Has Russia declared war on the West?
December 18, 2020 at 6:35 pm #35530
While it’s easy for Americans to see the cyberattack we are undergoing as an attack on the United States, it also extends so far to Canada, Mexico, Belgium, Spain, Britain, Israel and the United Arab Emirates. Many regard it as virtually a cyber Pearl Harbor. An act of aggression that should be regarded as an act of war.December 18, 2020 at 7:27 pm #35535
I have yet to learn what damage has been done. I have heard that US conducts cyber attacks as well. Time for a “Cyber UN” perhaps. I am sure a united set of nations could effectively throttle data flow in and out of a bad acting country.December 18, 2020 at 8:04 pm #35536
Reg the Fronkey FarmerModerator
I am very surprised that these attacks are not getting more attention. They are a “cyber Pearl Harbor” event. The Homeland Security advisor to Trump has a good explanation of it here in the NYT . I suspect it is behind a paywall so copy & paste below.
The author is Thomas P. Bossert who was the homeland security adviser to President Trump and deputy homeland security adviser to President George W. Bush.
At the worst possible time, when the United States is at its most vulnerable — during a presidential transition and a devastating public health crisis — the networks of the federal government and much of corporate America are compromised by a foreign nation. We need to understand the scale and significance of what is happening.
Last week, the cybersecurity firm FireEye said it had been hacked and that its clients, which include the United States government, had been placed at risk. This week, we learned that SolarWinds, a publicly traded company that provides software to tens of thousands of government and corporate customers, was also hacked.
The attackers gained access to SolarWinds software before updates of that software were made available to its customers. Unsuspecting customers then downloaded a corrupted version of the software, which included a hidden back door that gave hackers access to the victim’s network.
This is what is called a supply-chain attack, meaning the pathway into the target networks relies on access to a supplier. Supply-chain attacks require significant resources and sometimes years to execute. They are almost always the product of a nation-state. Evidence in the SolarWinds attack points to the Russian intelligence agency known as the S.V.R., whose tradecraft is among the most advanced in the world.
According to SolarWinds S.E.C. filings, the malware was on the software from March to June. The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies.
The magnitude of this ongoing attack is hard to overstate.
The Russians have had access to a considerable number of important and sensitive networks for six to nine months. The Russian S.V.R. will surely have used its access to further exploit and gain administrative control over the networks it considered priority targets. For those targets, the hackers will have long ago moved past their entry point, covered their tracks and gained what experts call “persistent access,” meaning the ability to infiltrate and control networks in a way that is hard to detect or remove.
While the Russians did not have the time to gain complete control over every network they hacked, they most certainly did gain it over hundreds of them. It will take years to know for certain which networks the Russians control and which ones they just occupy.
The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated. But it is unclear what the Russians intend to do next. The access the Russians now enjoy could be used for far more than simply spying.
The actual and perceived control of so many important networks could easily be used to undermine public and consumer trust in data, written communications and services. In the networks that the Russians control, they have the power to destroy or alter data, and impersonate legitimate people. Domestic and geopolitical tensions could escalate quite easily if they use their access for malign influence and misinformation — both hallmarks of Russian behavior.
What should be done?
On Dec. 13, the Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security — itself a victim — issued an emergency directive ordering federal civilian agencies to remove SolarWinds software from their networks.
The removal is aimed at stopping the bleeding. Unfortunately, the move is sadly insufficient and woefully too late. The damage is already done and the computer networks are already compromised.
It also is impractical. In 2017, the federal government was ordered to remove from its networks software from a Russian company, Kaspersky Lab, that was deemed too risky. It took over a year to get it off the networks. Even if we double that pace with SolarWinds software, and even if it wasn’t already too late, the situation would remain dire for a long time.
The remediation effort alone will be staggering. It will require the segregated replacement of entire enclaves of computers, network hardware and servers across vast federal and corporate networks. Somehow, the nation’s sensitive networks have to remain operational despite unknown levels of Russian access and control. A “do over” is mandatory and entire new networks need to be built — and isolated from compromised networks.
Cyber threat hunters that are stealthier than the Russians must be unleashed on these networks to look for the hidden, persistent access controls. These information security professionals actively search for, isolate and remove advanced, malicious code that evades automated safeguards. This will be difficult work as the Russians will be watching every move on the inside.
