Russia & cyber warfare (CWF)

I am wondering how safe are Russian Missile Defense from a Cyber Attack .

The Pentagon has released a report saying US Missile Defenses are vulnerable to a Cyber Attack

http://itsecuritynews.info/2014/07/08/pentagon-confirms-that-missile-defenses-are-vulnerable-to-cyber-attack/

Suffice , to say that both the U.S and China have the intention of carrying out cyber attacks against Russia .

Sujoy wrote:I am wondering how safe are Russian Missile Defense from a Cyber Attack .

The Pentagon has released a report saying US Missile Defenses are vulnerable to a Cyber Attack

http://itsecuritynews.info/2014/07/08/pentagon-confirms-that-missile-defenses-are-vulnerable-to-cyber-attack/

Suffice , to say that both the U.S and China have the intention of carrying out cyber attacks against Russia .

Hi Sujoy..

Do not trust in any news or media that says a NATION missile defense can be at risk by a Cyber attack.
What you see is American Propaganda ,creating an imaginary enemy FIRST , to later Justify their actions later.
Simply US invent a Problem and later they propose the solution. WHAT US really wants is a total crackdown and limitation
of the internet. So people can no longer have freedom of information.

Cyber attack ,means an Internet Attack. And internet is only a Public CLub ,where people just pay a Company a monthly fee ,and they give you access to one network that the average world civilians connect. called world wide web or internet. But there are Private data clubs too.
and you cannot access them with your normal WIndows PC. you need special hardware and software for that. This means that the defense industry is 100% safe and Hacker proof when it comes to their highly classified date.. A company public Relations website on internet is a totally different thing..just a public service. and those can be hacked... and the only people making noise about Cyber attacks is the ones that wants to crackdown on internet and limit its freedoms.  

A quick example of the limitations a Cyber hacker will face trying to enter a Private Network of a defense industry. will be like trying to play a Playstation dvd game ,in a Xbox console.  Or like trying to record with your USB flash drive a video from a computer that only use Floppy disk to input data. Simply the software and hardware are totally not compatible and cannot communicate. The Banking Industry use also its own Special private "internet" and you cannot enter there by just loading a windows PC and writting stuff there. Not possible. All the Cyber attacks pandemonium you have heard on media ,only seeks to scare people and justify ,a crack down on internet freedoms ,to " keep you safe" .

Vann7 wrote:
Do not trust in any news or media that says a NATION missile defense can be at risk by a Cyber attack.

While it's true that most of the media companies believe in propagating their own agenda , fact is that in the recent past U.S drones have been grounded after they were hit by a Virus .

http://www.wired.com/2011/10/virus-hits-drone-fleet/

Similarly , French Rafale jets were also grounded after they were hit by a Malware

http://www.telegraph.co.uk/news/worldnews/europe/france/4547649/French-fighter-planes-grounded-by-computer-virus.html

Vann7 wrote:This means that the defense industry is 100% safe and Hacker proof when it comes to their highly classified date

And yet Chinese hackers stole details of the F 35 , nuclear warhead and SAM systems from the U.S

While it's true that most of the media companies believe in propagating their own agenda , fact is that in the recent past U.S drones have been grounded after they were hit by a Virus .

But that have nothing to do with Cyberhacking , but electronic countermeasures. Can you reprogram a drone software on the fly ?
I really doubt it ,unless who wrote the program are monkeys.. All fake fake..  US wants to control the information on internet.. is that simple ,so they invent a disaster of chinese and talibans neutralizing their army technology with hackers so they can justify the freedom of information on the internet..

Similarly , French Rafale jets were also grounded after they were hit by a Malware

Obviously you do not understand what is internet. Viruses , Malware all those programs written for an specific Operating system..
Windows 99% of the viruses and the others for Linux and Macs OS , also smartphones OS.  IF there is a malware inside a combat jet
is because is either an inside job or a fabrication to justify greater internet controls . But it have nothing to do with internet. American Spy agencies load malicious programs in foreign powers hardware but this is not done hacking ,instead bribing hardware manufacturers ,to include malicious code in their software so they can spy. A USB flash drive for example,can have malicious hardware inside with malicious program (all done by the manufacturer of it) to spy the information people will read and load into the hardware. Is all an inside Job. This is why Russia ask for all its hardware to be done in Russia on its Defense Industry.. WHy is not a good idea that Any NATION politicians and leaders use commercial smartphones . That comes out of the box with cheats to spy on you..

