Discover and read the best of Twitter Threads about #NotPetya

Most recents (10)

Let’s talk about the software developed by #Ukrainian engineers to assist UA against #Russian aggression (Delta, MilChat, etc)
I have been researching this topic, their development cycles, and use in combat; and I want to share with you some findings.
Large🧵(1/20) Image
I would like to make it clear that this reflection comes from #OSINT, and that this thread will not compromise #Ukrainian #OPSEC
There could be interpretation errors (most sources were in Ukrainian, a language I do not speak), so corrections are welcome
(2/20) Image
First, it should be noted that none of these tools could be considered a #Wunderwaffe
They will undoubtedly help #Ukraine in its war effort, but having them will not win the war. This software will be an element to be taken into account in combination with others factors
(3/20) Image
Read 20 tweets
Happening now: @DHSgov @SecMayorkas speaks at @csis_isp Image
"We face a new kind of warfare,no longer constrained by borders or military maneuvers" @SecMayorkas tells @csis_isp, using #NotPetya as a prime example

"We face a very different world than the one our then-new Department of Homeland Security entered in 2003, nearly 20 years ago"
"Ubiquitous cutting-edge technologies, economic & political instability, and our globalized economy have erased borders & increasingly bring threats & challenges directly into our communities" per @SecMayorkas "Our homeland security has converged w/our broader nat'l security"
Read 22 tweets
5 years ago I got a call from Ukraine gov requesting help with a new destructive malware strain that was previously unknown. It would become known as #notpetya. By the end of the day I would be on a conference call with MeDoc, the initial victim, thats to Ciscos UA office.
With other Talos team members we worked around the clock for the next week on analyzing #notpetya, hunting it’s source, reassembling fragments, and offering support to orgs around the world. Tomorrow is Constitution Day in Ukraine.
5 years ago Russia attacked Ukraine using Computer Network Attack techniques. Today Russia has soldiers in Ukraine and are constantly blanketing cities with air strikes and missiles.
Read 4 tweets
1/ Thread on diff #cyber skirmishes b/w #Russia and #Ukraine. Initially enlisting the ones alleged to Russia.

2014, Beginning of armed conflict in region started when Russia invaded and annexed the #Crimea Peninsula & started sp the regions of #Luhansk & #Donetsk.
2/ 2015, Post Russian invasion of the Crimean Peninsula, alleged Russian hackers managed to knock out electric power for around 230,000 customers in western Ukraine.
3/ 2016, Attackers repeated the same sequence, expanding the targets to incl govt & banking sector.
Read 13 tweets
NEW: "At best at the moment we have strategic warning...everyone knows there is a gathering storm" per US National #Cyber Director @ncdinglis, who tells @thecipherbrief summit agencies, private sector need something more
"We need to double down on resilience" per @ncdinglis to be better prepared for or able to avoid the next #Log4j
#Ukraine-#Russia-#Cyber: "We've seen this play before" per @ncdinglis referring to #notpetya

"We have to double down on collaboration...create relationships and muscle memory" to deal w/whatever crisis might unfold, he says
Read 4 tweets
[FIL] La position de la France en matière d’attribution publique des cyber-attaques est en train d’évoluer
⬇️Quelques éléments en complément des fils de @jeangene_vilmer & @elise_vincent
1/ Alors que les États-Unis ont attribué publiquement une trentaine d’incidents à la Chine, la Russie, la Corée du Nord et l’Iran depuis 2014 (cf. ⬇️), jusqu’à date récente la France s’est toujours abstenue de le faire.
2/ Beaucoup de ses alliés n’ont pas fait ce choix et se sont associés aux dénonciations américaines à plusieurs reprises depuis 2017, notamment en réponse aux attaques #WannaCry #NotPetya #CloudHopper et contre l’OIAC.
Read 24 tweets
#Kollateralschaden im #Cyberkrieg

"...Unternehmen geraten zwischen die Fronten internationaler Hacking-Operationen. Und Deutschland? Will Firmen nicht schützen, sondern lieber mithacken..." 1/x

Kommentar von @maksumuto
sueddeutsche.de/digital/cybers…
"Experten sagen: Wer sein System nicht direkt geupdatet hat, kann davon ausgehen, dass er nun eine chinesische #Hintertür im System hat..." 2/x

#Fronttür #Backdoor #YouNameIt 🤷‍♂️
"IT-Sicherheitsunternehmen haben nicht genug Leute, um allen Firmen zu helfen, die jetzt Hilfe bräuchten. Ein IT-Profi spricht von einer Art Cyber-#Triage, also Hilfe nur für ausgewählte Firmen." 3/x
Read 14 tweets
The Iranian amateurs are scoring some quick hits, while their professionals are planning. I would expect to see some major impacts from both types of adversaries.
Iranian amateurs are going to have a field day with low hanging fruit. I doubt many of them are thinking about prosecution or retaliation right now, so expect to see a lot of attacks from 5kr1p7 k1dd13z, criminals, and probably some of their legitimate professionals.
Despite, or perhaps because of sanctions against them, Iran has one of the strongest STEM education programs in the world and is heavily investing in new technology. And right now these highly capable tech people are pissed off at the US. atlanticcouncil.org/blogs/iransour…
Read 16 tweets
REX de la cyberattaque #NotPetya par un ancien de Maersk... Impressionnant... Le malware a mis 7 minutes pour contaminer globalement toutes les entités... #SSI
Le CISO de Microsoft a contacté Maersk en leur disant qu'ils ont réussi à casser le chiffrement mis sur les ordinateurs grâce au Cloud... Mais ils ont mis 22000 heures pour une machine... Et chaque machine avait une clé différente... Impossible à appliquer sur 75k devices...
Des impacts monstrueux suite à #NotPetya chez Maersk... 100% des machines connectés sur le réseau ont été contaminés, Active Directory & DHCP contaminés, tous les datacenters (même cloud), les backups en ligne corrompus, etc.
Read 6 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!