This is hilarious. What I love though, is the use of a hybrid cyber operation with cyber being used for stealth and for messaging.

Violence in and of itself does not send a message, it sends a signal. To make it a message it must be contextualised and presented as a narrative
Thing about a classic terrorist attack. A car bomb in a city centre. If the terrorist group doesn’t call to claim responsibility, then it is just a mindless criminal act without meaning. To contextualise it they will claim responsibility, thus linking the attack to their agenda.
Obviously they can do other things to present their narrative, such as call in a warning to minimise casualties. This way the emotional impact of the violence is diminished and the destruction can be evaluated more objectively, and hopefully rationally.
Point being that the importance of contextualising attacks is often ignored because of mirror imaging and faulty assumptions. “We know exactly why we are doing this, and it will be obvious to them as well.” Except it never is.
In short, if you want to send a message and signal with cyber, you need to contextualise it so that the message can be understood. This is basic semiotics. The signifier and the signified aren’t the same thing. You have to link them.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with thaddeus e. grugq

thaddeus e. grugq Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @thegrugq

13 Jan
Can tactical cyber offensive operations create strategic results? Without a direct link from tactical results to strategic targets, it seems unlikely to happen. Tactical victory is not additive. Tactical successes do simply not build up until they’re a strategic success.
Can cyber operations have strategic impact? Absolutely. Beyond a doubt. But achieving a strategic outcome requires impacting relevant audiences that can alter the strategic landscape. An accumulation of tactical victories may do this, but there is no guarantee.
If the opposition simple ignores the tactical victories, then they have no political impact. Therefore they have to have a direct strategic impact themselves in order to effect strategic change. Again, this is possible, but it is a lot harder and more costly.
Read 7 tweets
7 Jan 21
I’m still struggling to understand how “the TeamCity build servers was used to build the backdoored SolarWind binaries” became “JetBrains was the root of a cascade supply chain hack” and then “TeamCity was the entry vector” (how?? was it exposed on the internet?)
And then even that morphs into “Russian company deceptively based in Czech is somehow involved in hacking SolarWind” which is now some bizarre insinuation that JetBrains is linked to Russian intelligence as a hacking vector.
Inserting the backdoor in the build process is the logical place to do it. Using the CI system is the only way to do that (assuming one is in place.) The backdoor would be in the CI system if it was Jenkins, Python and duct tape, or TeamCity.
Read 4 tweets
6 Jan 21
SolarWind uses JetBrains. There is speculation SolarWind’s backdoor was inserted by abusing their existing jetbrains infrastructure. Not a vulnerability or jetbrains compromise.…
How many people audit their CI pipelines to ensure they aren’t compromised? Once they’re working, they get left alone... but it’s the perfect place to insert a supply chain backdoor.
A compromise of the build system at SolarWind makes the most sense. Every hop removed from the actual targets just makes managing the operation harder. Adding tens of thousands of compromised systems to reach the tens of thousands of systems they access is a complexity nightmare
Read 5 tweets
4 Dec 20
Israeli compartmentation negotiating with ransomware extortionists ... not very well. These two styles of negotiation are probably the least likely to reach an agreement possible:
“The Israeli style of communication is very direct, frank and sometimes blunt. Israelis often communicate in an argumentative style and always openly state their opinions”

This seems pretty accurate.…
Although the primary negotiation style is somewhat competitive, Israelis...look for win-win solutions. Attempts to win competitive advantages should not be taken negatively. You earn your counterparts’ respect by maintaining a positive, persistent attitude…
Read 5 tweets
28 Nov 20
Auxiliary Units were the stay-behind people, with underground shelters, which we had to construct, stiff with sticky bombs and grenades, phosphorous grenades as well, Bren guns and Stens and ammunition galore and fully stocked with food of the non-perishable variety.
My job was to create fifty such bases in Essex and Suffolk reasonably near the coast. Peter Fleming was in Kent. He was very keen on poisoned arrows.

Excerpt from
Forgotten Voices of the Secret War
Roderick Bailey
“We were a very amateur bunch. I think that's the first observation I must make. Immensely keen. What is gratifying, perhaps, was that the Germans at that time were just about as amateur as we were.”

Excerpt from
Forgotten Voices of the Secret War
Roderick Bailey
Read 28 tweets
4 Nov 20
The 2020 election was awash in disinformation. It was practically uncontested. Facebook, Instagram, and WhatsApp were heavily used to spread disinformation. It was domestic, aimed at Latinos, and *crucially* it was in Spanish.
The vast majority of the anti disinformation work this past year has been focused on English. There simply hasn’t been the same attention and resources available to non English speaking communities.

Facebook is dealing with Qanon in Spanish which is linked to election disinfo
In general though, this is a complete failure. There is no excuse, newspapers have been writing about the problem for months. All that money and effort invested in countering disinformation but it is overwhelmingly English. 50+ million Spanish speakers had almost no protection
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!