Poland is a major logistical hub for everything going towards Ukraine. Thus targeting basic infrastructure like energy grid or railroad have to be expected.
On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
> On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
Or perhaps they used an already-known malware to measure defensive capabilities without showing any of their cards.
Cyber-defensive measures aren't very useful though. Once malware is known to exist, you don't "reveal a capability" by detecting it - it all boils down to basically signature analysis, or just good standard practice (air gaps, software supply chain accountability etc).
This is vastly different to real world military systems, where there are a lot more variables and no guarantees - i.e. countries have limited numbers of air defense systems and missiles, the missiles have finite non-zero flight times, the physics of detection systems and sensors are not absolute etc.
The real world is just more complicated, so the value of buzzing someone's airspace reveals a lot more information then "huh, guess they didn't click on that email".
While there's some overlap in methodologies and back-and-forth with various escalations, so-called malware is distinct from software exploits. Malware can be delivered without an exploit and quite often is. Social engineering is highly effective.
To be fair precision strikes on bridges are not that easy. Of course the Kerch bridge is especially resilient due to the way it was build but still actually hitting a 60-100 meter length bridge from 700-1000 km away is tricky.
Not that it matter anyway at all... since there aren't any major rivers separating Poland and Ukraine to begin with.
before anyone jumps on the pedantry bandwagon, its worth noting that even though open war hasn’t been called: the attacks on infrastructure especially cyber warfare is extremely active and, crucially, direct.
It is totally fair to say that in a digital context, Russia is absolutely at war with Europe.
As far as I can tell, they don’t even try to hide it.
Some could say that in the cyber realm, they are not petty, ya! Well, or something like that.
Eversince notpetya and the colonial pipeline hack, the cyber strategy game changed a lot. Notpetya was genius as a deployment, because they abused the country's tax software deployment pipeline to cripple all (and I mean all, beyond 99%) businesses in one surgical strike.
The same is gonna happen to other tax software providers, because the DATEV AG and similar companies are pretty much the definition of digital incompetence wherever you look.
I could name other takedowns but the list would continue beyond a reasonable comment, especially with vendors like Hercules and Prophete that are now insolvent because they never prioritized cyber security at all, got hacked, didn't have backups, and ran out of money due to production plant costs.
Europe is the main supplier of weapons to Ukraine which is in actual war with Russia. Of course Russia is at war with Europe, the only reason bombs are not falling in Poland and Germany is that Russia wouldn’t have the capability to defend itself against retaliation. Do people really believe their countries can openly take sides in a war and not be targeted??
Does Europe overall feel and act like that’s the case though?
It seems as if the European war has been pushed to the background recently, and most people kind of forgot about it. If you walk down the streets of Paris or Berlin does it look like it’s wartime, do people talk about it much, do they share the latest front news and so on?
>If you walk down the streets of Paris or Berlin does it look like it’s wartime,
Like what exactly would you want them to do? Run around screaming all day because there's a war in another country 2000 km away from them?
No, people just go on with their lives, doing their jobs, taking care of family and friends, paying their taxes, so that specialized workers in the ministry of defence can take care of the war stuff for them. That's how modern society works.
It's even similar in Kiev, when you walk down the streets you see people living their lives. Gyms, bars, cafes, clubs are full and lively. People don't stop living and enjoying their daily lives just because there's shelling somewhere else in the country.
Russia considers all the European countries as lesser states that should be dominated. Even Hungary, which is politically friendly to Russia, is probably experiencing a lot of disinformation campaigns, because Russia wants to ensure that Putin's lapdog (i.e. Orban) stays in power and serves russian interests.
have you seen the competence in those who manage the infrastructure? i'd say i would need significant proof before assuming anything. And IF russia is doing it, I would still say that we should put 99% blame on the absolute incompetents running the infrastructure, 1% russia.
Russia is currently focused at striking Ukrainian energy assets. Ukraine get energy imports from EU through Hungary and Poland. Hampering energy supply from Poland would but a huge strain on the already struggling Ukrainian network.
Keep the population of hostile countries uneasy at all times, destabilise a bit here and there, help them argue about stupid identity politics instead of focusing on things that actually matter.
When people become complacent about Russians poking around here and there, breaking in and not doing anything etc - then when they actually need to act, the defence will be lukewarm.
The most obvious answer is Russia(or one of their allies like China or Iran) did it because Poland is supporting Ukraine in the war (directly, and also indirectly by letting stuff from other countries be staged and move through Poland).
That would be the most obvious answer, but Russia wants to keep Poland off-balance over the next 2 decades so that they won't intervene as Russia captures its neighbors. You'll see a lot more sabotage in France if Europe agrees to a new nuclear defense pact.
Poland is a major logistical hub for everything going towards Ukraine. Thus targeting basic infrastructure like energy grid or railroad have to be expected.
On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
> On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
Or perhaps they used an already-known malware to measure defensive capabilities without showing any of their cards.
Cyber-defensive measures aren't very useful though. Once malware is known to exist, you don't "reveal a capability" by detecting it - it all boils down to basically signature analysis, or just good standard practice (air gaps, software supply chain accountability etc).
This is vastly different to real world military systems, where there are a lot more variables and no guarantees - i.e. countries have limited numbers of air defense systems and missiles, the missiles have finite non-zero flight times, the physics of detection systems and sensors are not absolute etc.
The real world is just more complicated, so the value of buzzing someone's airspace reveals a lot more information then "huh, guess they didn't click on that email".