And yet Chinese hackers stole details of the F 35 ,  nuclear warhead and SAM systems from the U.S

Total lies.. Not true.  As i told you is IMPOSSIBLE. To steal anything on a secure network that is not connected to the internet.  To steal Anything people need FIRST to either be present at the place if is something physical or be connected to it ,if it is data. And hackers cannot have access to information that is not connected to the internet public service. And most of this classified data are in computers that not even have an internet connection. totally isolated hardware. IF what you say was possible ,then there will be no need
for Spies to physically travel to foreign nations to steal secrets.. For Cyber hackers to steal anything it have to be connected on Internet ,there is no other way.. if your internet connection fails.. you cannot visit this forum and get access to any data ,can you ? You need to be connected FIRST or physically present to the thing you want to steal , and all highly classified information is NOT connected to  public services like internet. and many times not even have computers and the information is all in papers on a secured office.

 Any hacks with viruses on defense industry or in any high security service or military is either propaganda to justify regulation of the internet or because it was an inside job like Malicious Hardware ,with malicious programs inside. It will be easier to just bribe the inventor and give you the information.. because connecting to secure networks is impossible ,unless is an inside job and that you bribe someone who work inisde and helps you  . But this have nothing to do with hackers ,but with treason. Like a Bank manager ,stealing money from its own bank.  Why Russia never had problems with foreign hackers stealing their secrets? Defense industry can be as safe as they want their companies to be.  But using American computers ,with american hardware or hardware from puppet states they control,is not exactly the best way to keep secrets hidden. Just look at Germany recent scandal .. they have an american spy at the top positions in defense industry.. and later the problems blamed in "hackers" .  Hackers is not the problem in the world ,but Corrupt powers seeking total control and that seek to spy on everyone and everything.

So trust me when i tell you Computers security can be made 100% secure ,IF you want it and have the staff to create one. hackers is not the problem, The problem is corruption of Governments. Western PCs and internet was designed not only for sharing information but also for easy spying on others. This is not a hackers problem but working as was intended. Facebook format for example is designed for easy spying on people information by the US federal agencies, This is why i believe Russia could be incredibly rich if united with India that have good programmers and create a new personal Computer with a new internet with new communication protocols ,made 100% for people privacy and security in mind. it will be hackers proof and could not be spied by the west.

Computers can not be made 100% secure, at least for right now. Saying that is like saying computers can be completely bug-free, it simply isn't true.

GarryB wrote:A computer can be 100% secure... simply keep it locked up in a steel safe and let no one else have access to it and keep it under 24 hour guard.

not very useful however.

Network access makes the computers vulnerable, but also most useful.

Back doors like wireless connections and blue tooth add threat dimensions, but at the end of the day no network is totally secure and to make it so will slow it down and limit it to the point where it will not be useful.

Its still being researched, but there's a chance that it might actually be in us.

Malware can infect system using Inaudible Audio signals
German researchers demonstrated how a malware can infect system in air gapped networks and transfer stolen data using Inaudible Audio signals.
The shocking news that it is possible to infect a computer with Inaudible Audio signals is circulating within the security community has been circulating for several weeks between denials and confirmations.
In October the security researcher Dragos Ruiu described a malware codenamed badBIOS characterized by the capability to infect targeted machines using sound waves as transmission vector, immediate was the skeptical reaction of the world security community.
http://securityaffairs.co/wordpress/20182/hacking/malware-inaudible-audio-signals.html

Computers can not be made 100% secure, at least for right now. Saying that is like saying computers can be completely bug-free, it simply isn't true.

yes ,they can. there is no contradiction between bug free computers and 100% safe computers from hacks. Bugs will always be present ,humans are not perfect.. but if you remove all ways of comunication of a computer.. ie.. Internet , USB ports , and DVD drive ,you cannot remove data from it.. as simple as that. neither you can infect the computer with any virus that comes from outside. Since again is isolated PC.  Usually in any company , the payrol of every employee ,is stored in a master Server ,and this server no one can enter but the company administrator only. And the only way to access its information is if you are in front of the computer and have the passwords to enter on it.
So its IMPOSSible to steal anything from Isolated computers.. This computers even can be connected to hundreds of other computers inside the company and still you can make it impossible to steal any important data. Computer security can be made as strong as you want it.

Of course such servers cannot connect to facebook ,or navigate internet but who cares? Is not a social computer but a private server with highly classified data. and Hackers no matter how good they are ,cannot steal anything from it.. Unless they work inside the company and the administrator of the server allow the hackers to enter the server room.. in other words an inside Job. But this is not a problem of hackers but corruption ,something different.

[quote="AlfaT8"]

Malware can infect system using Inaudible Audio signals
German researchers demonstrated how a malware can infect system in air gapped networks and transfer stolen data using Inaudible Audio signals. The shocking news that it is possible to infect a computer with Inaudible Audio signals is circulating within the security community has been circulating for several weeks between denials and confirmations.

Pure fantasy man.. For 2 computers to share data ..  Regardless of the technique used.. they both needs to understand each other.
If for example a chinese man speak to you ,you will not understand what he says. So Both computers needs to speak the same language for ANY comunication to be possible. Period.  So even if the computer both were connected directly by a Network cable.. if they speak different languages.. they will NOT understand what the other says.  A virus written for Windows PCs will not work in UNIX operating systems..or any other..  

Forget the so called AUdio Hacks to discretely steal information. lets make it more easy..You could even have the world greatest CYberhacker in front a computer and give him the passwords he will need, to enter the network and if he do not understand the language the computer use and its operating system ,he will do  NOTHING. ZERO, nada.
All his Computer knowledge will be worth of shit. He will not understand how it works. If for example the computer have a Custom made operating system ,that he never saw before. He will need Inside Help from the administrator to tell him/her this new comptuer system works.. but if the computer have no ports for communication ,for portable storage devices then still he is out of luck. People have been truly fooled by the so called Cyberhackers that will shut down internet ,or start a world war 3 ,or destroying a nuclear reactor or stealing F-35 secrets. is just total lies. not possible.. Unless it was an inside job.  

Russia can even take things to a new level in security ,just for the fun of it.. but nothing of this is need . They can create their own Computers ,processors ,computer hardware,and programming language ,using their own custom communication protocols and invent their own "internet" called RUSSIAnet.. that is private and do not connect to outside countries.. only connect inside Russia and with Russia defense industry companies only.. So you can take an army of hackers in the west.. and they will not even know how to turn on the computer. All their computer knowledge will be worthless because is an entirely new system hardware with new rules. As I said Computer security can be done 100% secure . Cyberhackers is not the problem , Internet lack of security is working as intended.. it was designed for western spy agencies ,not to secure people information but to make it easy for them to steal everyone information ,including companies data.

There should be a specific thread on Russia & cyber warfare (CWF)

International CWF is becoming more sophisticated

Cyber terrorism is no different that the Alqaeda and ISIS terrorism.. yes is real .. but is MADE IN USA.
They provide the tools ,the knowledge , the weapons and the finance and political cover ,they do it all ,expect
use their own hands for the crime. and later they come with the "solution"..  

Cyber Terrorism /SNowden/anonymous and all that crap only is the pretext not only for sanctions against other nations.. but also for crackdown on the freedom of information on internet..  the west is losing the information war..
and Internet is playing a mayor role ,because now people can easily go to youtube or other sites and see
the alternative story of their propaganda..  

Mark my words.. if a major world war start.. between US and RUSSIa.. the first casualty will be internet.
it will be either shutdown partially and Russia and China and any leftist country disconnected from it.. So
only their bullshit story is told..  I cannot even discount the falsify RT.com and take the domain ,creating
a false news site..   This ALREADY HAPPENED  with Syria..

When US proxy war began against Syria in 2011.. they took down Syrian media from air . and even began to create fake websites . And they also attempted to replace their air signal on tv with a fake channel..that will have the logo of the official channel.. just that will be fake the news.

