Wednesday, February 16, 2022
TEMPORARY TAKE-OUTS: Distributed Denial of Service Attacks Knock-Out Websites
First of all: There's no evidence the Russian government or citizens are behind the cyber actions, but a statement from Ukraine's Center for Strategic Communications and Information Security posted on Facebook hinted who it suspected.
Flood of malicious junk traffic makes Ukrainian websites unreachable
DDoS temporarily take out sites as Ukraine stares down Russian soldiers at its border.
Ukraine's defense ministry and two banks were knocked offline on Tuesday by a flood of malicious traffic designed to prevent people from visiting the sites, Ukraine's information security center said.
The distributed denial-of-service attacks targeted the websites for Ukraine's defense ministry, the Armed Forces of Ukraine, and two banks, Privatbank and Oschadbank, the country's State Service for Special Communication and Information Protection reported.
At the time this post was being reported, the Defense Ministry site remained completely unreachable. Meanwhile, only the homepage for PrivatBank was available, and it was defaced. Oschadbank's site provided only limited access.
The malicious data floods were also reported by the Ukrainian cyberpolice, but at the time this post was being reported, attempts to visit most of the department's website were unsuccessful. The homepage said: "We apologize for the inconvenience. The site is under maintenance."
On Twitter, department personnel also said they had identified individuals who were sending texts reporting fraudulent ATM failures. Ukraine's Security Service website was also not loading.
No pizza for you
Campaigns that use DDoSes (short for distributed denial-of-service) deliver torrents of junk traffic that are intended to overwhelm targets so they are unable to deliver services. DDoSes can be difficult to stop because they are delivered by large numbers of devices distributed in a wide geographic region. They're analogous to flooding a pizza parlor with so many calls that it's unable to accept orders from customers.
While DDoSes have the capacity to paralyze websites or even huge swaths of the Internet, the disruptions they cause are temporary and usually last only as long as the responsible party continues to deliver the torrent or until a DDoS mitigation service filters out the junk traffic.Network observability company Kentik has been tracking Internet traffic flowing through Ukraine. Graphs showed the DDoSes starting on Tuesday, when the volume of traffic to various targets suddenly spiked by orders of magnitude. AS28907, the autonomous system that hosts the Ukrainian Army, was hit by three waves, as the following two images show:
AS60173 AND AS15742, which host Oschadbank and PrivatBank respectively, saw similar floods:
The DDoSes arrived as Russia has amassed more than 100,000 soldiers at its border with Ukraine. There's no evidence the Russian government or citizens are behind the cyber actions, but a statement from Ukraine's Center for Strategic Communications and Information Security posted on Facebook hinted who it suspected.
"It is not ruled out that the aggressor used tactics of little dirty tricks because its aggressive plans are not working out on a large scale," the center officials wrote in a rough translation."
FCC Cracks Down on "Exclusive-Access Deals" for Internet: Revenue-Sharing + Sales-and-Lease-Back
Key Facts
The FCC’s new rules will prohibit broadband providers from entering into certain revenue-sharing agreements with landlords that keep competitive internet providers from serving tenants, and will require internet providers to inform tenants of exclusive marketing arrangements in “simple, easy-to-understand” language.
The FCC also clarified existing rules to prohibit “sale-and-leaseback” arrangements, which enable cable providers to exclusively lease back the wiring installed in a dwelling, obstructing tenants from switching providers.
FCC Announces Crackdown On ‘Sweetheart Deals’ Between Landlords And Internet Providers
"The Federal Communications Commission announced Tuesday it plans to crack down on “sweetheart deals” between landlords and internet providers that circumvent existing FCC rules to effectively prevent tenants from shopping around for cheaper or higher-quality internet access.
By 2021, 77% of U.S. adults had broadband access, up from 60% a decade earlier, Pew Research Center reported. Though exclusive-access deals between landlords and internet providers have been banned for years, existing rules did not effectively prevent collusion to limit customer choice, FCC Chair Jessica Rosenworcel said. This had the “especially perverse” effect of preventing residents of multi-family buildings from saving money through their denser living arrangements, Rosenworcel said. January 21, Rosenworcel first proposed the suite of new rules to “pry open” the door for competitive internet providers which were enacted Tuesday.
“Every American should have access to high-quality, affordable modern communications services—including the one-third who live in multi-unit buildings,” FCC Commissioner Geoffrey Starks said. “For too long, millions of Americans living and working in multi-tenant environments have faced barriers to obtaining the best communications services and prices.”
As young adults increasingly defer home ownership and demand for apartments reaches an all-time high, the U.S. must build at least 4.6 million new apartment homes by 2030 to avert a major shortage, according to the National Apartment Association, a nonprofit trade association. Additionally, as many as 11.7 million existing apartments may need renovation during the same period."
NO DETAIL GOES UN-NOTICED: Putin's Decision on Who To Distance is A Political Power-Play
When it comes to if the size-of-the-table-matters, there appears to be a lot of guy-talk that bigger is better.Keeping a safe distance is everything but it certainly looks like every move the Russian President makes is dissected... try phone calls; they're safer!
Putin's Long Tables Explained: Why He Puts Some Leaders, Including Germany’s Scholz, At An Extreme Distance
"Russian President Vladimir Putin’s every move is dissected as fears escalate that he’ll soon order an invasion of Ukraine, but attention has recently turned to why Putin sits across from a comically large table during meetings with other world leaders, the most recent instance of which came Tuesday during a meeting with German Chancellor Olaf Scholz.
The extremely distanced table made its first appearance during Putin’s February 1 meeting with Hungarian Prime Minister Viktor Orbán, and The Guardian speculated at the time Orbán’s banishment was due to not quarantining before seeing Putin, a typical requirement for Russian officials coming face to face with the president.
Putin has not kept all leaders at an extreme distance: Putin appeared in images in close proximity to Chinese President Xi Jingping and Kazakhstan President Kassym-Jomart Tokayev during separate February meetings with the two, causing some to suggest that Putin’s decision on who to distance is a political power play.
The meeting between Putin and Scholz comes at a particularly pivotal moment in diplomacy between the West and Russia. Ukrainian President Volodymyr Zelensky stoked fear when he predicted Russia will invade Ukraine Wednesday, though his aides later clarified it was a dark joke.
> During a televised portion of their Monday meeting, Lavrov told Putin that Russia should continue to engage in diplomatic negotiations with the West, saying the possibility of a diplomatic solution in Ukraine is “far from exhausted.” Putin agreed to continue negotiations, even as the West increasingly warns of an impending Russian invasion.
____________________________________________________________________________
INSERT: Apparently the size of a table matters
Photographs taken during a roundtable meeting with CEOs of electric utilities on Wednesday saw Joe Biden using a ginormous 30ft table in the White House state dining room
Biden one-upped Vladimir Putin with his ginormous table, which was almost double in length to the 16ft table that the Russian leader held talks on with Emmanuel Macron
____________________________________________________________________________
Jake Sullivan, the U.S. national security advisor, said Sunday an attack could come as early as this week, while U.K. Prime Minister Boris Johnson said Monday an invasion could come in the next 48 hours. Russia said Tuesday they will pull back some of its more than 130,000 troops reportedly at the Ukraine border, a preliminary indication that Russia is willing to walk down its aggression, at least temporarily."
RELATED CONTENT
WORDLE 5-Letter Words: Hashtag Reaction to GamePlay Changes
Here’s how The New York Times changed Wordle
Handful of "obscure" and "insensitive" words no longer valid as guesses or solutions.
"We are updating the word list over time to remove obscure words to keep the puzzle accessible to more people, as well as insensitive or offensive words," the Times said in a statement provided to ABC News' Michael Slezak. "Solvers on the old word list can likely update to the new list by refreshing their browsers."
That last line is a reference to many players, Slezak included, who are complaining on Twitter that their latest Wordle solution didn't line up with those of other players. That's because some players are still playing on the old PowerLanguage-hosted edition of the game, either through a cached version in their browser or one they deliberately saved locally before the recent changeover (the old URL now redirects to the NYT site).
Tuesday, February 15, 2022
WHY HER AND NOT HIM? "Bitcoin Launderer" set to go home if she can meet the bail...
More media babble and blitz
Judge orders the release of alleged Bitcoin launderer Razzlekhan on bail
/cdn.vox-cdn.com/uploads/chorus_image/image/70509727/Screen_Shot_2022_02_14_at_16.47.45.0.png)
"On Monday, a judge ruled that Heather Morgan, aka Razzlekhan, should be released on bail after she and her husband were arrested for allegedly helping to launder billions of dollars worth of stolen Bitcoin. Morgan and her husband Ilya “Dutch” Lichtenstein were already granted bail last week by another judge, but the government got an emergency stay on the previous order, saying that the couple could potentially use millions of dollars worth of un-seized Bitcoin to flee the country.
Monday’s hearing took place to review the release order and consider further prosecution and defense evidence. You can read both of the written arguments below, which largely reflect what the parties argued in court. The presiding judge decided that Morgan could await her trial at home if she made bail, but she didn’t overturn the stay for Lichtenstein, meaning that he would stay in custody.
The couple was arrested on allegations that they tried to launder some of the 119,754 Bitcoin stolen in the 2016 Bitfinex hack. While the government seized most of that crypto (worth around $3.6 billion last week), it claims in court documents that there are still millions of dollars worth that it hasn’t been able to get its hands on yet. It also says that the couple purchased 70 gold coins with funds linked to the attack, which it didn’t find while searching the couple’s apartment (it did discover empty hollowed-out books, a bag of burner phones, and several hardware cryptocurrency wallets).
Following her arrest, Morgan got a lot of attention on social media after it was discovered that she’d been posting rap music, videos, and fashion content under the name Razzlekhan. Clips of particularly cringe-worthy moments from her music videos have been shared online since the news of her arrest, alongside incredulous comments that the person rapping about being the “Crocodile of Wall Street” was involved with the Bitfinex hack.
During Monday’s hearing, the government argued that Morgan and Lichtenstein could use the un-seized funds or gold to escape to a country that wouldn’t be particularly willing to extradite them, such as Russia or Ukraine (Lichtenstein was born in Russia and renewed his passport in 2019, according to the government). It also argued that they’d be motivated to do so, given that they could face substantial financial penalties and 25 years in prison if convicted of fraud and money laundering.
The couple’s lawyer argued that they were unlikely to flee for several reasons — Morgan is currently recovering from surgery, and both her and Lichtenstein’s parents had posted their houses as collateral for their bail. He also argued that if they had wanted to flee, they would’ve done so in the week or two leading up to the arrest, asserting they would’ve realized the government was on to them after receiving notice of a subpoena from an ISP, and seeing the funds seized. The prosecution responded by saying that it was very unlikely the couple realized how much evidence the government had until they were arrested, given that much of it was obtained by cracking encrypted files Lichtenstein had stored on a cloud service.
The judge said that Lichtenstein wouldn’t be granted bail because the government’s evidence alleges he was largely in control of the funds — Morgan, she reasoned, was less likely to have access to funds that would help her escape. She said that Morgan would have to follow the conditions outlined in the original release order, which include house arrest, an ankle bracelet for location monitoring, restrictions on computer use, and a ban on carrying out cryptocurrency transactions.
The argument for why Lichtenstein and Morgan should be allowed bail, prepared by their lawyers
The government’s argument why Lichtenstein and Morgan shouldn’t be allowed bail
21st Century Hybrid Warfare: Bot Farms and Hostile Intelligence Agencies Create Anxiety + A Sense of Panic
Aaaaah there's nothing like distorting 'the real state of affairs' with some mass media, in the spread of narratives of the aggressor state by certain politicians, etc.
Ukraine says it’s targeted by ‘massive wave of hybrid warfare’
"Ukraine is facing attempts to systemically sow panic, spread fake information and distort the real state of affairs. All this combined is nothing more than another massive wave of hybrid warfare," the SSU said.
The SSU added that it had to counteract multiple such attempts linked to hostile intelligence agencies and bot farms targeting both social networks and mass media.
"The SSU is seeing such manifestations of hybrid warfare in social networks, some mass media, in the spread of narratives of the aggressor state by certain politicians, etc. The SSU is not just observing these, but also actively counteracting to them," the Ukrainian Security Service added.
"This is reflected in the NSDC decisions, number of neutralized cyberattacks, dismantling of numerous bot farms, exposing agent networks of hostile intelligence services and preventing sabotage and terrorist attacks."
Today Russia is making great efforts to destabilize the situation in Ukraine. It not only draws troops to our borders, but also uses all tools of hybrid warfare, i.e. cyberattacks & disinformation campaigns.
— MFA of Ukraine (@MFA_Ukraine) February 1, 2022
For example: the geography of reports on fake minelaying this January. pic.twitter.com/aw9f4Gx0mu
> For instance, last week, the Ukrainian government security agency dismantled two bot farms linked to Russian special services and controlling 18,000 social network accounts.
The two botnets were used to distribute fake news that would spread panic and send bomb threats designed to disrupt operations across the country.
> On February 1st, the Ukrainian Computer Emergency Response Team also warned of attacks against Ukrainian authorities, coordinated by the Gamaredon hacking group (previously linked to Russia's Federal Security Service (FSB) by the Ukrainian security (SSU) and secret (SBU) services).
> One day later, the SSU said it blocked over 120 cyberattacks targeting the information systems of Ukrainian state institutions throughout January 2022.
> Microsoft also said on February 4th that Gamaredon is the threat group behind a wave of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since at least October 2021.
Redmond security and threat researchers added that Gamaredon's ongoing cyber-espionage campaign is coordinated out of Crimea, confirming SSU's assessment that these state-backed hackers are officers of the Crimean FSB known to have sided with the Russian occupation during the 2014 occupation.
However, as Microsoft pointed out, Gamaredon is not linked with the January cyberattacks that targeted Ukraine's government agencies and corporate entities with destructive data-wiping malware disguised as ransomware.
-
Flash News: Ukraine Intercepts Russian Kh-59 Cruise Missile Using US VAMPIRE Air Defense System Mounted on Boat. Ukrainian forces have made ...
