TechLetters #73 - cyberwarfare operations aiming at Ukraine's power grid. Dangerous (lethal?) cyber tool. Leaking some information during war is helping aggressors.
Security
Cyberwarfare vs power grid. Ukraine says that Russia was conducting a military cyber operation against their power grid. This is unverifiable. We do not know what "attempt" means, or... "targeted computers controlling high voltage substations in Ukraine"? So, INDUSTROYER2? More details.
Dangerous cyber tool. Capable of hacking industrial control systems discovered before it was used. It can be used to disrupt the operation of systems, among the effects may also be loss of human life. Not many cyberattacks have such a potential lethal effects/reach. Extremely rare. The other assessment reaffirms: "very likely state sponsored and contains capabilities related to disruption, sabotage, and potentially physical destruction".
Stolen Github authentication OAuth tokens in use? Disclosure.
Privacy
Technology Policy
Other
The dangers of leaks. German report about “Federal Intelligence Service of Germany (BND) has intercepted radio talks of the Russian Armed Forces, which contain detailed information about the killings of Ukrainian civilians . It is suspected that the details of the talks were later passed on to the media…After the interception protocols became known, the Russian military closed the channels through which the talks were taking place, Focus said. In addition, according to interlocutors close to NATO, access to other sources of information was also blocked”
In case you feel it's worth it to forward this content further:
If you’d like to share: