Comment by general1465
15 hours ago
Poland is a major logistical hub for everything going towards Ukraine. Thus targeting basic infrastructure like energy grid or railroad have to be expected.
On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
> On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
Or perhaps they used an already-known malware to measure defensive capabilities without showing any of their cards.
Cyber-defensive measures aren't very useful though. Once malware is known to exist, you don't "reveal a capability" by detecting it - it all boils down to basically signature analysis, or just good standard practice (air gaps, software supply chain accountability etc).
This is vastly different to real world military systems, where there are a lot more variables and no guarantees - i.e. countries have limited numbers of air defense systems and missiles, the missiles have finite non-zero flight times, the physics of detection systems and sensors are not absolute etc.
The real world is just more complicated, so the value of buzzing someone's airspace reveals a lot more information then "huh, guess they didn't click on that email".
You'd think it would've been done during the summer or some other time when that wouldn't matter then.
No, of course not. They want to also measure response in the physical aspects (like electricians thot would have to drive some time to arrive on site). They're testing end-to-end, so to say. There's no testing like testing in production.
While there's some overlap in methodologies and back-and-forth with various escalations, so-called malware is distinct from software exploits. Malware can be delivered without an exploit and quite often is. Social engineering is highly effective.
Interesting that Russia still hasn't targeted the bridges going into Ukraine from Poland for some reason.
There were cases of railway sabotage.
https://www.bbc.com/news/articles/cp85g86x0zgo
To be fair precision strikes on bridges are not that easy. Of course the Kerch bridge is especially resilient due to the way it was build but still actually hitting a 60-100 meter length bridge from 700-1000 km away is tricky.
Not that it matter anyway at all... since there aren't any major rivers separating Poland and Ukraine to begin with.
What bridges?