Hacker News new | past | comments | ask | show | jobs | submit login
Cyberattack hits Ukrainian government websites amid Russia tensions (reuters.com)
135 points by iamsanteri 4 days ago | hide | past | favorite | 48 comments

Minister of Digital Transformation of Ukraine Mykhailo Fedorov believes that the role of cybersecurity in today's world is exaggerated.

He said this in an interview with LB.ua [1].

"I think the role of cybersecurity is a bit exaggerated. There is a lot of talk about it, but in fact few can name any real cases of cyber threats. Let me give a simple example. When we came to the President's Office, the IT team showed dashboards with a thousand attacks a day, overloaded servers, etc. Two weeks later, we fired them, and nothing happened for several months while we were assembling a new team." - Fedorov said.

[1] https://en.lb.ua/news/2019/11/29/8183_role_cybersecurity_sli...

To all the ones making fun, yes his point about firing and it being fine is a problem. However, any IT team that shows me a dashboard that can actually measure attacks I’m going to be skeptical of. At best you’re seeing probes and you don’t know the intent until it’s too late and then you comb through the logs and find breadcrumbs that no monitoring tool told you about. A port scan is not an attack.

The more likely story is the IT team used this as a way to try to get more budget because politicians don’t respond to anything else (whether or not the budget is justified, impossible to say from the outside). Or they were incompetent and truly believed their firewall was measuring attacks and they stopped them all.

Overloaded servers likely is just bad engineering because there’s many tools (many/most free or incredibly cheap) to help with that. Heck, SO, one of the most trafficked sites on Earth, ran on a number of Xeon machines. I suspect their IT infrastructure was poorly optimized.

> we had no way of knowing what was happening but we know nothing happened

"The doctor told me I have a brain tumor. I don't feel sick. I ignored him. It's been two weeks and I feel fine."

2 years later:

I mean... if you can't be a good example, be a warning?

Firing IT is the worst you can do for IT security. I would still check if maybe they gave out the means to deface the site though...

Honestly there is merit to the claim in my opinion. The security industry is full of scam, now even formerly reputable providers begin to sell very flawed solutions. But internal IT is not part of that.

It is also a care about doing a sensible risk analysis. Your web server should maybe be isolated from critical systems as any other system the public can interact with.

>"All information about you has become public, be afraid and expect the worst. This is for your past, present and future."

The message also reads "For Volyn, for OUN UPA, for Galicia, for Polesia, and for historical lands", but I guess Reuters can't be bothered with details.

> For Volyn, for OUN UPA, for Galicia, for Polesia, and for historical lands

Which are sensitive subjects in Polish-Ukrainian relations. The message was published in Ukrainian, Russian and Polish, which according to several polish acquaintances of mine looks like something Google Translate would produce.

Make no mistake who the real offender is.

>Make no mistake who the real offender is.

I don't have any illusions about the cyberattack, my (mild) issue is specifically with Reuters reporting, or their upstream source. Who selectively filtered out the bit they deemed unimportant or harmful or whatever there was on their mind. Reuters' release will be reposted by virtually every English-speaking media unchanged, and they will have no way, time, or desire to verify it, neither will their readers.

Makes me wonder what else they are omitting for my convenience in unrelated topics I don't happen to know anything about.

Such provocations are standard modus operandi of Russians since at least 80's. They use sensitive subjects to sour relations between allies (divide and conquer).

Lets not forget that it's standard modus operandi of every agency who do offensive "security", not just Russians.

The pig head for mocking betrays Russian origin of this attack however, poor footers just can't help themselves.

No doubt every agency knows this and can do it too if they want to, which makes it a completely worthless marker.

Would an agency trying to frame Russians just do that, rather than frame-Russians-who-pretend-they-are-Poles thing? Just a thought.

It’s not just google translate, it’s specifically a mistranslation from Russian, which doesn’t have vocative case.

There is a reason for this. The long-term strategy of Putin is to make his opponents weak by increasing internal tensions. These include weakening the European Union by forcing Lukashenka to deliver immigrants to EU borders and manipulating gas delivery, increasing racial tensions in the USA (in both camps), and in general increasing any kind of social conflict in countries Putin perceives as an enemy. In the case of Poland and Ukraine, Kremlin trolls concentrate a lot on the Volyn massacres, doing everything they can to rekindle enmity.

Romanian here and not Polish, but Ukraine does hold (former Romanian) territory that it was handed to it by the Soviets, and some part of it by Stalin himself, Ukraine seems to have no qualms about that part of Russian rule.

A conversation can be had about Northern Bukovina, as the Habsburgs had stolen it first (in the 1770s) before it temporarily came back under Romanian rule in 1918, but the county of Herța[2] had been under Romanian rule ever since the first Romanian principalities were formed (in the late 1300s in the case of the Principality of Moldova). This latter piece of land was given directly to Ukraine by Stalin.

[1] https://en.wikipedia.org/wiki/Bukovina#Division_of_Bukovina

[2] https://ro.wikipedia.org/wiki/Her%C8%9Ba

The convention post WW2 was that the borders in Europe stay where they are, otherwise there is no end unfurling that. AFAIK Romanian-Ukrainian border is not contested.

Well, de facto that convention wasn't respected, see Yugoslavia. Also, Ukraine did get something from us even after WW2 [1]

I agree about the unfurling part, I was just trying to point out that the Ukrainian state crying about "the big bad Russian wolf" when that bad wolf is a major reason behind their actual foundation as a State is a bit hypocritical. Even more so when the Ukrainian state expects us, their neighbours, to join in in their battles against the Russians.

[1] https://ro.wikipedia.org/wiki/Insula_%C8%98erpilor

If you agree about the unfurling, what you do want them to do?

