{"id":18910,"date":"2022-05-02T02:30:07","date_gmt":"2022-05-02T10:30:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/05\/02\/news-12643\/"},"modified":"2022-05-02T02:30:07","modified_gmt":"2022-05-02T10:30:07","slug":"news-12643","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/05\/02\/news-12643\/","title":{"rendered":"Russia is losing the cyberwar against Ukraine, too"},"content":{"rendered":"

<\/p>\n

Credit to Author: Preston Gralla| Date: Mon, 02 May 2022 03:00:00 -0700<\/strong><\/p>\n

When Russia launched its all-out attack against Ukraine in February, the world expected the invaders to roll over the country quickly. That didn\u2019t happen, and Ukraine today, though still under assault, has so far thwarted Russia\u2019s ambitions to conquer it.<\/p>\n

Russia has also been fighting a quieter war against Ukraine, a cyberwar, deploying what had been considered the most feared state-sponsored hackers in the world. And in the same way that Ukraine has fended off Russia\u2019s military might, it\u2019s been winning the cyberwar as well.<\/p>\n

In that cyberwar, as always, the terrain is primarily Windows, because it represents the largest and most vulnerable attack surface in the world. The facts about what exactly is going on have been shadowy. But there\u2019s plenty of evidence that Ukraine may keep the upper hand.<\/p>\n

The first loss Russia suffered in the cyberwar came at the very beginning of its invasion \u2014 in fact, even before the invasion began. Russia used the extensive railways of its partner in the war, Belarus, to rush soldiers, tanks, heavy weapons and other war materiel to the Ukraine border. Once the invasion began, it used the same railroads as a primary supply chain for its troops, and to send more tanks and weapons into Ukraine.<\/p>\n

But then came the Cyber Partisans, a hacktivist group of exiled Belarus tech professionals that had for years been fighting Belarussian dictator Grigoryevich Lukashenko. At the first signs of the Russian buildup, the Cyber Partisans attacked the Belarussian train system, slowing troop movements, supplies and weaponry. They worked in concert with Belarusian railroad workers and dissident Belarusian security forces. The “Washington Post” notes<\/a> that they played \u201ca role in fueling the logistical chaos that quickly engulfed the Russians, leaving troops stranded on the front lines without food, fuel and ammunition within days of the invasion.\u201d<\/p>\n

\u00a0Thanks to that chaos in the face of fierce of Ukrainian resistance, the Russians couldn\u2019t take the Ukraine capital Kyiv and other cities in the north of the country. Eventually they turned their attention to the south and east.<\/p>\n

The Cyber Partisans were successful, in part, because Belarus\u2019s train system runs on the more-than-year-20-old Windows XP, a hacker\u2019s best friend.<\/p>\n

Cyber Partisans spokesperson Yuliana Shemetovets explained to Vice in a video<\/a>, \u201cTanks cannot be transported by planes. Heavy artillery cannot be transported by planes. So, they do need to use these trains. Cyber Partisans attack the internal network of the railway systems, as well as equipment, software, and any databases that are associated with the railway systems\u2026. Windows XP is a really old program and it can be easily attacked\u2026. One of the reasons it was so easy to hack these systems is because Lukashenko prefers loyalism over professionalism. They didn’t secure the systems. So, as much as people admire the work of Cyber Partisans, we should also state that it was not that hard to hack, because Lukashenko’s regime disregarded simple cybersecurity practices.\u201d<\/p>\n

The Cyber Partisan reveled publicly in what they did, at point tweeting screenshots of the hacked Belarus train software<\/a> and calling it, \u201cAn outdated piece of crapware that runs on Windows XP.\u201d<\/p>\n

The Cyber Partisans aren\u2019t the only ones involved in the cyberwar against Russia. The Ukrainians are, too \u2014 and there\u2019s evidence they\u2019ve held off what has long been considered the perhaps most fearsome cyberwarriors in the world: Russian intelligence agencies and the hacking groups they support.<\/p>\n

A Microsoft report found plenty of evidence that Russia is engaged in a \u201chybrid war,\u201d<\/a> using soldiers and weaponry in tandem with cyberattacks and the online spread of misinformation. For example, the report found the Russians targeted a government agency with malware in coordination with hitting government buildings with missile strikes.<\/p>\n

As the Russians turned their ground and missile attacks towards the east and south, they also coordinated cyberattacks there.<\/p>\n

Throughout the war, many of the Russian attacks targeted Windows machines. Russian hackers frequently used the Windows utility SecureDelete to, in the words of Microsoft, \u201cpermanently delete data from targeted devices.\u201d<\/p>\n

Tom Burt, who oversees Microsoft\u2019s investigations into the biggest and most complex cyberattacks<\/a>, says of the Russian cyberattacks: \u201cThey brought destructive efforts, they brought espionage efforts, they brought all their best actors to focus on this\u2026. It\u2019s definitely the A-team.\u201d<\/p>\n

The \u201cNew York Times\u201d reports, \u201c\u2026Ukrainian defenders were able to thwart some of the attacks, having become accustomed to fending off Russian hackers after years of online intrusions in Ukraine\u2026. Ukrainian officials said they believed Russia had brought all of its cyber-capabilities to bear on the country. Still, Ukraine managed to fend off many of the attacks.\u201d<\/p>\n

Burt added: \u201cUkrainians themselves have been better defenders than was anticipated, and I think that\u2019s true on both sides of this hybrid war. They\u2019ve been doing a good job, both defending against the cyberattacks and recovering from them when they are successful.\u201d<\/p>\n

This doesn\u2019t mean, of course, that the Ukrainians will eventually win the cyberwar or the physical war. But the evidence so far shows they can at least hold their own in the cyberwar with the Russians, which bodes well for their future.<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Preston Gralla| Date: Mon, 02 May 2022 03:00:00 -0700<\/strong><\/p>\n

\n
\n

When Russia launched its all-out attack against Ukraine in February, the world expected the invaders to roll over the country quickly. That didn\u2019t happen, and Ukraine today, though still under assault, has so far thwarted Russia\u2019s ambitions to conquer it.<\/p>\n

Russia has also been fighting a quieter war against Ukraine, a cyberwar, deploying what had been considered the most feared state-sponsored hackers in the world. And in the same way that Ukraine has fended off Russia\u2019s military might, it\u2019s been winning the cyberwar as well.<\/p>\n