Cyber threats increase, new international net cops needed – Kaspersky to RT

Published time: January 24, 2015 17:57
Edited time: January 25, 2015 06:35
Reuters/Sergei KarpukhinReuters/Sergei Karpukhin

With cyber-attacks on the financial sector and state sponsored attacks on the internet on the up, a new international organization to police cyber space is needed Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, told RT.

Kaspersky Lab is one of the fastest growing and largest private IT security providers in the world.

RT: It seems cyber security is the talk at Davos, have you noticed an increase in the tension, and why this year?

Eugene Kaspersky: You are absolutely right that cyber security issues are in the focus of many discussions here in Davos and attention to cyber security is increasing year by year. And it’s very easy to understand why, because cybercrimes are getting more professional, they are big enterprises. The financial sector is under attack. There are a lot of state sponsored attacks on the internet. Unfortunately the situation with cyber threats is getting worse and worse year by year.

RT: Cyber security is a tricky business, because it’s so expensive and never absolutely secure. GP Morgan, for example, spent $250 million, they say, on IT security last year and they still got hacked. So, in a sense, how safe can you make a system?

EK: You are partly right that in cyber security it’s hard to guarantee a high level of security but at the same time, we have the techniques, we have the products, which can guarantee a very high level of security for individuals, for enterprises and their critical infrastructure. And my definition of a high level of security is, is that the security is good enough if the cost of attack is bigger than the possible damage to the victims system. So the attack must be more expensive than the value of information that could be stolen or the damage that could be made to the physical infrastructure.


RT: What are some of the greatest challenges facing your company, technical or otherwise?

EK: This is the main challenge for my company to design such technologies and products that will guarantee a very high level of protection, a very high level of security. To stop all types of attacks in cyber infrastructure, attacks on individuals, enterprises and critical physical systems.

RT: We often hear ludicrous physical sums, two trillion dollars for example mentioned as yearly damage from cybercrime. Are those [figures] over inflated?

EK: Unfortunately I can’t guarantee that these numbers are true, but they don’t surprise me. Maybe that’s close to the reality.

RT: The CEO of Sisco, you may have heard, he’s not very optimistic. He believes that in the coming years there will be more cybercrime and worse cybercrime than currently, what’s your outlook?

EK: I’m afraid we will face more issues in cyberspace because there are more and more cybercriminals. They are coming to this business; many of them are getting more and more professional. They are professional enough to hack even very well protected networks. At the same time I’m expecting that new devices will be under attack, smart TV for example, is connected to the internet as a computer and I’m afraid that criminals will affect the system as well. And very soon, maybe not this year, maybe in coming years, we will see more and more, an increasing number of attacks on critical infrastructure.

RT: Are those possible, because we often see them in movies, a terrorist attack,a nuclear power plant by computers, is that the realm of fantasy or could that possibly be the reality?

EK: Of course the movies are movies, and there are a lot of fantasies there. But unfortunately those movies are partly true, unfortunately there are critical systems, critical infrastructure and physical systems. They are based on computer technologies as well, and the computers they manage the physical processes.

RT: As these threats become more and more real, more and more vicious, governments have begun involving themselves in cyber security as well; law enforcement agencies, spy agencies in regulation of the internet. Who should IT security be left up to, firms such as yours, or internet provider’s maybe, or should governments also have a role?

EK: It’s a very good question and there are different opinions, and I think that to manage, to co-ordinate cyberspace there has to be some international organization, maybe not the United Nations, maybe let’s say 20 countries, which are main contributors to cyber technologies and to the internet.

RT: The internet is of course international, cyber criminals are everywhere. You find them in every country. How does that complicate things for you?

EK: The fact that cybercrime is very international and criminals live in different countries. Actually it’s not a headache for me, it’s a headache for the cyber police. But the cyber police are getting more professional, Interpol and Evropol have cyber divisions and we assist them, we co-operate with the cyber police and national and international treaties. So I’m optimistic that the cyber police have more resources and more power to control the population of the cybercrime.

RT: Do you think the issue of cybercrime is appreciated enough among the public, do you think the public understands how dangerous it is?

EK: I think that the level of awareness about the cybercrime, about the cyber-attacks on the internet, attacks on computer systems is good enough, because many people they already know that cybercrime does exist and it’s dangerous. Enterprises of the state are victims of these attacks, so if you’re talking about cybercrime its good enough. But talking about critical infrastructures, still governments are in the process of understanding, they are learning the problem. I’m afraid it’s getting a little bit slow.

[size=35]FSB: cyberattack foreign intelligence services directed to dozens of cities[/size]
https://ria.ru/defense_safety/20161202/1482675962.html

MOSCOW, Dec. 2 - RIA Novosti. The planned cyberattack foreign intelligence agencies to destabilize the Russian financial system is aimed at a few dozen cities, the official website of the FSB.


"Cyber ​​attacks planned to accompany the mass sending of SMS-messages and publications in social networks (blogs) provocative in relation to the crisis of credit and financial system in Russia, business failure and revocation of licenses of a number of leading banks in the federal and regional level. The campaign is aimed at several dozen Russian cities" - said in a statement.

According to the FSB, the foreign intelligence services were preparing attacks on major banks of Russia on 5 December. Cyber ​​command center located in the Netherlands and owned by a Ukrainian company "BlazingFast". Now the Russian special services carry out activities to neutralize threats.

MOSCOW, December 9 - RIA Novosti / Prime. "Rostelecom" reflected DDoS-attacks on the five largest banks and financial institutions in Russia, recorded December 5, the company said on Friday.

According to the operator, the peak power of the attacks was 3.2 million packets per second. At the same time the longest attack lasted more than 2 hours.

"The analysis carried out by specialists Attacks sources" Rostelecom ", revealed that the traffic was generated from the home router users who are usually referred to IoT devices. A distinctive feature of the attacks was that they were organized with the help of devices that support the CWMP (TR- Management Protocol . 069) a few weeks ago in the implementation of the protocol on the devices of some manufacturers was detected a serious vulnerability that allows attackers to form a botnet in order to organize DDoS-attacks ", - said the director of cyber security center" Rostelecom "Muslim Medzhlumov.

He also added that at the beginning of last week's attack through the user's home unit was subjected to the largest German operator Deutsche Telecom and the Irish ISP Eircom.

On the eve of the deputy chairman of Sberbank, Stanislav Kuznetsov has warned that the threat of a full-scale hacker attacks is not yet over, the bank retained mode for increased attention to this threat.

Earlier, Russian Federal Security Service reported on the preparation of foreign intelligence services in the period from December 5, 2016 large-scale cyber attacks in order to destabilize the Russian financial system, including the activities of a number of the largest banks. According to a source close to the Central Bank, 5 December were reported cyber attacks on websites of VTB Group, another activity from intruders has been noted.

70mn cyberattacks, mostly foreign, targeted Russia’s critical infrastructure in 2016 – FSB

https://www.rt.com/news/374973-cyber-attacks-russian-infrastracture/

Seventy million cyberattacks [targeted] relevant facilities of the Russian Federation during this year,” the official told a State Duma committee for Information Policy, adding that the bulk of the attacks originated from abroad.

Touching on Russia’s readiness to ward off the mounting number of cyber threats, Murashov insisted that “at present, Russia has sufficient potential in the development of means of information security.”

However, while many major Russian companies, such as state-controlled energy giant Gazprom and those in charge of critical railway infrastructure, are considered well-protected, there are enterprises that remain particularly vulnerable to such attacks.

“There are companies, where, from our point of view, there is not enough attention being paid to this issue,” Murashev said.

The committee’s meeting was centered on debate over a new bill titled “On the Security of Critical Infrastructure of the Russian Federation,” that is designed to ensure that all companies deemed to be a part of Russia’s critical infrastructure are equipped with effective means to fight off the cyberattacks.

The draft bill envisions that a special register of all companies and agencies that control objects of critical infrastructure be drawn up. Once the entity is in the list, it will be obliged to purchase means for detection and countering cyberwarfare, as well as to report all attempts to disrupt their information security to the relevant state bodies and provide assistance in the investigations that follow. The companies will be divided into three groups, gauging the degree to which their infrastructure is critical.

The bill, which is still in the works, was reportedly backed by State Duma’s Committees for Security and Information Policy on Tuesday, paving the way for its final passage by lawmakers, Russia’s Izvestia daily reported, citing State Duma sources.

So far, it is unclear what state agency will be entrusted with the right to choose the companies for the list, although the FSB has been touted as the most likely pick.

Apart from measures to enhance the protection of critical infrastructure objects, the bill aims to deter potential cyberattacks with heavier punishments. Perpetrators who are writing and spreading malicious computer programs with a purpose of attacking Russia’s critical information infrastructure would face up to 10 years in jail.

This comes after a number of Russia’s security bodes spoke of a heightened threat to Russia’s cybersecurity, citing an increased rate of hacking attacks.

Earlier in January, the head of Russia’s Security Council, Nikolay Patrushev, told Rossiyskaya Gazeta daily that Russia has witnessed “a growing number of attempts to inflict damage to Russian information systems from abroad,” by means of hacking attacks and unlawful collection of personal data. Patrushev noted that while Washington under Barack Obama’s administration was constantly accusing Russia of hacking, “all major internet servers are located on US territory and are used by Washington for intelligence and other purposes aimed at retaining [US] dominance in the world.”

In December, the FSB issued an alert, warning of an imminent cyberattack that it said was about to target Russia’s financial system. The FSB traced the planned large-scale attack to servers and command centers in the Netherlands belonging to a Ukrainian hosting company. Russia’s Communications Ministry has worked out potential counter-measures in connection with the

According NYT Obama had authorized Cyberwarfare Attack on North Korean Missile program and some of those missile taking off and falling off has been attributed to US Cyber Program.

Now I remember Obama and Biden were gloating that they have authorised some unspecfied action against Russia for their claimed US election hack.

Could it be possible those two morons might have authorised some sabotage against Russian Missile and Space program or even action against Russian Presidential Aircraft fleet via Cyber Attack ?

Austin wrote:According NYT Obama had authorized Cyberwarfare Attack on North Korean Missile program and some of those missile taking off and falling off has been attributed to US Cyber Program.

Now I remember Obama and Biden were gloating that they have authorised some unspecfied action against Russia for their claimed US election hack.

Could it be possible those two morons might have authorised some sabotage against Russian Missile and Space program or even action against Russian Presidential Aircraft fleet via Cyber Attack ?

One does not put Russian and NK missiles on the same level, NYT is full of crap.

Not sure where to put this, can a Mod move it if there is a better spot

CyberScoop has learned that Kaspersky research recently exposed an active, U.S.-led counterterrorism cyber-espionage operation. According to current and former U.S. intelligence officials, the operation was used to target ISIS and al-Qaeda members.

On March 9, Kaspersky publicly announced a malware campaign dubbed “Slingshot.” According to the company’s researchers, the campaign compromised thousands of devices through breached routers in various African and Middle Eastern countries, including Afghanistan, Iraq, Kenya, Sudan, Somalia, Turkey and Yemen.

Kaspersky did not attribute Slingshot to any single country or government in its public report, describing it only as an advanced persistent threat (APT). But current and former U.S. intelligence officials tell CyberScoop that Slingshot represents a U.S. military program run out of Joint Special Operations Command (JSOC), a component of Special Operations Command (SOCOM).

https://www.cyberscoop.com/kaspersky-slingshot-isis-operation-socom-five-eyes/

https://sputniknews.com/europe/201810141068874818-netherlands-russia-cyberwar/

they should stop weed or not

They should smoke more. It calms down.

It seems Russia has just been hit again by CIA sponsored hackers and released several private emails and data of Russian officials and business person close to the government. The article from Al Jazeera is mostly BS, but USA and its NATO puppets seem eager to bring its cyber attacks against Russia to the next level. Russia needs to respond to this blatant provocation, however, I would suggest that Russia makes a BIG deal out of this first, show to the public both in Russia and abroad how Hacker groups affiliated to the USA are openly attacking Russian institutions. So when Russia strikes back, it will be easily accepted to be revenge attacks as a result of USA's previous actions.


The Dark Side of the Kremlin: Hacked Russian documents explained