back to article Us? Pwn SolarWinds? With our reputation? Russian spy chief makes laughable denial of supply chain attack

A Russian spymaster has denied that his agency carried out the infamous SolarWinds supply chain attack in a public relations move worthy of the Internet Research Agency. Sergei Naryshkin, head of the SVR spy agency, made his denial in a BBC interview broadcast on Tuesday. "I'd be flattered to hear such an assessment of the …

  1. Dan 55 Silver badge
  2. Eclectic Man Silver badge

    To quote Mandy Rice-Davies

    "Well, he would, wouldn't he?"

    https://en.wikipedia.org/wiki/Mandy_Rice-Davies

    To admit to having hacked into US computer systems would be to effectively admit to having committed an act of war. The USA and the UK, and, in fact no country around would ever admit to hacking into another country's computer systems.

  3. alain williams Silver badge

    Trust is not, unfortunately, binary

    I would love it if were as simple as Martin Gardner’s Two Tribes: one side always tells the truth, the other always lies.

    Reality is more complicated. Even our side lies, I would like to believe that they lie less that the others. It is not just Boris & Trump, but also our security services, various other agencies and what the press says. Sometimes it is to gain advantage over the other lot, sometimes to cover up their blunders & incompetence.

    I probably over optimistically flatter myself that, with a bit of work, I can see what is true & what is false.

    I'm talking above about politics, those at corporations also lie as well.

    1. lglethal Silver badge
      Trollface

      Re: Trust is not, unfortunately, binary

      Determining the difference between Truth and Lies in politics is easy. If it came out of a politicians mouth - it's a lie.

      If by some unforeseen miracle it turns out they were telling the truth, it just means that they misunderstood the briefing paper they were given and so thought they were lying and therefore told the truth by accident.

      I still think we should follow the Terry Pratchett code - as soon as a politician is elected, they get put in jail. They'll be commiting a crime eventually, we may as well get the punishment in in advance...

  4. Pascal Monett Silver badge
    FAIL

    So, it's not the Russkies because of something the NSA did a decade ago

    Yeah. Perfectly logical argument there. Nothing to say to that, apparently.

    But, by that logic, it's the Russkies because Klaus Fuchs gave Soviet Russia all the data on atomic bombs they needed to make one, sparing them years of research and tons of money.

    Checkmate.

    Come on Naryshkin, you bloody well know that the information not made public does not exonerate you.

    We're not talking about Huawei motherboards, we're talking about high-level spy stuff. The US is not going to say how it knows because that's classified.

    Huawei motherboards are not classified. They are available to the public. If any one of them had indeed been suspiciously modified, we'd have a pic by now.

    We don't, so that's bullshit.

    You, however, have no such validation. You're just spreading bullshit as well.

    1. CrazyOldCatMan

      Re: So, it's not the Russkies because of something the NSA did a decade ago

      You're just spreading bullshit as well

      To be fair that kinda is his job..

  5. Anonymous Coward
    Anonymous Coward

    Snowden merely confirmed what we already suspected/knew

    SolarWinds wasn't a hack, it was careless software engineering that allowed opportunists to insert code into repositories that were assumed secure but were anything but. Its an embarrassing incident but not a particularly sophisticated one. As for who did it, our only grounds for saying "It was the Russians" is that we currently don't like them and as the SVR fellow pointed out the attack could have been done by anyone, including the NSA.

    I have faith that state actors are a bit more sophisticated than to take full advantage of an obvious oversight. If nothing else they'd suspect a trap -- if its too easy there must be a catch. They'd also want something that's both subtle and deniable. So it doesn't come as a surprise that the recommended random number generation algorithm isn't that random or that the recommended parameters for an elliptic curve algorithm turn out to be ones that are surprisingly weak. This is the kind of intellectual arms race that I'd associate with three letter agencies and their Russian equivalents.

  6. Anonymous Coward
    Anonymous Coward

    Have you seen proof?

    I believe him! He's an HONEST spy chief, unlike those evil, cheating, devious, underhand spy masters the evil, cheating, devious, underhand Western Imperialist government employ on a daily basis!

    p.s. our Soviet... our Russian authorities have just announced the two arch-enemies of the State of the peace-loving Russia: the US of A, and their little Satan puppet friend, Czech Republic! Long live the Comrade-President Putin! Long live Victorious Russia! Death to America and their little Satan-puppet henchmen, Czech or otherwise!

    1. Danny Boyd Bronze badge

      Re: Have you seen proof?

      Slightly wrong interpretation: not "death to', just GTFO.

      And I'd still prefer to see the evidence, not rants. "the Turla malware crew, which is thought to have links to SVR sister agency the FSB, might have been involved" is no evidence. "Thought to have links", "might have been involved" is speculation, not evidence.

      Turn on your critical thinking, people!

      1. PTW
        Pint

        Re: critical thinking

        Mr. Boyd, sir, have a pint! But I fear critical thinking, like common sense, is not very common, even in supposedly educated people.

        1. J. Cook Silver badge
          Coat

          Re: critical thinking

          Common sense is so uncommon it's practically a superpower.

