
Russia confirms US cybercommand cyberattack; RAID controllers destroyed - makhama
https://blog.lukaszolejnik.com/target-confirming-an-offensive-cyber-operation-2/
======
doctoboggan
Recently the US Cyber Command was granted greater authority to go on the
offensive, which enabled them to take actions such as this. You can read more
here:

[https://www.nytimes.com/2018/06/17/us/politics/cyber-
command...](https://www.nytimes.com/2018/06/17/us/politics/cyber-command-
trump.html?module=inline)

------
m0zg
Same as when I read reports of Russia "attacking" the US, I'm having a hard
time believing there was the actual evidence to support the origin of the
attack in this case as well. Any even modestly sophisticated hacker, let alone
US Cyber Command, would have no problem hiding the origin of the attack in
order to have plausible deniability. Truth of the matter is, you don't know if
it was USCC or some teenager in her parents' basement.

Don't get me wrong, I'm not saying the two countries don't ever attack each
other's computer systems. I think they do it all the time. I'm just saying
that when someone says "this particular attack was definitely from country X"
they're usually full of shit.

Disclosure: I'm Russian-American.

~~~
nexuist
As with most things, it's hard to prove what actually happened definitively,
but there are clues you can piece together to make a claim within a reasonable
degree of probability. Things like what type of binaries were installed, what
servers were reached out to, even what commands were run...if you collect
enough data, it is possible to see patterns in how certain attackers (like
USCC) operate, and if we assume a teenager in her parents' basement doesn't
have access to the same tools and procedures as USCC does, then it becomes
pretty obvious it wasn't her.

To a certain degree, if your server has malware X, and you can identify
malware X (or something very similar) as belonging to actor A, and you know
actors B, C, and D don't have X in their arsenal, then you can guess with high
probability that you were attacked by A.

Intelligence is probably the most high stakes guessing game in history, and
there are definitely smart people at the top who know that simple IP
correlation is not enough to make this claim - but they likely have access to
sensitive (confidential) data that further justifies that claim.

~~~
m0zg
>> doesn't have access to the same tools and procedures as USCC does

If she's well connected, she does have access to almost everything that's
available, short of something that offers no plausible deniablity because it's
custom made for a particular system, like Stuxnet, or something that's full of
zero days nobody else knows about yet. And the only thing you can conclude in
these two cases is that you're _probably_ dealing with a state-level attacker,
but you can't say which state unless there's something to further narrow
things down, such as unfettered access to controlled nuclear technology in the
case of Stuxnet.

Notice also how we are always expected to accept these reports on faith, and
no _verifiable_ evidence is ever presented.

~~~
nexuist
No verifiable evidence is presented because it shows your hand. If you show
the enemy what you don't know, they could figure out what you weren't able to
find out, and use that to their advantage. If they can trace the evidence back
to a particular source, they can crack down on it and prevent future evidence
from being collected through that pipeline. At best this means they change
their security procedures, at worst it means they murder your spies.

~~~
m0zg
>> because it shows your hand

Then why talk about it at all? I'll tell you why. It's propaganda. Someone is
trying to shit into someone else's head.

~~~
nexuist
It is, indeed, propaganda. But propaganda does not always have to be blatantly
wrong - even a broken clock is right twice a day, etc.

------
dweekly
I'm mildly amused by comments about the "militarization" of the Internet given
its origins.

~~~
bem94
Perhaps re-militarisation would be more accurate?

~~~
msla
[https://www.internetsociety.org/internet/history-
internet/br...](https://www.internetsociety.org/internet/history-
internet/brief-history-internet/)

Just to keep in mind:

> It was from the RAND study that the false rumor started claiming that the
> ARPANET was somehow related to building a network resistant to nuclear war.
> This was never true of the ARPANET, only the unrelated RAND study on secure
> voice considered nuclear war. However, the later work on Internetting did
> emphasize robustness and survivability, including the capability to
> withstand losses of large portions of the underlying networks.

------
waynecochran
The main link support the "Russia" cyber-attack gives me a 404. Who is
upvoting this stuff?

~~~
317070
Works for me (in the UK)
[https://www.nytimes.com/2018/10/23/us/politics/russian-
hacki...](https://www.nytimes.com/2018/10/23/us/politics/russian-hacking-usa-
cyber-command.html)

Edit: I see what you mean. This is the source after fixing the link:
[https://www.armed-
services.senate.gov/imo/media/doc/Nakasone...](https://www.armed-
services.senate.gov/imo/media/doc/Nakasone_02-14-19.pdf)

~~~
makhama
Works for me too.

------
huxflux
"hacked iPhone 7" how about that Apple fanboys?

------
astazangasta
So... The Constitution? We just attack other countries whenever we feel like
now?

~~~
cronix
The case can be made that we were attacked first in 2016, both by hacking (and
releasing) the DNC emails and a coordinated propaganda campaign via social
media, and this was an offensive move to prevent it from happening again in
the 2018 elections. I don't see how this is just an "attack whenever we feel
like it."

~~~
CWuestefeld
Everything you say could be true, but it doesn't address the comment you
responded to. The Constitution requires a declaration of war by Congress. The
War Powers Act gives the president the authority to respond to a military
emergency for 90 days, giving the Congress time to make such a declaration.
Neither of those things have triggered in this case.

~~~
oaiey
Declaring war on Russia. Not a smart idea. I prefer a violation of the
Constitution and everyone looks away than a war declaration on a nuclear
power.

------
__m
Well the media also reported that by the Mayan calendar doom was imminent.
What did they report? do they have informants from the inside? Otherwise this
is hardly substantiating.

