Researcher Finds Russian Cybersecurity Far Shittier Than The Mythology Suggests
from the shoe-on-the-other-foot dept
For much of the last decade, Vladimir Putin has attempted to compensate for various shortcomings (like a less sophisticated real world military) by launching cyber and propaganda attacks on much of the world. And while this, for a while, resulted in a mythology that Russia was in a league of its own when it comes to hacking and cybersecurity, the reality isn’t nearly that exciting.
Jeremiah Fowler, co-founder of the cybersecurity company Security Discovery, spent much of the last year investigating Anonymous’ attacks on Russia as a response to the Russian invasion of Ukraine. In a random sampling of 100 Russian databases, he found 92 of them to have been compromised recently.
That’s in addition to widespread DDOS attacks, hack and leak attacks on numerous companies still doing business in Russia, the hacking of Russian printers to show anti-war messages, hacking retail receipt printers to transmit anti-war messages, and even the hacking of Russian streaming services to show heavily propagandized Russian citizens real-time war footage:
Fowler began his investigation rather underwhelmed at the claims being made by Anonymous and other hacking groups, noting a lack of evidence in most media reports. But when he actually began investigating the found the attacks to be widespread and Russia’s defenses fairly pathetic:
“Anonymous has made Russia’s governmental and civilian cyber defenses appear weak,” he told CNBC. “The group has demystified Russia’s cyber capabilities and successfully embarrassed Russian companies, government agencies, energy companies and others.”
“The country may have been the ‘Iron Curtain,‘” he said, “but with the scale of these attacks by a hacker army online, it appears more to be a ‘paper curtain.’”
Russia’s great innovative contributions to the twenty-first century have so far been implementing online propaganda (“flooding the zone with shit” to destabilize truth itself, as fascists like to say) at global scale, carpet bombing children at shopping malls, and completely removing even the faintest pretense of ethical considerations from nation state hacking attacks.
Online propaganda, war crimes, and reckless global hacking obviously aren’t exclusive to Russia (or the U.S., or China, or Israel), but the idea that Russia’s pioneering efforts on this front meant it was somehow technologically exceptional in any way don’t appear to actually be based on much of anything.
Filed Under: cybersecurity, database, ddos, hacking, privacy, propaganda, russia
Comments on “Researcher Finds Russian Cybersecurity Far Shittier Than The Mythology Suggests”
Only weapons
in my understanding, in the russian military and cyber field, only things that are flashy and cool get funding. Only things that attack, not defend, get funding and only the visible ones at that.
Only weapons get funding. Not defenses, not logistics, not repairs.
Russian defense can be summed up by the old proverb of being crunchy on the outside and soft on the inside.
Red teams can make good blue teams, but it just the possibility does not make it so.
i’d never even heard that Russian cybersecurity was supposed to be good, let alone great or whatever.
Like so many others, efforts on the attack front excel in quantity if not quality, while the most basic of basic security measures are still lacking after 40 years and bajillions of breaches and leaks, and wide open servers and networks.
Just remember, though…
It doesn’t matter how good your cyber defenses are, one well-placed artillery shell can mess up your whole day.
Yeah, not exactly a surprise. The strength of the USA’s cybersecurity is vastly overstated, as is that of the UK, France, Germany, China Japan, the Republic of Korea… no state with enough computers for cybersecurity to matter has anything more than moderately strong security. Some are more pathetically weak than others, but I’d be quite surprised if any stood up to a proper attempt at attack by a peer competitor.
Re:
Maybe state actors should employ NSO. Oh, wait…