          Mines the one with the big "C" embroidered on the back- And hurry, my common sense is tingling...

      2. Anonymous Coward
        Anonymous Coward

        Re: Have you seen proof?

        you'd prefer to see the evidence, but it's not about whodunnit, it's about public's perception of who's behind this, and this battle has already been won. Whatever the Russians say about it, whatever non-evidence of non-involvement they provide, they'll be laughed out, because people realize they have no tools to verify any claims or any evidence from anybody, even if such 'evidence' were ever publicly made available by any side of this little side show.

        But I'm very confused about the purpose of his declaration, he surely couldn't have done it to brighten the image of Russia in the west. You hear any spy denial, you'll snigger, let alone a Russian spy, who's one of 'them' after all. But, likewise, I don't see how it would play to Russian audience. That large part that blindly believes in the Putin system, never mind how precarious, don't care about denials, if anything, they'd say: davai, tell them we did it and see them squirm! And the other part, still able to apply the power of critical thinking of what is going on in and with Russia, are probably as convinced it was the Russian job, as anyone in the west (btw, despite the obvious 'cui bono', I'm not saying it _was_ a Russian job, just that's what most people believe anyway). But even this minority that concedes it was probably a Russian job, will feel a little proud that yeah, Russia has become the archetypal 'red menace' again, but hey, at least we showed them and they're scared of us (again). So what's the point of this spymaster's public appearance anyway, if it's not going to chance anybody's mind? Distraction?

  7. BloggsyMaloan

    Whodunnit?

    It's always the 'enemy', the other side, the baddies, whodunnit.

    In a New Orleans hotel, a year after '911' (always thought that was a Porsche) and the US response, I was reading a local newspaper. A page that stuck in my mind included two stories covering the latest war news.

    Story 1 was about despicable Iraqis who sent 18 year old children to fight and be killed.

    Story 2 was about brave 18 year old US soldiers who'd been killed in Iraq while fighting for their country.

    I had to read both stories at least a couple of times to make sure I hadn't misunderstood.

    The same stories, translated and with a couple of global search-and-replaces to swap the nationalities, could easily have been syndicated to Iraqi newspapers.

    It's always the other side that does the bad stuff, as patriotic citizens know.

    One conclusion is that warmongering, power-seeking, egotistical political and military 'leaders' of most countries have more in common with each other than with their own citizens, whose minds they seek to control and whose bodies they sacrifice in their war games and desperation to be remembered as 'great leaders'.

    Just like the pigs in Animal Farm using a cause against bad things to increase personal power until, eventually, they can do the same bad things.

    Spying and disinformation are what the baddies do. 'Intelligence' and openness are what we use.

    1. J. Cook Silver badge

      Re: Whodunnit?

      We've always been at work with Eastasia.

  8. Irony Deficient Bronze badge

    Soviet Russia was well practised in two disciplines of military thought …

    … known as dezinformatsiya and maskirovka. Neither term translates well into English […]

    The first term, дезинформация, translates quite well into English “disinformation”. The second term, маскировка, is a noun formed from the verb маскировать ; since the -ировать suffix is used to form verbs from loanwords, my guess is that маскировать is a calque of German maskieren, which would make маскировка roughly translatable as English “masking”.

    1. T. F. M. Reader Silver badge

      Re: Soviet Russia was well practised in two disciplines of military thought …

      Confirming "disinformation".

      Maskirovka also translates quite directly into "camouflage". I imagine there may be purists who will say it is not an English word - whatever.

      1. Claptrap314 Silver badge

        Re: Soviet Russia was well practised in two disciplines of military thought …

        Heck, if you can even sound out Cryllic, дезинформация IS "Desinformatzia". That's about as close to "disinformation" as one could ask for. (I knew that two years of Russian would pay off at some point.)

  9. Potemkine! Silver badge

    Maskirovka

    Sometimes the truth can just be a lie repeated over and over....

  10. olekrf

    Mitigation strategy

    > As Stanford Internet Observatory's research manager Renee DiResta explained at last year's Black Hat conference: "Russia simply wants to divide people along existing social fissures, so they only have to reaffirm what their targets already believe."

    > "Russians are not trying to tell a story," explained DiResta in her 2020 talk, "They are simply dividing the population of the adversary."

    Let's assume this is correct, what would the logical countermeasure for someone realizing this be?

    1) Blame the Russians and increase the divide

    2) Reach out across the existing social fissure to mitigate the attack

    The most effective choice of the two above is pretty obvious. If the obvious countermeasure is not implemented ...

    1. Claptrap314 Silver badge

      Re: Mitigation strategy

      "If this is correct?"

      You mean like when in 2016, Russia funded fake news supporting Trump while supplying Clinton fake intelligence damning him & ensuring that both operations were generally known?

      If, indeed.

  11. Ordinary Donkey

    Remind me

    Didn't Solarwinds leave their admin password publicly visible?

    If Russia didn't hack them after that then either they don't consider using a leaked password to be a hack, or they're in the minority. By now even the furry tree sloths will have got in on the act.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021