The National Defense Authorization Act, which each year provides the Defense Department and other agencies the authority to perform its work, is caught up in partisan wrangling. Among other important provisions, the act would authorize the Department of Homeland Security to perform network hunting in federal networks. If it wasn’t already, it is now a must-sign piece of legislation, and it will not be the last congressional action needed before this is resolved.
Network operators also must take immediate steps to more carefully inspect their internet traffic to detect and neutralize unexplained anomalies and obvious remote commands from hackers before the traffic enters or leaves their network.
The response must be broader than patching networks. While all indicators point to the Russian government, the United States, and ideally its allies, must publicly and formally attribute responsibility for these hacks. If it is Russia, President Trump must make it clear to Vladimir Putin that these actions are unacceptable. The U.S. military and intelligence community must be placed on increased alert; all elements of national power must be placed on the table.
While we must reserve our right to unilateral self-defense, allies must be rallied to the cause. The importance of coalitions will be especially important to punishing Russia and navigating this crisis without uncontrolled escalation.
President Trump is on the verge of leaving behind a federal government, and perhaps a large number of major industries, compromised by the Russian government. He must use whatever leverage he can muster to protect the United States and severely punish the Russians.
President-elect Joe Biden must begin his planning to take charge of this crisis. He has to assume that communications about this matter are being read by Russia, and assume that any government data or email could be falsified.
At this moment, the two teams must find a way to cooperate.
President Trump must get past his grievances about the election and govern for the remainder of his term. This moment requires unity, purpose and discipline. An intrusion so brazen and of this size and scope cannot be tolerated by any sovereign nation.
We are sick, distracted, and now under cyber-attack. Leadership is essential.December 18, 2020 at 8:35 pm #35538
Putin recognized Biden as our president-elect just in time for this news to break. And Trump was so close to his dictator buddy. They “got” each other, LOL.December 18, 2020 at 8:36 pm #35539
We are sick, distracted, and now under cyber-attack. Leadership is essential.
Trump has clocked out from being President. Besides, he sees Russia and Putin as benign. “Russia Russia Russia!!!”
It’s not just the cyber attack. Now that it can’t help him win reelection, he’s no longer interested in promoting the vaccine he deserves some credit for rushing through.
December 19, 2020 at 12:40 am #35541
- This reply was modified 7 months, 1 week ago by Unseen.
Thanks for the education Reg.
The failure to adequately cover this tinder box issue is an indication of just one flaw in our capitalist model. But it aint alone.December 19, 2020 at 2:26 am #35542
Russia’s Alleged Hack Could Be Worst in U.S. History
Suspected Russian Cyberattack Strikes at Heart of U.S. Government
As more details are revealed about Russia’s alleged hack of the U.S. government, it’s becoming clear that the breach is much worse than previously thought. On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency warned that is “poses a grave risk” to federal, state, and local governments as well as private companies and organizations.
Who’s been hacked? There is a growing list of reported victims: the Centers for Disease Control, the Defense Department, State Department, Commerce Department, Department of Homeland Security, Treasury Department, the U.S. Postal Service, the National Institutes of Health, and the Department of Energy were all affected. The DOE says the hack poses no threat to its national security operations—including the National Nuclear Security Administration—but did impact its business networks.
How bad is it? “This is, I think, appears to be at this point the most serious cyberattack this country has ever endured,” Sen. Angus King, I-Maine said on NPR. Microsoft, which is helping to respond to the hack, noted that “the attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the U.S. Government and the tech tools used by firms to protect them … ongoing investigations reveal an attack that is remarkable for its scope, sophistication and impact.”
Biden issues statement; Trump stays silent. President-elect Joe Biden responded by promising to focus on cyberthreats.“I want to be clear: My administration will make cybersecurity a top priority at every level of government—and we will make dealing with this breach a top priority from the moment we take office,” he said. President Donald Trump, who recently fired a top government cybersecurity official has not made an official statement. He is taking heat from both sides of the aisle for his silence. Republican Sen. Mitt Romney compared the breach to “Russian bombers … repeatedly flying over our entire country,” and denounced the “inexcusable silence and inaction from the White House.”
As Elisabeth Braw argues in FP, cyberattacks may be declining in number but the damage they cause is greater than ever. “With businesses and institutions getting better at cybersecurity, garden-variety cyberattacks are decreasing while sophisticated and targeted intrusion is on the rise,” she wrote. (source: Foreign Policy Morning Brief, December 18, 2020)December 19, 2020 at 3:07 am #35546
Americans underestimate the Rooskies. They are smart. They are used to doing more with less, like building highly serviceable fighteres, bombers, and submarines at a far lower cost than Western governments, saddled as they are with needing to pay well over cost in order to ensure that the contractors make a tidy profit.
