TechLetters #67 - Cyberwarfare in context of Ukraine. No-fly zones mean war. Letter to EU Parliament to protect web security/privacy.
Security
NATO: cyberattack may trigger collective self-defence! Triggering article 5 due to a cyberattack in the current crisis still looks inconceivable. But it's not a legal but a POLITICAL decision. Legalese, step aside now. Special times arrived.
"These are things that have been in hypothetical discussion for a decade, but because we've not come to any universal conclusion on what those standards should be, what level of attribution is needed, we're kind of in a very grey area," he told Reuters.
He posed the hypothetical case of a Russian cyberattack on Ukraine that impacts NATO member Poland, triggering power outages that result in hospital patients dying or knocking out traffic lights, causing fatal road accidents involving U.S. troops deployed there.
Ukraine allegedly mobilizing cyber ops support. Potential targets of cyber attacks on Russian energy systems, railways. Unclear how real this is and what it may lead to. I warn against drawing too far-reaching conclusions about possible effectiveness. It would also mean direct involvement of these people in the armed conflict, so acting as combatants (this carries a risk of becoming a target for retaliation).
Cyberattacks on refugee help. More evidence that a cyber threat actor is targeting humanitarian help to affected Ukraine war refugees. "...gather intelligence around the movement of refugees from Ukraine and on issues of importance to the Russian government"
War as a response to cyberattacks. "Russia will treat any hacking of its satellites as a justification for war". Cyberattacks on space systems as a reason for war? If these are weapons systems (or their components), perhaps...
Cyberattack on satellite internet provider continues. KA-SAT. Tens of thousands of users in Europe, and many on Ukraine (their military, too), "connection to the Ukraine conflict" is suspected. “decisive step in their attack on the morning of the Russian attack”. That would be quite a strategic use.
Cyberwar in context of war on Ukraine and hacktivists. Cyberattacks can be used in strategic ways during warfare, but be careful about some reports. They may be unverifiable, overhyped, or with negligible impact on the scale of the conflict. It's a high-intensity armed conflict between two states with heavy kinetic warfare, civilian casualties, and physical destruction … Let's be honest here, what may hacktivism change in this picture? Besides, most of the reports of hacktivism are unverifiable at best. They are highly amplified on social media and traditional electronic media, but what is the actual effect?”. That said I understand that people want to help or to do something.
Cyber war crimes? Well, no. Microsoft says that "cyberattacks tied to the war in Ukraine could potentially be considered war crimes under existing international law". I understand the rationale, and I understand Geneva Conventions (and I do!): but I don't think so. Not yet at least, no point in saying so, then.
ANSSI, the French cybersecurity authority on Ukraine. "part of the Russian-speaking cybercriminal ecosystem has positioned itself in the ongoing conflict ... providing support to the Russian government" (link)
Cyberattack on Toyota’s supplier. Halts operation in all plants in Japan.
Chinese Ministry of Foreign Affairs demands to "stop malicious cyber activities" by the USA. After recently posted reports.
Privacy
Instagram enabling encrypted direct messages. In Russia and Ukraine (link).
Letter calling EU Parliament to protect web security and privacy. Here. “While we understand that the intent of these revisions is to improve authentication on the web, they would, in practice, have the opposite effect. By creating a means to bypass existing security vetting practices in browsers, the proposed regulation would expose users to increased risk of attack from cybercriminals.
We therefore urge you to amend the revised Article 45.2 to ensure that browsers can continue to undertake their crucial security work to protect individuals from cybercrime on the web.”My analysis of the issue here.
Technology Policy
No-fly zones is not a simple issue, it means war. Well: “Contrary to what so many in the commentariat seem to believe, a no-fly zone is not a military half-measure. It is a combat operation designed to deprive the enemy of its airpower, and it involves direct and sustained fighting. The fact is, a general European war has not started, and we must do everything we can to ensure it does not. That means that a no-fly zone should be off the table.”
Russia not disconnecting from Internet as of now. The reported "Russia is disconnecting from global internet" are quite inaccurate, at least now. They ordered making some specific technical configuration changes to tackle DDoS/etc. For example, rely on local DNS servers. Also hilarious: "strengthen the password policy". The more weird/worrying part is the order to remove "foreign JavaScript content". The Russian ministry said that "there are no plans to turn off the Internet" (but previously they also said there won't be an Ukraine invasion?)
Other
In case you feel it's worth it to forward this content further:
If you’d like to share: