Discover and read the best of Twitter Threads about #NotPetya
Most recents (10)
Let’s talk about the software developed by #Ukrainian engineers to assist UA against #Russian aggression (Delta, MilChat, etc)
I have been researching this topic, their development cycles, and use in combat; and I want to share with you some findings.
Large🧵(1/20)
I have been researching this topic, their development cycles, and use in combat; and I want to share with you some findings.
Large🧵(1/20)
I would like to make it clear that this reflection comes from #OSINT, and that this thread will not compromise #Ukrainian #OPSEC
There could be interpretation errors (most sources were in Ukrainian, a language I do not speak), so corrections are welcome
(2/20)
There could be interpretation errors (most sources were in Ukrainian, a language I do not speak), so corrections are welcome
(2/20)
First, it should be noted that none of these tools could be considered a #Wunderwaffe
They will undoubtedly help #Ukraine in its war effort, but having them will not win the war. This software will be an element to be taken into account in combination with others factors
(3/20)
They will undoubtedly help #Ukraine in its war effort, but having them will not win the war. This software will be an element to be taken into account in combination with others factors
(3/20)
"We face a new kind of warfare,no longer constrained by borders or military maneuvers" @SecMayorkas tells @csis_isp, using #NotPetya as a prime example
"We face a very different world than the one our then-new Department of Homeland Security entered in 2003, nearly 20 years ago"
"We face a very different world than the one our then-new Department of Homeland Security entered in 2003, nearly 20 years ago"
"Ubiquitous cutting-edge technologies, economic & political instability, and our globalized economy have erased borders & increasingly bring threats & challenges directly into our communities" per @SecMayorkas "Our homeland security has converged w/our broader nat'l security"
5 years ago I got a call from Ukraine gov requesting help with a new destructive malware strain that was previously unknown. It would become known as #notpetya. By the end of the day I would be on a conference call with MeDoc, the initial victim, thats to Ciscos UA office.
With other Talos team members we worked around the clock for the next week on analyzing #notpetya, hunting it’s source, reassembling fragments, and offering support to orgs around the world. Tomorrow is Constitution Day in Ukraine.
5 years ago Russia attacked Ukraine using Computer Network Attack techniques. Today Russia has soldiers in Ukraine and are constantly blanketing cities with air strikes and missiles.
1/ Thread on diff #cyber skirmishes b/w #Russia and #Ukraine. Initially enlisting the ones alleged to Russia.
2014, Beginning of armed conflict in region started when Russia invaded and annexed the #Crimea Peninsula & started sp the regions of #Luhansk & #Donetsk.
2014, Beginning of armed conflict in region started when Russia invaded and annexed the #Crimea Peninsula & started sp the regions of #Luhansk & #Donetsk.
2/ 2015, Post Russian invasion of the Crimean Peninsula, alleged Russian hackers managed to knock out electric power for around 230,000 customers in western Ukraine.
3/ 2016, Attackers repeated the same sequence, expanding the targets to incl govt & banking sector.
NEW: "At best at the moment we have strategic warning...everyone knows there is a gathering storm" per US National #Cyber Director @ncdinglis, who tells @thecipherbrief summit agencies, private sector need something more
"We need to double down on resilience" per @ncdinglis to be better prepared for or able to avoid the next #Log4j
#Ukraine-#Russia-#Cyber: "We've seen this play before" per @ncdinglis referring to #notpetya
"We have to double down on collaboration...create relationships and muscle memory" to deal w/whatever crisis might unfold, he says
"We have to double down on collaboration...create relationships and muscle memory" to deal w/whatever crisis might unfold, he says
[FIL] La position de la France en matière d’attribution publique des cyber-attaques est en train d’évoluer
⬇️Quelques éléments en complément des fils de @jeangene_vilmer & @elise_vincent
⬇️Quelques éléments en complément des fils de @jeangene_vilmer & @elise_vincent
1/ Alors que les États-Unis ont attribué publiquement une trentaine d’incidents à la Chine, la Russie, la Corée du Nord et l’Iran depuis 2014 (cf. ⬇️), jusqu’à date récente la France s’est toujours abstenue de le faire.
2/ Beaucoup de ses alliés n’ont pas fait ce choix et se sont associés aux dénonciations américaines à plusieurs reprises depuis 2017, notamment en réponse aux attaques #WannaCry #NotPetya #CloudHopper et contre l’OIAC.
#Kollateralschaden im #Cyberkrieg
"...Unternehmen geraten zwischen die Fronten internationaler Hacking-Operationen. Und Deutschland? Will Firmen nicht schützen, sondern lieber mithacken..." 1/x
Kommentar von @maksumuto
sueddeutsche.de/digital/cybers…
"...Unternehmen geraten zwischen die Fronten internationaler Hacking-Operationen. Und Deutschland? Will Firmen nicht schützen, sondern lieber mithacken..." 1/x
Kommentar von @maksumuto
sueddeutsche.de/digital/cybers…
"Experten sagen: Wer sein System nicht direkt geupdatet hat, kann davon ausgehen, dass er nun eine chinesische #Hintertür im System hat..." 2/x
#Fronttür #Backdoor #YouNameIt 🤷♂️
#Fronttür #Backdoor #YouNameIt 🤷♂️
"IT-Sicherheitsunternehmen haben nicht genug Leute, um allen Firmen zu helfen, die jetzt Hilfe bräuchten. Ein IT-Profi spricht von einer Art Cyber-#Triage, also Hilfe nur für ausgewählte Firmen." 3/x
#niet_in_journaal #nieruwsuur #1V #Op1 #bbvpro #NPORadio1 #US #guns Pandemic and protests spur Americans to buy guns at record pace theguardian.com/us-news/2020/j…
The Iranian amateurs are scoring some quick hits, while their professionals are planning. I would expect to see some major impacts from both types of adversaries.
Iranian amateurs are going to have a field day with low hanging fruit. I doubt many of them are thinking about prosecution or retaliation right now, so expect to see a lot of attacks from 5kr1p7 k1dd13z, criminals, and probably some of their legitimate professionals.
Despite, or perhaps because of sanctions against them, Iran has one of the strongest STEM education programs in the world and is heavily investing in new technology. And right now these highly capable tech people are pissed off at the US. atlanticcouncil.org/blogs/iransour…
REX de la cyberattaque #NotPetya par un ancien de Maersk... Impressionnant... Le malware a mis 7 minutes pour contaminer globalement toutes les entités... #SSI
Le CISO de Microsoft a contacté Maersk en leur disant qu'ils ont réussi à casser le chiffrement mis sur les ordinateurs grâce au Cloud... Mais ils ont mis 22000 heures pour une machine... Et chaque machine avait une clé différente... Impossible à appliquer sur 75k devices...
Des impacts monstrueux suite à #NotPetya chez Maersk... 100% des machines connectés sur le réseau ont été contaminés, Active Directory & DHCP contaminés, tous les datacenters (même cloud), les backups en ligne corrompus, etc.