Our only defense is to impress upon them that we are capable as well. Capable enough to assure them they will regret any sort of extreme move.
I have yet to learn what damage has been done. I have heard that US conducts cyber attacks as well. Time for a “Cyber UN” perhaps. I am sure a united set of nations could effectively throttle data flow in and out of a bad acting country.
I wonder if America’s indignance is a case of “the pot calling the kettle black”? I wonder if our government hackers have gained access to highly sensitive Russian data. And if they aren’t doing so, why not? Wouldn’t that just be normal spycraft?December 19, 2020 at 3:12 am #35547
I wonder if Putin now has a list of all of our double agents in Russia. If so…accidents do happen.December 19, 2020 at 3:49 am #35548
And i wonder if Putin has video of Trump fornicating with a donkey and receiving golden showers from hookers. The mere threat of releasing the vids would give Putin complete power over Trump.December 19, 2020 at 1:31 pm #35551
It would not be too difficult to “give” them misleading data, sending them on wild goose chases.December 19, 2020 at 9:47 pm #35554
This cybersecurity expert says it wasn’t an attack but more of a flyover. The Japanese flew some planes over Pearl Harbor to case the joint and check out air defenses. This was a breach but not an attack. An attack would have done serious damage rather than causing serious concern.December 19, 2020 at 10:42 pm #35555
Reg the Fronkey FarmerModerator
I have not had a chance to listen to the video yet but I doubt if it was ” a flyover”. That is too naive. It is more likely that they have embedded the tools and code they need to access the networks. The code is clever. If the investigators find the code (the “.exe”) it knows it is being interrogated and self destructs. Some code is even programed to delete itself after it runs so they find nothing and think their networks are not compromised.December 19, 2020 at 11:12 pm #35556
I have not had a chance to listen to the video yet but I doubt if it was ” a flyover”. That is too naive. It is more likely that they have embedded the tools and code they need to access the networks at while. The code is clever. If the investigators find the code (the “.exe”) it knows it is being interrogated and self destructs. Some code is even programed to delete itself after it runs so they find nothing and think their networks are not compromised.
A flyover is an imperfect simile of course. Her point about it not being an attack is that they haven’t shut down power grids or disabled our cell network or tricked a submarine into attacking Iran, that sort of thing.
They did, in flyover fashion, find out what defenses we had and they may have some serious compromises lying in wait in case we try to punish them for the incursion. For example, should we try to attack their export trade, suppose they responded by shutting down the power grids serving NYC and Washington DC, through back channels giving notice that they can do the same in LA and Chicago.December 21, 2020 at 4:08 pm #35611
- Fellow Unbelievers,
Russia is now what it has been since the the days of Communism, the Czars, and the Huns: It is nothing and nobody without the resources, wealth, know-how and technology provided by the West in general and the United States in particular.
Had the U.S. and the West simply cut the spigot of wealth provided to Russia during the New Economic Plan of V.I. Lenin, (backed by Herbert Hoover before he became a President,) the whole Soviet Communist experiment would have collapsed.
There would have been no Stalinist Terror Famines and Purges, no Gulags, no spread of Communism to China and Southeast Asia and thus no Maoist Great Leap Forward, no Cultural Revolution, no Pol Pot’s Killing Fields.
No World War II or Holocaust as we know them either. Europe feared standing up to Hitler’s Nazi regime because they thought the Nazis were a bulwark against Communism.
With no Soviet Communism to justify the existence of Nazism and no Hitler-Stalin Non-Aggression Pact to further the expansion of Nazism to Poland, Hitler and the Nazis would have been a push-over.
Oh and no ex-KGB Vladamir Putin to re-establish the Russian Orthodox Church, persecute LGBTQ and dissenter Punk Grrl bands like Pussy Riot, try to retake Ukraine, and do cyber-attacks.
History would be very different if we stopped enabling those who get a snort of power and go on drunken rampages of mass destruction and death.
For more fascinating reading on the subject, I highly recommend East Minus West Equals Zero by Werner Keller.
- This reply was modified 7 months, 1 week ago by TheEncogitationer. Reason: Tying up loose ends from history to the present
You must be logged in to reply to this topic.