Russian invasion has dangerously destabilized cyber security norms The hacktivist attacks that have occurred during the ongoing war in Ukraine are setting a dangerous precedent for cyber norms — and infrastructure security, according to journalist and author Kim Zetter. "Of course, the situation in Ukraine is unprecedented," said Zetter, speaking during the Black Hat keynote on Thursday. "And …
Three remarks:
1. BHL was one day asked why he was praising terrorism against the Germans and castigating the Palestinian resistance. He said it was not the same on one hand those were Germans and on the other hand those are Jews, so it is not the same...
2. There wasn't much french people to fight for France so the exiled turned to the muslims in Algeria and told them it was Djihad to fight against the Germans: courageous muslims who were more tenacious than the coward french people even infuriated the Germans who asked them why they were fighting so fiercely for those people who were enslaving them. France had promised freedom to the Algerians the same way they would help free France. Of course, once the war was over, the french fired at and killed those innocent and naive Algerians who took it to the streets two celebrate the french AND algerian independences.
3. The war against Hitler was won by the Russians. Even those french terrorists you say helped win the war were communists. The US got into the war and staged the liberation when the war was already over with the aim to counter the Soviet union.
When there's an actual shooting war on, the participants should not be expected to hold back. Moderation in war is imbecility.
I assume that the "volunteers" taking their own action to "support" Ukraine in cyberspace - probably, mostly, haven't thought too hard about what they're doing. And governments like Estonia's are too sympathetic to take a strong line with them, but prefer to turn a blind eye.
Yes, I also assume the Russians won't hesitate to cite this as precedent whenever it suits them. But will it make them do anything they wouldn't have done anyway? - that I doubt.
Norms are only norms if they're enforced. Enforcement relies on a network of shared values and mutual goodwill. That doesn't exist in this case.
"I think it was Estonia that was on the receiving end of a Russian cyber attack in supposedly peaceful times."
Probably, maybe, but Estonia was also subject to a USA NSA attack. In peacetime!
They are a famously digital society, their citizenship card is chipped by one of the Gem off shoots. It allows them access to all sorts of things. Futuristic. But dystopian too because the NSA had already hacked Gem.
Edward Snowden is a saint and it's a sin we leave him in hellish Moscow.
To the extent that they're upset nerdy people who just installed an app "to help the cause", frankly, yes, quite probably.
It would be quite cynical to wonder whether some others would face the threat of criminal proceedings, by their own country, with sweet deals offered, wouldn't it?
Generally, belligerent behaviours in war are based on reciprocity, like "treat the prisoners of my country well and I'll do the same for yours".
Russia set a very low level for anything, may that be IT attacks, bombings civilians, committing atrocities against civilians and prisoners alike. You reap what you sow.
And we're actively refusing to do business with it (at least for major multinationals).
Can someone tell me why we haven't cut its Internet access ?
Russia has at most a few communications lines with the rest of the world. If we are intent on ignoring it completely, why are we still allowing its state-sponsored hackers to use the infrastructure to annoy us ?
Cut the lines. That will end Russia's hacking.
For diplomacy, they can always use radio.
Cut the lines. That will end Russia's hacking.
I doubt that. Russia has enough proxies around the World to do the job and/or circumvent the measure.
The first victims of 'cutting the lines' would be Russian citizens who would have no easy way to avoid the brain washing made of official Russian media. At least some of them can get other information sources thanks to the Net.
Russia has full contact with many countries, including China. None of them seem particularly interested in toeing our line. We can't cut them off because if we do then we cripple our trade.
Its worth remembering that this notion of 'cutting off the other country completely' is relatively new. Even during WW1 it was common practice for German newspapers to be available in Britain and British papers to be available in Germany. (Also, it might be worth remembering that in theory we're not at war with Russia.)
Pascal,
Sadly we haven't yet cut the Russian Federation off of SWIFT. I've been arguing here that we should but Gazprombank is still connected. Even though Gazprom is nominally sanctioned, Gazprombank isn't. Why? Don't let's be beastly to the Germans.
Quote: "The idea of "cyber norms" ...... international law ..."
Now....please explain why "attacks that have occurred during the ongoing war in Ukraine are setting a dangerous precedent for cyber norms"
Reminder: Link: https://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden
It's YEARS AGO that the NSA mounted a campaign of attacks -- that would be a US Government organisation attacking the affairs of its own citizens!! And no doubt the citizens of other countries too!! The Ukraine/Russia conflict has just amped up what has been going on for years!!
There NEVER were any "cyber norms". Rich powerful countries NEVER paid much attention to "international law"....just ask Angela Merkel about her mobile phone!!
Don't make me laugh!!
Did you, like, read the story or its links at all, before jumping to whatabouts?
All the work to agree "norms" happened precisely *because* everyone knew shit like that was going on. And everyone thought it would be a good idea to establish some kind of limits. Like, e.g., no attacking a country's emergency services.
