Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label GRU. Show all posts

5 Most Significant Online Influencers of 2022

The Wired portal has taken the initiative to publish a list of the individuals that sparked the most online debates in 2022. Controversies motives, false information, and online turmoil will also be on the minds of many people going forward. 

Despite some issues that appear to be fading, such as the COVID-19 outbreak and the world of cryptocurrency, these issues frequently come up on social media. Money laundering, theft, and fraud are among the issues frequently in these debates. 

1. Sam Bankman-Fried

Money laundering, theft, and scams have been rampant in the cryptocurrency sector, from the Crypto dark-web drug trade to billions of dollars being taken from crypto firms by cybercriminals. Sam Bankman-Fried is currently charged with fraud of more than $8 billion in connection with the fall of the bitcoin exchange FTX. The exact extent of the misuse of user cash in FTX's collapse is still unknown, and even the new CEO of the firm, John Ray, claims he's never witnessed a greater catastrophe. This could have far-reaching effects on the cryptocurrency economy. 

In addition to the staggering losses, Bankman-Fried stands in as a particularly alarming example of the problems with the crypto economy.  He seemed to really embrace increased government controls of the business, unlike so others in the crypto sphere.

2. Elon Musk

After the purchase of Twitter, Musk's dark side was exposed, and the erratic power of the world's richest person suddenly put a major online institution in danger. Elon fired at least 4,400 contract workers after letting go of nearly 50% of the Twitter personnel, jeopardizing the operations of a service that acts as Twitter's main artery.

Additionally, Twitter has drastically reduced the size of its team of content moderators, creating scenarios where only one employee is left to monitor child abuse-related tweets across the entirety of Japan and the Asia-Pacific area. Twitter has also outlawed left-wing accounts under Musk's supervision which goes against his support for free speech. He provides a glimpse of the conspiracy-minded ideas and trolling that really motivates his behavior. 

3. Xi Jinping

Every wave of brutality under Xi Jinping has been accompanied by a tightening of online restrictions as censors combed social media for any mention of protests. Han Chinese authorities in Xinjiang have even insisted that Uyghurs install an app that checks their phones for prohibited information.

This year's protests against China's oppressive zero-Covid lockdowns have sparked a new round of online repression, in which it is now illegal to even like a protest-related post, and any indication of wrongdoing is monitored through a controlled credit system with the potential to result in users' immediate expulsion from online platforms. He's made it quite apparent that dictatorial control will infiltrate the Chinese digital life.

4. Narendra Modi

India has begun to resemble China ever more in how it suppresses both offline and online protests under Modi and the BJP. The Indian government has recently taken steps to tighten its control over social media, including temporarily shutting down the internet in the disturbed region of Kashmir, banning several Chinese apps, including TikTok, and giving a three-person group control over social media moderation policy choices.

The government can use the new IT regulations as a tool to challenge the platforms when it wants. It's the initial step toward making it possible to restrict online speech like in China.

5. GRU

In the past seven years, Russia's GRU military intelligence units known as Sandworm and APT28 caused two blackouts in Ukraine. In 2022, it started a plethora of cyberattacks aimed at erasing data from the Ukrainian government and business networks, frequently concurrent with direct physical assaults by the invading army. In a NotPetya-like incident of collateral damage, one GRU malware operation even managed to shut down connectivity to 5,000 wind turbines spread around Germany. A third blackout strike in Ukraine was also attempted by GRU's Sandworm hackers, but this time, at least in the view of the Ukrainian government, defenses were able to prevent it.

The year 2022 will be regarded as a time of major global events with several noteworthy events and occasions. Despite some issues that appear to be fading, such as the COVID-19 outbreak and the world of cryptocurrency, money laundering, theft, and fraud are among the issues frequently on social media. 

US has Offered a $10 Million Bounty on Data About Russian Sandworm Hackers

 

The United States announced a reward of up to $10 million for information on six Russian military intelligence service hackers. According to the State Department's Rewards for Justice Program, "these people engaged in hostile cyber actions on behalf of the Russian government against U.S. vital infrastructure in violation of the Computer Fraud and Abuse Act."

The US Department of State has issued a request for information on six Russian officers (also known as Voodoo Bear or Iron Viking) from the Main Intelligence Directorate of the General Staff of the Russian Federation's Armed Forces (GRU) regarding their alleged involvement in malicious cyberattacks against critical infrastructure in the United States. The linkages attributed are as follows : 

  • Artem Valeryevich Ochichenko has been linked to technical reconnaissance and spear-phishing efforts aimed at gaining illegal access to critical infrastructure sites' IT networks around the world. 
  • Petr Nikolayevich Pliskin, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, and Yuriy Sergeyevich Andrienko, are accused of developing components of the NotPetya and Olympic Destroyer malware used by the Russian government to infect computer systems on June 27, 2017, and Yuriy Sergeyevich Andrienko, who are accused of developing components of the NotPetya and Olympic De.
  • Anatoliy Sergeyevich Kovalev is accused of inventing spear-phishing techniques and communications which were utilized by the Russian government to hack into critical infrastructure computer systems. 

On October 15, 2020, the US Justice Department charged the mentioned officials with conspiracy to commit wire fraud and aggravated identity theft for carrying out damaging malware assaults to disrupt and destabilize other countries and cause monetary damages. 

According to the indictment, GRU officers were involved in attacks on Ukraine, including the BlackEnergy and Industroyer malware-based attacks on the country's power grid in 2015 and 2016. The folks are accused of causing damage to protected computers, conspiring to commit computer fraud and abuse, wire fraud, conspiracy to commit wire fraud, and aggravated identity theft by the US Department of Justice. According to the US Department of State, the APT group's cyber actions resulted in roughly $1 billion in losses for US firms.

The Rewards of Justice has established a Tor website at "he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad[.]onion" as part of the project, which may be used to anonymously submit reports on these threat actors or to communicate the information using Signal, Telegram, or WhatsApp. 

Recently, the Sandworm collective was linked to Cyclops Blink, a sophisticated botnet malware that snagged internet-connected firewall devices and routers from WatchGuard and ASUS. Other recent hacking efforts linked to the gang include the use of an improved version of the Industroyer virus against high-voltage electrical substations in Ukraine amid Russia's continuing invasion.

DDoS Assaults on Ukrainian Banking Elite has Resumed Yet Again


Cyberattacks took down Ukrainian official and bank websites, prompting the government to declare a statewide state of emergency amid growing fears that Russian President Vladimir Putin could launch a full-scale military invasion of Ukraine. The websites of Privatbank (Ukraine's largest bank) and Oschadbank (the State Savings Bank) were also blasted in the onslaught and brought down Ukrainian government sites as well, according to Internet monitor NetBlocks. 

"At around 4 p.m., another massive DDoS attack on the state commenced. We have relevant data from several banks," stated Mykhailo Fedorov, Minister of Digital Transformation, who also mentioned the parliament website had been hacked. Hackers were prepared to conduct big attacks on government organizations, banks, and the defense sector, as Ukrainian authorities said earlier this week. 

SSSCIP and other national cybersecurity authorities in Ukraine are currently "working on countering the assaults, gathering and evaluating information." According to the Computer Emergency Response Team of Ukraine (CERT-UA), the attackers used DDoS-as-a-Service platforms and numerous bot networks, including Mirai and Meris, to carry out the DDoS attacks on February 15th. The DDoS attacks were traced to Russia's Main Directorate of the General Staff of the Armed Forces on the same day, according to the White House. 

"We have technical information indicating ties the Russian main intelligence directorate, or GRU," Deputy National Security Advisor for Cyber Anne Neuberger stated. "Known GRU infrastructure was spotted delivering huge volumes of communication to Ukraine-based IP addresses and domains." 

Neuberger went on to say as, despite the "limited impact," the strikes can be considered as "setting the framework" for more disruptive attacks, which could coincide with a possible invasion of Ukraine's territory. 

The UK government also blamed Russian GRU hackers for the DDoS strikes last week which targeted Ukrainian military and state-owned bank websites. Following a press release from Ukraine's Security Service (SSU), which also had its website hacked, the country was attacked by a "huge wave of hybrid warfare." The SSU announced earlier this month so, during January 2022, it stopped over 120 cyberattacks aimed at Ukrainian governmental entities.

Russia Suspected of Espionage Against Ukraine Via Two Big Nations

 

On Friday, the White House suspected Russia of being behind recent cyberattacks on Ukraine's defense department and banking institutions. 

The statement by Anne Neuberger, the White House's top cyber official, was the most precise attribution of culpability for the cyber breaches which have occurred as tensions between Russia and Ukraine have risen. Although the attacks this week had a "limited impact" since Ukrainian officials were able to swiftly restore its networks, Neuberger believes hackers were laying the framework for future devastating invasions. 

As tensions between Russia and Ukraine rise, Britain has joined the United States in criticizing the GRU military intelligence agency for the widespread denial-of-service attacks. The strike, according to the British Foreign Office, "showed a persistent disdain for Ukrainian integrity." This is just another example of Russia's aggressive behavior toward Ukraine."

Russians may also be laying the foundations for more disruptive measures in the event of a Ukrainian invasion. Neuberger remarked, "We expect more destabilizing or damaging cyber action if Russia decides to continue its invasion of Ukraine, and we're working closely with friends and partners to guarantee to be prepared to call out the behavior and respond." 

The United States was publicly criticizing Russia because it needed to "call out the action swiftly." "The international community must be ready to expose harmful cyber operations and hold actors accountable for any disruptive or damaging cybersecurity threats," Neuberger added. 

The widespread breach of service attacks on Tuesday was described by Ukrainian officials as the deadliest in the country's history. However, while these certainly affected internet banking, hampered some government-to-public interactions, and were definitely intended to induce fear. "Typical DDoS attacks survive because the defenders are untrained," said Roland Dobbins, DDoS engineer at cybersecurity organization Netscout, adding that the most market mitigation technologies designed to resist such attacks are ineffective.

United States Charged Six Russian Intelligence Officers with Involvement in An Unrestricted Huge Hacking Campaign

 


With involvement in an 'unrestricted huge hacking campaign', which incorporates the famous Petya ransomware attacks which have focused mainly on Ukraine in 2015, as of late, the Justice Department has charged six Russian intelligence officers. 

Residents and nationals of the Russian Federation (Russia)the six officials were also in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces.

 

The government claimed that the group that had attacked Ukraine has likewise hacked different computers promoting the 2018 Winter Olympics in South Korea. It likewise hacked and leaked emails of people related to Emmanuel Macron's 2017 campaign for president of France. 

Besides this, they additionally focused on the companies exploring the poisoning of former Russian operative Sergei Skripal two years ago in Britain. 

All the six hackers are GRU officers; the government said that for over two years, they had battled tirelessly to recognize these Russian GRU Officials who interweaved in a global campaign of hacking, disruption, and destabilization, representing the most dangerous and destructive cyber-attacks ever.

The GRU burrowed into three electrical administration systems and cluttered circuit breakers remotely, it was one of the first cyber-attacks and had a cyber firm that consistently focused on critical infrastructure.

The authorities had at first scrutinized and reprimanded North Korea for the strike yet later found that the GRU utilized North Korean hacking tools to throw off the experts. 

That is the motivation behind why the special agent of FBI Michael Christman insisted that the warrant is the result of over two years of strong investigation by the FBI, a position that was kept up by an agent who worked the case.

Here are the names and the acts done by the hackers referenced below: -

 

The FBI has regularly indicated that Russia is very equipped for a cybersecurity adversary, and the information uncovered in this statement shows how omnipresent and harming Russia's cyber activities are. 

While Russia is probably not going to capture the detainees, it is unlikely that they will attain any trial too.

Secondary Infektion: A Russian Disinformation Operation Agency You Need to Know About


The secret campaign was famous as "Secondary Infektion," and it worked separately from the IRA and GRU, staying hidden for many years. The IRA (Internet Research Agency) is known for its notorious disinformation campaigns, where it floods the social media platforms with false information and propaganda. Whereas the GRU, also known as the Main Intelligence Directorate in Russia, is infamous for planning cyberattacks and even strategic data leaks. But in recent times in Russia, it is suspected that there might be a third intelligence agency responsible for such cyberattacks and was able to penetrate even more in-depth. It is believed that this third party that worked distinctly from the former two managed to stay undercover for a long time in Russia and only recently came to public knowledge. Here's what we know.


Known as Secondary Infektion, cybersecurity experts found about the operation in 2019. As of now, a social media analyst firm named Graphika published a report on the intelligence group's activities, which seemed to have started in 2014. According to the report's analysis, this group is known to cover its tracks, and all Secondary Infektion operations online are protected by robust security, which uses hallmark accounts that disappear soon after publishing a comment or a post on social media.

"Secondary Infektion targeted countries across Europe and North America with fake stories and forged documents. Its focus and areas of interest were often of a diplomatic and foreign policy nature: it appeared primarily aimed at provoking tensions between Russia's perceived enemies, and its stories typically concerned relationships between governments and often specifically focused on government representatives. It is also notable for launching smear campaigns against Kremlin critics and for targeting presidential candidates in 2016 in the U.S., in 2017 in France, in Germany, Sweden, and elsewhere," says Graphika's executive summary.

Hence, Secondary Infektion's operations are quite the opposite of the IRA and GRU's way of working. The IRA and GRU believe in building an online presence and increase their reach that is aimed to leave a long-lasting impression, through their disinformation campaigns.