-
Albanian Cyber War
For all the disappointment over the lack of spectacular cyber warfare in Ukraine, there’s very little interest in the “textbook cyberwar” scenarios unfolding around Iran. Albania has just severed diplomatic ties with Iran over the cyber attacks of July 15th. The Prime Minister announced this in a dramatic fashion with strong language. Iran is embroiled… Read more
-
Userland Rootkits are Lame
7 Many people may not know this, but fifteen…twenty years ago I knew a thing or two about rootkit development. I wrote detection software for a few years as well. Back then modifying the shared libraries on the disk was also vector for userland rootkits. There is a nicely written analysis of a clever little… Read more
-
Quantified Failure
How the FSB got it wrong by getting it right Data Driven Intelligence hen planning regime change it is useful to know a bit about the target country’s population. How will they feel about the invasion force? What do they think about their leaders? Are they highly motivated extremists? To uncover the answers to these… Read more
-
Foghorn: Signals Through the Fog of War
Some Lessons Learned, So Far Ukraine Survives and Thrives Russia’s first wave of destructive cyber effects operations against Ukraine were effective. They targeted and disabled Ukrainian air defense systems, government ministries, and the national command and control infrastructure built over VIASAT. These successful operations were accomplished even though Russia’s military intelligence, the GRU, had very… Read more
-
Foghorn: Signals Through the Fog of War
Some Lessons Learned, So Far Ukraine Survives and Thrives Russia’s first wave of destructive cyber effects operations against Ukraine were effective. They targeted and disabled Ukrainian air defense systems, government ministries, and the national command and control infrastructure built over VIASAT. These successful operations were accomplished even though Russia’s military intelligence, the GRU, had very… Read more
-
Putin’s cyber blind spot
A common question about the lacklustre Russian cyberwar so far is, why hasn’t Putin unleashed the ransomware gangs? Why isn’t there a massive wave of ransomware across Europe and America? There are two related issues here that need to be addressed on Putin and ransomware: (1) why would he? (2) why hasn’t he? This post… Read more
-
French election thoughts
I’ve had time only to make a brief outline of my thoughts on a Russia intervention in the French election. I think it is more likely than not. I apologise for the extremely sparse nature of this post. I want to get something posted and simply don’t have the time to arrange my thoughts and… Read more
-
I can’t believe its not cyberwar
Russian cyber attack on UA electrical grid attack Latest update on the cyberwar that “is not taking place.” Russia has been attacking the Ukrainian power grid, just like they were supposed to based on the preconceived models everyone had. So that’s good for the pundits, I guess. They can come out from under their rocks… Read more
-
KGB Fail Belarus Rail, the tale.
Deception in Belarus Partisan Operations On March 25th the Belarus railway system was sabotaged (again) as part of the ongoing campaign by partisans to hamper Putins war effort. These attacks have been ongoing since at least earlier this year, when the Cyber Partisans (BCP) hacked the railway’s network and began trashing it. First in a… Read more
-
Cyber in the raw
Russia’s opening cyber salvo was clearly tied to their war planning. They seem to have used wipers to go after gov, mil and comms systems to degrade Ukraine’s defense capacity. And the attack on KA-SAT was related to Ukrainian military capacity as well. These sorts of attacks are very much in line with the traditional… Read more