I’ve always wondered what the underside of the VLS launchers look like on our US warships? Are those things in a space that like, beltfeeds further missiles into place fro reload or are they manually reloaded from underneath?
|
|
#
?
Apr 18, 2022 15:16
|
|