Russia is the advanced persistent threat that just triggered. Ready? Stress-testing security is the only way to be sure it works. Until then, the worst security looks much the same as the best. As events in Ukraine show, leaving the stress-testing of assumptions until a threat is actually attacking is expensively useless. Yet if an untested solution is no solution at all, the problem becomes …
Fair point....I don't have to watch it if I don't want to. Same goes for other viewers.
I am all for people making their own decisions, and exercising free will as is their right, but it's just that it feels wrong to allow the government of a state most of us revile ATM for their piss-poor behaviour. Also, they are supposedly very, very good at disinformation.
There really is no excuse for invading, let alone killing civvies. Russia - get the fuck out of Ukraine.
So what if it costs a lot to repair ? That would be Russias problem if they want to rejoin the world, along with paying for damage caused to the Ukraine.
So what if it takes a long time to repair ? That would be Russias problem, and anyway will take less time than it will to repair the Ukraine.
Call both consequences a punishment if you like.
By opposing this I can only think you want to be able to reconnect to Russia asap for your own benefits ?
That depends on where they are controlled from. Anything controlled from within Russia would be unable to control botnets on the other side. Of course, if they have people located outside their borders then they would still have control, but they *may* also be more reachable by the law.
As appealing as this may seem, the internet is one of the few routes we can overcome the state owned media. We need comms routes open to those channels to remind ordinary Russians why they've seen the Rouble destroyed, again. Why their airlines aren't allowed to fly. Etc.
It's no accident that in interviews with regular Russians, it's the older generation probably with no internet that believe the tosh on broadcast media. And no accident that the protestors in Russia, are generally the a younger, more technologically aware generation.
But targetted efforts against government institutions, absolutely. Vandalise, deface, deny. By any and all means necessary.
"If you're not behaving as if your livelihood, even your life, depends on this..."
Frantic much? A lot of fear, uncertainty and delusion in this one.
The whole article reads as if everyone is aboard an engaged nuclear submarine.
If you're depending on "password123" to save your life, GAME OVER!
But people's lives may depend on it. If you're in Ukraine and running a hospital for example. But also having a database of information that might be useful to the Russian government is now a major risk, if Russian troops turn up at your datacentre and ask for everything. Not a problem if it's just a list of electricity subscribers, but a mobile phone company holds records of people's text messages, a bookseller knows which of its customers have bought material not appproved by the Russian government. All this sort of information could be useful to a dictatorship with a sudden internal security problem - i.e. that it's just conquered a hostile population, and wants to govern them.
"...that it's just conquered a hostile population..."
Sorry, this isn't that, but we wish it was.
I know this site is about IT and as such is spinning up the IT angle, but conquering is all very physical, very visible. especially in places like the Ukraine where everything out in the open is a physical target.
if there's an air strike that can have it's roots traced back to anything computer related, then it's a tactical strike. However, when the jets, tanks, troops and mortars show up to conquer... "securePassword" just doesn't matter.
Ask any of those fleeing the Ukraine: "How secure is your password?" How demeaning would that feel to those people?
To be a bit rude, using the current war in the Ukraine for pushing some computer security agenda is misguided. Ever wonder what the refugees might think *IF* they even bother to read such an article? It's a REAL war, not some high profile computer breach... ACTUAL WAR!
> Frantic much? A lot of fear, uncertainty and delusion in this one.
Fear, yes. Uncertainty, yes. Delusion? You might want to look in the mirror...
Russia has been dabbling with cyber hacking, espionage, propaganda and theft for the last few decades. While tacitly supporting "private" hacking groups, so long as they were attacking and stealing from non-Russians.
Now, with Russia actively being at war and with embargoes slamming into place against them, we're going to get a lot of things happening.
First, a lot more of the tools being used for state-level hacking are going to leak into the public domain, simply because they're being used more. I'd expect a flurry of new zero-day exploits to appear Real Soon Now. And once those are picked up by commercial black hats, there won't be a safe server in the world.
Secondly, as with North Korea, Russian hackers are going to be targeting anything with financial value that can either be stolen or ransomed. Because their economy is about to seriously tank and they'll be desperate for money in general and foreign currency in particular.
Thirdly, you're going to get lots of amateur "affiliated" people on both sides going on hacking and defacement sprees.
And so on.
It's all going to get very very messy, and thinking "it won't affect me" is frankly more delusional than expecting trouble.
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