You'd think it would've been done during the summer or some other time when that wouldn't matter then.
1 reply →
While there's some overlap in methodologies and back-and-forth with various escalations, so-called malware is distinct from software exploits. Malware can be delivered without an exploit and quite often is. Social engineering is highly effective.
Interesting that Russia still hasn't targeted the bridges going into Ukraine from Poland for some reason.
There were cases of railway sabotage.
https://www.bbc.com/news/articles/cp85g86x0zgo
To be fair precision strikes on bridges are not that easy. Of course the Kerch bridge is especially resilient due to the way it was build but still actually hitting a 60-100 meter length bridge from 700-1000 km away is tricky.
Not that it matter anyway at all... since there aren't any major rivers separating Poland and Ukraine to begin with.
What bridges?
Russia is at war with Europe.
before anyone jumps on the pedantry bandwagon, its worth noting that even though open war hasn’t been called: the attacks on infrastructure especially cyber warfare is extremely active and, crucially, direct.
It is totally fair to say that in a digital context, Russia is absolutely at war with Europe.
As far as I can tell, they don’t even try to hide it.
Not to mention the information war they have been waging globally since 2016
8 replies →
Some could say that in the cyber realm, they are not petty, ya! Well, or something like that.
Eversince notpetya and the colonial pipeline hack, the cyber strategy game changed a lot. Notpetya was genius as a deployment, because they abused the country's tax software deployment pipeline to cripple all (and I mean all, beyond 99%) businesses in one surgical strike.
The same is gonna happen to other tax software providers, because the DATEV AG and similar companies are pretty much the definition of digital incompetence wherever you look.
I could name other takedowns but the list would continue beyond a reasonable comment, especially with vendors like Hercules and Prophete that are now insolvent because they never prioritized cyber security at all, got hacked, didn't have backups, and ran out of money due to production plant costs.
Europe is the main supplier of weapons to Ukraine which is in actual war with Russia. Of course Russia is at war with Europe, the only reason bombs are not falling in Poland and Germany is that Russia wouldn’t have the capability to defend itself against retaliation. Do people really believe their countries can openly take sides in a war and not be targeted??
4 replies →
The cold war never ended
1 reply →
[flagged]
20 replies →
What I am starting to appreciate about these digital infrastructure attacks is that they may be reversible and or temporary. It can be a nice feature.
26 replies →
Does Europe overall feel and act like that’s the case though?
It seems as if the European war has been pushed to the background recently, and most people kind of forgot about it. If you walk down the streets of Paris or Berlin does it look like it’s wartime, do people talk about it much, do they share the latest front news and so on?
>If you walk down the streets of Paris or Berlin does it look like it’s wartime,
Like what exactly would you want them to do? Run around screaming all day because there's a war in another country 2000 km away from them?
No, people just go on with their lives, doing their jobs, taking care of family and friends, paying their taxes, so that specialized workers in the ministry of defence can take care of the war stuff for them. That's how modern society works.
It's even similar in Kiev, when you walk down the streets you see people living their lives. Gyms, bars, cafes, clubs are full and lively. People don't stop living and enjoying their daily lives just because there's shelling somewhere else in the country.
9 replies →
Berlin recently had a blackdown caused by domestic terrorists.
2 replies →
[flagged]
3 replies →
Thankfully we'll magically stop being at war with Russia once Ukraine gives up :P
Haha yep :P
Next is Moldova.
Then Latvia and Lithuania.
Then Estonia and Northern Finland/Norway.
Then Romania and Bulgaria.
Putin has already said many times that he intends to rebuild the Russian empire to its zenith.
It is not, because Europe is not a political entity. Russia is at war with some European countries.
Russia considers all the European countries as lesser states that should be dominated. Even Hungary, which is politically friendly to Russia, is probably experiencing a lot of disinformation campaigns, because Russia wants to ensure that Putin's lapdog (i.e. Orban) stays in power and serves russian interests.
2 replies →
have you seen the competence in those who manage the infrastructure? i'd say i would need significant proof before assuming anything. And IF russia is doing it, I would still say that we should put 99% blame on the absolute incompetents running the infrastructure, 1% russia.
If you did then you'd be extremely gullible.
That seems like just victim blaming - "she was asking for it with the clothes she was wearing".
6 replies →
Russia is currently focused at striking Ukrainian energy assets. Ukraine get energy imports from EU through Hungary and Poland. Hampering energy supply from Poland would but a huge strain on the already struggling Ukrainian network.
https://en.wikipedia.org/wiki/New_generation_warfare
It's the Russian doctrine
Keep the population of hostile countries uneasy at all times, destabilise a bit here and there, help them argue about stupid identity politics instead of focusing on things that actually matter.
When people become complacent about Russians poking around here and there, breaking in and not doing anything etc - then when they actually need to act, the defence will be lukewarm.
Poland is frequently listed by Putin and his crew as one of Russia’s greatest enemies.
Nihil novi. It's like that for centuries. They are still salty about losing Moscow.
The most obvious answer is Russia(or one of their allies like China or Iran) did it because Poland is supporting Ukraine in the war (directly, and also indirectly by letting stuff from other countries be staged and move through Poland).
That would be the most obvious answer, but Russia wants to keep Poland off-balance over the next 2 decades so that they won't intervene as Russia captures its neighbors. You'll see a lot more sabotage in France if Europe agrees to a new nuclear defense pact.