Resolve their conflicts locally, don’t drag me into a war for your cause.

I had a teacher who used to expel both bully and their victim out of classroom to keep it orderly.

I don't think any neighbouring state has annexed anything of Yugoslavia.

> Even more so when the Ukrainian state expects us, their neighbours, to join in in their battles against the Russians.

Got in to NATO, raise up the ladder!

So what is your conclusion on that: should the border be contested? If so, this would lead to a war. Would the citizen of both countries be happy about it? Or do they prefer to live in peace?

The only people interested in rekindling these kind of conflicts are the ones from Kremlin (note: not Russians, because Russians just like any other normal people don't want any war). For everyone else this would just lead to endless suffering.

Reuters headline on Dec 7,1941:

"Ships sink at Pearl Harbour amid Japan tensions"

Here's my suggestion when reading / thinking / discussing these matters: consider what the people in question actually think and want. Close to 100% of what I read on this topic, "NATO's expansion", "Russia's sphere of influence", etc treats the people in question as inanimate objects that are there for the US and Russia to play with.

NATO did not expand - free people chose to join an organization because they believed it would be better for them. And it was. Perhaps in the future they will choose differently, you can just ask.

Being close to Russia has been a catastrophy for all the places that were under its influnce and they're slowly realizing that and moving away. The closer you were to Russia, the harder this is.

In 2018 the U.S. Cyber Command just shut the fck down Russian troll factory [0] So, it seems that the US could help, but would they?


At the same time there’s a massive infoleak from the polish army.


How the heck is this possible with traffic light policies in place?

Traffic light policies?

I think the poster was joking about the effectiveness of the current IT security community (or ineffectiveness).

"The Traffic Light Protocol (TLP) was created in order to facilitate greater sharing of information".

More info here: https://www.cisa.gov/tlp

What is it about?

A database of Polish military assets - from screws and notebooks to anti-tank missiles and F-16 fighters - has leaked online. Some of the information is extremely valuable to foreign intelligence. According to our informant, a cyber security specialist, the database has already been downloaded by users from more than a dozen countries, including Russia and China. The leak has been confirmed unofficially by two independent sources connected with special services. The military is currently searching for the culprits and is estimating losses.

    The leak most likely originated from the Logistic Planning Headquarters in the Inspectorate of Armed Forces Support in Bydgoszcz
    The information found on the net includes, among others, armament of the Polish army, ammunition, spare parts for combat machines or specialist software
    The disclosed equipment includes also those purchased by the Polish army in the USA, Germany and Israel
    - This is strategic data, which is sought after by e.g. Russian intelligence - says Gen. Piotr Pytel, former head of the Military Counterintelligence Service. In his opinion, such information is worth huge money
    More information on Onet home page
Data on the material resources of the Polish army appeared in the net on Sunday, 9 January - claim Onet sources. The army was to find out about it a day later. According to our sources, the leak was tracked by the military's National Cyber Security Centre, which informed the military services about it.

The military data disclosed on the web amounts to 1 million 757 thousand 390 records. To show the scale of the leak, suffice it to say that firearms of calibre up to 30 mm and their parts and tooling alone amount to 2 thousand 800 items. Each item, or record, is the reported equipment requirements of each unit - from entire F-16s, to heavy weapons, their parts, ammunition for them, spare parts, to uniforms, underwear, blankets and computer equipment, and even flags and diplomas. From over 1.7 million disclosed records emerges a detailed state of possession of the entire Polish army, as well as its equipment shortages. The inventory makes it possible to determine, for example, which equipment is inoperable or what the Polish army is missing.

or it's a honeypot and they want you to think things are inoperable. (not that i believe that, just a possible counter offence)

We do not really have to rush to publish a short news article. We all regularly get this kind of breaking news in other places. I'm more happy to read a piece with technical analysis of the attack on the HN after a week.

There are further attacks on newspapers labelled ‘non-Kremlin’ across Eastern Europe.


There are many people who would say the same thing about america and americans. Looking at the history of my country (germany) i think there are a lot of peoples who would have a similar sentiment. Yet there are brave people in russia fighting for democracy and human rights, reporters risking their live to uncover corruption and millions of people that just want to live and prosper just like anywhere in the world.

I hope one day russia can make the same turn towards democracy and peace my country did without the bloodshed. I don't think comments like yours facilitate that.

But even Navalny wasn't against annexation of Crimea. Ask yourself why.

Russian political climate is all round bad for your brains. Even good men are affected.

pls don't mix the government and the country.

the former is a crowd of criminals, the latter is a beautiful country with unique history, culture and traditions.

"The country" at large is supporting the government. Otherwise there would be sabotage left and right. Stalin may have been "the" bad guy, but there have been people actively producing millions of denunciations, right? So there's the "bad guy" Putin, but there are millions of "little people" serving his causes and seeing nothing bad about it. Just making a little money, always looking out for number one.

>> Otherwise there would be sabotage left and right

Sabotage attempts in modern Russia are monitored and persecuted. Non-government orgs and media are declared to be "foreign actors". The opposition is effectively destroyed. Opposition leaders are convicted(unless they had a chance to flee). "Little people" do not necessarily support it, but they afraid for their freedom, their health and their life. You can't blame them for that

This only means there's a great body of people quite happy to exercise ultraviolence towards their fellow citizens and give them horrorshow tolchoks to their gullivers, which is my point exactly.

Friend, that is the human condition. It's not specific to any country/region/ethnicity.

One should consider themselves fortunate if they are not stuck in those situations.

> pls don't mix the government and the country.

Exactly. Look at the kind of social media content and whatnot that the normal people there put out. Generally speaking the people of eastern Europe seem to have far more in common with the people of north America than either group does with the people of western Europe.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact