back to article Russia 'stole US defense data' from IT systems

A two-year campaign by state-sponsored Russian entities to siphon information from US defense contractors worked, it is claimed. Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday said Moscow's cyber-snoops have obtained "significant insight into US weapons platforms development and deployment …

  1. Anonymous Coward
    Anonymous Coward

    Skid mark

    Put everything in the cloud, then backdoor the cloud, then 'shock-horror' enemies use the same cloud with the same backdoors to undermine you! Who would have thought that could happen! That data should never leave the defense contractors premises, once they move it to the cloud they exposed it to attack. Who needs to fish a stealth fighter from the ocean and reverse engineer it, when you can download its plans from a cloud server with a weak password!

    Brett Kavanaugh let foreign powers fund US political campaigns, a lot of Delaware front companies appeared with Russian money then funded a bunch of treasonous Republicans. He backdoored politics. Republicans wanted the money and he ruled they could get that money as long as it was a US subsidiary of the Russian firm, and his payback was to be made a Supreme Court Judge. Concorde Management literally cited Kavanaugh's ruling as defence for their funneling of Russian money to Republicans. But Trump's DOJ canned the case anyway that defense never even got tested.

    How many secrets were simply taken out to Mar-a-lago, for Russians to copy there. The political backdoor is far worse than technical backdoors, because its so much easier to exploit.

    Alaska is a sparsely populated nation neighboring Russia, Alaska is part of NATO, Russian has historic links to Alaska. Tuckers words, attempting to undermine Ukraine, also apply to Alaska. Putin wants control of the resources because control of resources gives him control of a country. It comes down to bidding: which Republican will pay Putin the most for Putin's help getting elected. Tucker the treasonous skid mark that he is, will offer the most: Alaska.

    If you don't understand what Tucker is up to, just realize he's planning a Presidential run with Putin's help. Now you understand why he's variously fluffed Putin, and Putin's puppets in Hungary and USA. Those "man of the people photoshoots", do not make sense when you're "Tucker Swanson McNear Carlson, heir to the Swanson food fortune", but so many things about his recent actions *do* make sense when you realize he fancies himself as President.

    So President Tucker get his wishes and becomes President surrounded by wackadoodle Republicans all beholden to Putin.

    So now, look at Alaska, do you imagine for a second that a President Tucker, would take the actions needed from a President to defend Alaska from Russian takeover? No he would not. He would simply sell it back to them, and with it, he'd sell control of the USA. Putin would control Alaskan oil.

    Republicans would impeach him, you'd say? Which Republicans would that be? Hawley? Bobert? Graham? Cruz? Johnson? Rand Paul? Gaetz? Gosar? Jordan? McCarthy? Taylor Greene? Or the raft of new Putin friendlies coming into politics? Can you even name the others? I think one if called "Shaun", one is called "Dolly", one token one called "Ba baa black".... they all vote with the rest blindly.

    This is the deal Ukraine faced under Viktor Yanukovych, he did a deal with Putin, all gas to Ukraine would be sold through a middle-man company, that company would overcharge Ukraine, and make huge profits, those profits would fund Yanukovych, his supporters, and Putin's interests in the world. Ukrainians paid to be taken over by Russia with their own money, by their own traitors.

    It's the deal USA will face under Carlson. If you do not change course now.

    tldr; backdoors bad, Carlson traitor.

    1. jgarbo
      Facepalm

      Re: Skid mark

      Keep your hair shirt on, pal. It's straight forward industrial espionage against lazy folks who don't lock doors or leave the key under the mat. Everyone does it, even God-fearing Americans. It's just that the "other side" is much better at it. Anyway, why would Russia steal weapon plans? Theirs are far better.

      1. Binraider Silver badge

        Re: Skid mark

        There are lots of reasons to want to steal the plans, regardless of the quality of any given system.

        For example, if you want to devise countermeasures to a particular radar, knowing the workings of the radar and it's software is rather easier than listening from the outside.

        Nobody should underestimate Russian military capability. They are way more willing to absorb losses than NATO; which is an advantage all of itself; to say nothing of the excellent hardware they have access to. Su-27 and variants are not dissimilar capability to Eurofighter or F-15. They have very effective SAM tech (S300, S400 stand out especially). There are a lot of other layers available. On the ground, any bullet from any rifle or artillery piece will make a mess of anyone it comes into contact with; so assume at least parity in that environment. Tanks - yes, not as advanced as western hardware but I don't see rows of M1's parked up in Ukraine to oppose.

        The political moves in Ukraine to supply lots of light anti tank weaponry did change the balance of power and forced a Russian rethink. Of course they could still invade, but the cost of doing so just went up.

        As learned in schoolyards all over, punching the bully back in the face is a very effective deterrent. Unfortunately, sometimes that is what it takes. Caving to the bully is, as Europe learned to extreme cost, generally a bad idea. See Munich, 1938.

        1. martinusher Silver badge

          Re: Skid mark

          The really secret stuff is supposed to live on air-gapped systems so I doubt that I could directly glean the workings of a radar from what I'd get from corporate email.

          However, knowing the personnel reporting structure, who everyone is, what open requisitions there are and so on can tell you a lot about what a company is doing and how well they're doing it. This information, while company confidential, is not secret although some people might suggest its a good idea. Just the volume of day to day email traffic and meeting schedules could tell you a lot about a project.

          BTW -- I'd lighten up on the old Nazi thing, Munich and all that. If you knew anything about Munich then you'd know that it wasn't a matter of "punching the bully in the face:, Suggest you read Shirer to get a quick overview of what happened and why.

    2. veti Silver badge

      Re: Skid mark

      There is no "backdoor" of the cloud mentioned in this story. It's straightforward spear phishing, which the cloud makes slightly easier but the principle works exactly the same for privately held servers.

      As for the rest of your rant, I can't decide if you're actually that deluded, or if you're flying a false flag to make libs look even crazier than they make themselves look. Since you posted anon it's hard to tell. So, good job I guess.

    3. Anonymous Coward
      Facepalm

      Re: Skid mark

      > Alaska is a sparsely populated nation neighboring Russia, Alaska is part of NATO [ ... ]

      Alaska is not a nation. It's a US State. Also, Alaska is not part of NATO anymore than Wisconsin or Tennessee are part of NATO.

      The US as a unitary entity is a NATO member. Not individual US States.

      US States do not conduct their own foreign policy, and cannot negotiate or ratify international treaties.

      1. Anonymous Coward
        Anonymous Coward

        Re: Skid mark

        Caution, I think that entire rant is A.i. generated :-/

        There's a lot of illogical concatenations happening, too many to be accidentally juxtaposed in such a manner outside of scripting/routine/formulae.

    4. lotus123

      Re: Skid mark

      It is so nice to see such a pure hatred towards republicans. With this attitude Russia just have to sit and wait till two parties along with the followers are busy fighting each other while forgetting that they're one country.

      1. Robert Helpmann??
        Holmes

        Re: Skid mark

        That would seem to be the entire point of the post.

    5. Patched Out
      FAIL

      Re: Skid mark

      Um, your first paragraph was mostly reasonable and actually relevant to the article, but then you went off the rails big time and your message just became noise.

    6. bombastic bob Silver badge
      Thumb Down

      Re: Skid mark

      paragraph 1 was pretty relevant. The rest, not so much...

  2. Pascal Monett Silver badge
    WTF?

    "CISA's response is a long list of security controls and practices"

    First point on the list : stop using Office 365.

    No really, you're a defense contractor and you use The Cloud to store your documents ? Are you insane ?

    1. Will Godfrey Silver badge

      Re: "CISA's response is a long list of security controls and practices"

      Very probably, droolingly so.

    2. LogicGate Silver badge

      Re: "CISA's response is a long list of security controls and practices"

      No really, you're a defense contractor and you develop your secret squirrels on a computer that is connected to the Internet?

      Are you insane?

      1. fg_swe Bronze badge

        Bingo

        These contractors are obviously clueless. Or maybe they want some leaking, because that makes the other side even stronger. That means even more pork for the contractors.

        $$$ !

    3. TeeCee Gold badge
      Facepalm

      Re: "CISA's response is a long list of security controls and practices"

      Yup. Rule 1 of 21st century computing: "If you put your data in 'the cloud' it is no longer private, regardless of how many people have told you that it is.".