Doesn't mean everything is meant to be nice and safe. Just that there are supposed to be *some* rules. They still leave plenty of scope for nastiness.
"no attacking a country's emergency services"
Suggest you reread the article ose 'norms'...
""They agreed that states should not intentionally damage other states' critical infrastructure or otherwise impair the operation of critical infrastructure that provides public services,"
Doesn't say they shouldn't 'probe' or 'attack', just don't stop it working...
Additionally, the focus is on the infrastructure not the services that use the infrastructure...
Most of the cyber war is revolving around news and media manipulation.
Much-touted capabilities such as "attacking" infrastructure haven't came to pass; because there is a much simpler solution in wartime to attack the infrastructure: use an artillery shell.
The latter doesn't give away your keys to your more esoteric capabilities and is a hell of a lot cheaper.
Where using an artillery shell isn't an option, e.g. perhaps against those supplying arms to one side or the other but not directly involved. That's perhaps where we might see infrastucture attacks.
because there is a much simpler solution in wartime to attack the infrastructure: use an artillery shell.
Those have a reach of about 65km (PzH2000), 100km (GLMRS for HIMARS) or even 300km (ATACMS for HIMARS and M270), which won't reach very far into Russia, while the latter two options are comparatively costly in comparison to the damage to comms that they would cause. Upside though is that the newest Russian comms kit relies heavily on 4G, so any transmitter knocked out will have commanders being forced to move forward with their troops (using commercial and often non-encrypted comms gear, if not just a loudhailer) and thus be more susceptible to nasty stuff raining down on them.
Cyber attacks can be aimed at any Internet-accessible infra, in Moscow, St. Petersburgh or Wladivostok.
"possibly because Russia usually displays very little regard for international norms, cyber or otherwise."
If by "international" you mean NATO + 5 Eyes + Japan, and by "norms" you mean ...
- the destruction of Iraq because Saddam dared to sell oil for Euros instead of Dollars,
- the destruction of Libya because Gaddafi dared to plan to sell oil for a planned to be created currency, a gold backed African Dinar
- the ongoing destruction of Syria and the ongoing looting of Syrian oil and wheat because Syria agreed to oil and gas pipelines from Iran through Iraq to Syria, rejecting the US preferred pipelines that would have run from their Gulf vassals through Syria and terminate at Turkey.
- the total support given to Ukrainian nazis, as one wag put it the "Western press" denazified Ukraine far quicker than Russia's SMO.
- and countless other flagrant violations of international LAWS
... then the REAL international community should be glad that Russia does not abide by those sick norms.
However it begs the question, why did you not ask Kim Zetter why Russia was not mentioned? Was it too much work for you so you decided to insert your own cheap propaganda rather than the facts?
100% agree. I am disgusted by the Russophobia, the Gleichschaltung of Western state press, the non-treatment of the aggressive actions and US and NATO to Russia red lines, the violation of numerous guarantees given post 1991.
The fiction of international law (only used as a political pressure tool; read 100 days in Ruanda to see what it was worth in 1994), double standards, memory holing, selective outrage is sickening.
In the current Ukraine war, Russia's red line appears to have been drawn at the polish border.
An independent countries existence inside that made up red line is seen by Russia as an aggressive action by US and NATO.
Numerous guarantees were made up by Russia post in 2021 to justify their war.
I think i have partly FTFY.
I think that an ongoing civil war in the east seems to have been overlooked somewhere......eight years, 14,000 dead at least, a couple of million displaced. There was a negotiated agreement to stop this ("Minsk") but it was ignored by the Kyiv government who, instead, built up the military with NATO assistance, possibly to invade the east, possibly to threaten the 'soft underbelly' of Russia.
We're told a lot of BS by our media because it relies on most people having at best a sketchy understanding of the history and geography of the area. This allows them to paint a narrative that is essentially a fiction constructed to justify a war. In practice, this war is really a continuation of low level war that's been going on for some time against Russia, a war of systematic sanctions (and, of course, plenty of propaganda). It might be believable, too, if it wasn't for us a) using the same tactics against other countries and b) trying to take on China using the same tools and fictions.
When Russia chose to invade Ukraine, it made itself an international outlaw, just like Germany did when it invaded Poland in 1939. So there is no irregularity involved in cyber attacks, or any other kind of attack, on Russia from the territory of any nation. Only pragmatic reasons, not moral ones, might advise against some forms of attack.
Are you saying non-Windows platforms are inherently more secure, or that the early Internet was less vulnerable to DOSsing?
Either way, I don't think that's a defensible position.
Strange that in cyberspace the act of asking everyone to behave nicely is seen as an option. What we should learn from this escalation is that our critical infrastructure should be defended not assume that it won't be attacked. A gas pipeline manager was asked if he was worried that his pipeline control valves could be hacked he laughed as its not really a problem as there is a guy who goes out to turn the wheel.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