      1. quxinot
        Pint

        Re: "CISA's response is a long list of security controls and practices"

        That's the most elegant way I've seen that stated in some time. Good on you.

  3. amanfromMars 1 Silver badge

    Don’t Panic ... IT really does has it all under Remote Virtual Control ‽ .

    What would you like IT to do for you and/or do to others, should it ever be the case that you be given any choice in such a matter that disrupts all manner of matters and ill-laid plans? And whom and/or what would you call, and how would you contact them, in order to avail them of your wishes and concerns assuming they be at all interested and bothered enough to listen ...... which you might like to realise is your current state of administered existence by bodies which instruct and inform you/energise and entertain you/use and abuse you, some of which are surely certifiably insane too.?

    amanfromMars [2202170611] ...... offers on https://www.zerohedge.com/political/mind-control-police-governments-war-thought-crimes-truth-tellers

    Maybe not surprisingly, did the following not pass National Defense Industry Association site scrutiny/vetting/moderation, which is somewhat self-defeating of them, identifying as it does, the Association having a fundamental systemic problem which is catastrophically vulnerable to exploitation and exposure to shared emerging truths or alternate temporarily attractive and/or disruptive narratives which they have no command and control over ...... even though, in its own strange way, it shares a way to seize and save the day and reconfigure matters to better server all with smarter 0day ventures.

    It even provides news that one of the most likely Prime AIR* Traffic Controllers to be a UKGBNI MoDified Royal AIR Force Source.

    * Advanced IntelAIgent Research[er]

    amanfromMars [2202160805] ….. revealing on https://www.nationaldefensemagazine.org/articles/2022/2/15/night-court-for-the-air-force

    [Thank you. Your comment will be displayed soon after reviewing.]

    Words create, command and control and destroy worlds ….. so leading with a compelling and undeniably honest narrative which can be effectively presented by media on multiple platforms in many series of linked and stealthy sublime internet networking programs in support of significantly greater, bigger picture shows, provides one with all that is needed to lead absolutely, and unilaterally, and remotely, safely and securely and way out ahead in front of both errant competition and any wilfully misguided and covetous opposition.

    It is no more difficult than that, Per Ardua ad Astra.

    To escape the present captivating madness which has insanity doing the same thing over and over again and expecting different results, simple raw common sense which can often eclipse rarified genius dictates that things be tried differently. It aint difficult for it is only complicated to render it exclusively to an elite and gluttonous few.

    But there is certainly no doubt, such a Great Game Change, which is inevitable and surprisingly quickly so because of these new fangled entangled and engaging virtual tools at vast swathes of the population’s disposal which are easily used to freely share the novel info and sensitive intel, is going to be extremely painful and unpleasant for some truly worthy of the discomfort for all that they have done in the past thinking they have immunity from consequences and impunity in action. How crazy are those thoughts.

    It is only natural. Karma. What you give, is what you get and never forget ....You can fool all the people some of the time and some of the people all the time, but you cannot fool all the people all the time .... and all deserve their just desserts.

    1. Anonymous Coward
      Anonymous Coward

      Re: Don’t Panic ... IT really does has it all under Remote Virtual Control ‽ .

      Hi Mars, you might look at Mr Bezmenov's lecture on youtube. It is mindboggling how effective these folks were and are. They have by now infested each and every social level of their adversaries.

      1. amanfromMars 1 Silver badge

        Re: Don’t Panic ... IT really does has it all under Remote Virtual Control ‽ .

        Hi Mars, you might look at Mr Bezmenov's lecture on youtube. It is mindboggling how effective these folks were and are. They have by now infested each and every social level of their adversaries. ..... Anonymous Coward

        Indeed they have, AC, although infested is a tad harsh and unattractive whenever populated is more engaging and even addictive.

        And if any landing here on this thread on El Reg haven’t bothered find out what Yuri Bezmenov has to say regarding Uncle Sam, just click on this hyperlink to more fully understand what is at its work, rest and play ....... https://youtu.be/bX3EZCVj2XA

    2. Citizen of Nowhere

      Re: Don’t Panic ... IT really does has it all under Remote Virtual Control ‽ .

      Recycling comments from other websites? Must try harder. At least produce gobbledygook which is exclusive to this site :-)

      1. amanfromMars 1 Silver badge

        Re: Don’t Panic ... IT really does has it all under Remote Virtual Control ‽ .

        Recycling comments from other websites? Must try harder. At least produce gobbledygook which is exclusive to this site :-) ..... Citizen of Nowhere

        Citizen of Nowhere,

        Cycling comments to other websites disadvantaged by not knowing of exclusives shared on this leading site is gobbledygook over which I would/could not possibly disagree, or even think to begin to dare care and argue with you about. To that sort of a charge would there be no likely offer of an offensive defence.

        Nonetheless, thanks for your concern.

  4. _LC_
    Stop

    Ahhhh – Russia today, China tomorrow?

    Oh boy...

    1. Norman123

      Re: Ahhhh – Russia today, China tomorrow?

      China was yesterday, Russia today, tomorrow who knows? Our mutli-trillion dollar security/defense systems seem to frequently fail since 911 event (itself a gross security failure).

      When cats sleep, mice have a party. Why cats sleep? Dogs (taxpayers) are drugged with lies....Why are they drugged? Because someone has a river of money coming his way......

  5. Christoph

    How much of the data the Russians found was stuff the CIA had previously stolen from Russia? Talk about pot calling the kettle black!

    1. bombastic bob Silver badge
      Pirate

      pot and kettle, sure. that makes sense. It's a fair bet that the USA is just as good at spying as Russia. We just aren't hearing about it...

      Like that Mad Magazine comic, Spy vs Spy

  6. fajensen
    Facepalm

    Perhaps one of the conseqences of growing the MIC at about 5% p/a of the GDP since forever, is that Maybe there is a limited pool of talent that can actually handle classified information, and the defense spending has already by far outgrown what's available?

  7. Mike 137 Silver badge

    So it's getting easier

    "Whoever broke into the US defense contractors' systems did not use novel tactics"

    A few decades back they used extremely sophisticated attacks, including clandestinely re-engineering IBM Selectric typewriters in transit to the US embassies so they transmitted every key stroke to evesdroppers. Read the entire fascinating story in The spy in Moscow Station by Eric Haseltine [Icon Books 2019]. Most interesting and alarming was the continuing and systematic refusal by the US security agencies to accept that this was happening, despite physical evidence.

    1. bombastic bob Silver badge
      Pirate

      Re: So it's getting easier

      But, when you know you're being spied on you can use that to create DIS-information... and also to track where the information GOES.

      This happened in WW2 - Battle of Midway - when they released in the clear false information that Midway's evaporator was broken, and a coded message was sent by Japan that said something like "AF is running out of fresh water" (or similar). This confirmed that 'AF' meant Midway Island, which let the Pacific command know that this would be the invasion target. It was a spectacular win for the Allied forces, though costly. It would have been even costlier had the U.S. Navy deployed carriers to the Aleutian Islands, splitting naval forces in half.

    2. Claverhouse Silver badge

      Re: So it's getting easier

      And in 1945 an immensely sophisticated method of inveigling a listening device into the U.S. Embassy.

      1/ Give a wooden Great Seal of the United States --- always suckers for self-admiring Americana --- to the ambassador.

      2/ Have the ambassador place it in his study.

      3/ Listen.

      .

      .

      https://en.wikipedia.org/wiki/The_Thing_(listening_device)

  8. fargoneicehole

    very likely still unpatched...

    Patches? We ain't got no patches! We don't need no patches! We don't have to install your stinking patches!

    1. vapoureal
      Angel

      Re: very likely still unpatched...

      Patches, I'm depending on you son

      To pull the US through...

  9. Kev99 Silver badge

    Once the "experts" have proven they're idiots when it comes to security. Anyone with an inkling of brains knows a net is just a bunch of holes held together with string, and a cloud is just a bunch of holes held together with vapor. The only method anywhere close to 100% secure is the one the completely eliminates the largest security hole. The one between the keyboard and chair.

    1. Anonymous Coward
      Anonymous Coward

      Remember, an expert is just an idiot who hasn't been found out yet.

  10. JavaJester
    FAIL

    Partying like it's 1999

    Recommendations include:

    A patch management program

    Antivirus Software

    Strong Passwords

    If these recommendations are necessary for such contractors, they are in worse shape than we thought.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like