Cyber War With Russia

GeekyChickGeekyChick CISSP, CEH, CCNA, Sec+, SplunkMember Posts: 322 ■■■■□□□□□□
Does anyone have comments on this? Ideas on what America/Russia would target? Just threats?

CIA Prepping for Possible Cyber Strike Against Russia - NBC News

Comments

  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Extremely unlikely. I would equate this to Reagan's "Star Wars" Program. Have some friends who are in or were in the intelligence world, all have said that all countries want to continue to keep the cyber realm operating as it has. Nothing overt and mostly probing for weakness with rare exploitations. All the planners (on either side) are very risk adverse due to the unintended consequences of actions in the cyber realm. Think of STUXNET. It was never meant to get outside of Iran, yet low and behold, it did.

    We all know attribution in the cyber world is extremely difficult. When you are dealing with nation states you are dealing with people who's business is not being caught, not leaving a trace, and plausible deniability.

    As an end note, with all the flaws in our national infrastructure the last thing we want is a cyber war, be it covert or overt. By and large the Russians are considered the best when it comes to cyber and we've all seen the results of their work (news just reports it as something else).
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • OctalDumpOctalDump Member Posts: 1,722
    the_Grinch wrote: »
    All the planners (on either side) are very risk adverse due to the unintended consequences of actions in the cyber realm. Think of STUXNET. It was never meant to get outside of Iran, yet low and behold, it did.

    I always wonder if that means that there have been a lot more successful attacks that weren't detected because whatever errors were made in the case of Stuxnet weren't made, and consequently never came to light. Most IT failures aren't treated as being a sophisticated attack. Even if some attack were suspected, if it was reasonably sophisticated, it could easily not be noticed. Chances are it'd be put down to a hardware issue, or bug, or problem with a recent update or some other issue. Most people would be focussed more on getting the system back up and running than worrying about exploring every possible cause. And if the attack was just to exfiltrate data, or lay the ground work for overt warfare (where the aim is to cause maximum disruption and damn the consequences), then there'd be no reason to even look for evidence of an attack.

    I'm really interested how a cyber war might pan out. At what point does it escalate to conventional war? When would people be ok with bombing another country because they took out the power grid, or shutdown whitehouse.gov, or were implicated in throwing a major election?
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • ChinookChinook Member Posts: 206
    Reagan's Star Wars initiative played a major part in ending the Cold War. He just outspent Russia & sent them into oblivion. As for the media claim the CIA will attack Russia, do you really believe this would be released to the media? The only reason it would be was for public attention/vote getting. You certainly aren't about to warn your "enemy" of what you intend to do.
  • enderstenderst Junior Member Member Posts: 7 ■■■□□□□□□□
    "Current and former officials with direct knowledge of the situation say the CIA has been asked to deliver options to the White House for a wide-ranging "clandestine" cyber operation designed to harass and "embarrass" the Kremlin leadership." - NBC News

    Hmm since it's on NBC News are they really considering it "clandestine"? icon_rolleyes.gif
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■□□□
    My take is it's more of an election trick. I haven't even seen any meaningful proof of attribution of DNC hack to Russia yet. And people who claim that they know who did it can barely be trusted. The purpose of the trick is to shift the attention from rigged elections to Russia who supposedly attacked DNC.

    OPM hack, for example, was much more serious in terms of potential consequences and yet nobody declared any wars. Attribution proofs weren't provided here as well.

    Let's see if I was right after the election is over. If I'm right this cyberwar with Russia topic will be taken out of media.
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    None of this rhetoric coming from Washington or Moscow is any more than saber-rattling to see if the other will blink first. Everyone will continue to spy on everyone else's stuff to the extent that their own technology and talent allows just as it has before.

    I did kinda LOL when I saw the national news story about what the CIA is going to do to Russia. Propaganda.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • Russ5813Russ5813 Member Posts: 123 ■■■□□□□□□□
    OctalDump wrote: »
    I'm really interested how a cyber war might pan out. At what point does it escalate to conventional war? When would people be ok with bombing another country because they took out the power grid, or shutdown whitehouse.gov, or were implicated in throwing a major election?

    This particular news story sounded a bit silly to me and I agree with other posters that it's probably just voter propaganda. Your questions are interesting, though. You can expect a significant loss of life as a result of an attack on critical infrastructure, which I feel justifies retaliation (likely conventional means). Determining the culprit with certainty may be the greater challenge. As for throwing a major election, our government is more than capable of doing that on their own.
  • mbarrettmbarrett Member Posts: 397 ■■■□□□□□□□
    GeekyChick wrote: »
    Does anyone have comments on this? Ideas on what America/Russia would target? Just threats?

    CIA Prepping for Possible Cyber Strike Against Russia - NBC News

    I haven't seen ANYTHING on this story anyplace except the one NBC article. There was a post on Twitter suggesting the CIA "leaked" it first in order to control the news...consider also the timing, coming on a Friday evening when there usually aren't many competing stories over the weekend. Maybe on Monday we will see some more comments from one of the usual security writers if this becomes more of a story.
    More discussion - https://twitter.com/trevortimm/status/787100943053533184
  • TheFORCETheFORCE Senior Member Member Posts: 2,298 ■■■■■■■■□□
    No government would ever come out and openly make a statement like that. It would be unprecedented, illogical and most importantly very dangerous for governments to start attacking each other openly on the Internet. Very dangerous.
    There is a documentary on Netflix called "Zero Days" watch that for why it is dangerous. Basically, because we all use vulnerable software and if we piss someone off the wrong way it will be the end of a lot of businesses. Business os what rules these days.
  • TrucidoTrucido Member Posts: 250 ■■□□□□□□□□
    The Obama administration is contemplating an unprecedented cyber covert action against Russia in retaliation for alleged Russian interference in the American presidential election, U.S. intelligence officials told NBC News.

    So they're blaming Russia for rigging this years Election? Smart move... because everyone woke up and realized the system is rigged.
    2017 Certification Goals
    CompTIA A+ [ ] CompTIA Net+ [ ] CompTIA Sec+ [ ] CCENT [ ] ITIL [ ]
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,280 Mod
    I treat all media outlets these days as tabloids. Those journalists need to stop having an opinion and go back to, you know, being just a journalist and report verified facts.

    Got a degree in sociology or journalism? say no more, please tell more about your technical opinion about strategic weapons and space technologies.
    Certs: GPEN, GCFA, CISM, CRISC, RHCE
    In Progress: MBA
  • FermionFermion Registered Users Posts: 3 ■□□□□□□□□□
    The thing I worry about with Cyber Warfare is false positives.

    A third party provoking either side into a premature aggressive action could be catastrophic. And not extremely difficult to pull off when tensions are high.
  • GeekyChickGeekyChick CISSP, CEH, CCNA, Sec+, Splunk Member Posts: 322 ■■■■□□□□□□
    I think it's strange that the government would openly suggest they are planning a cyber attack. I imagine there's an ulterior motive in telling the citizens, which is probably the election. Who knows. Maybe if their candidate doesn't win they'll cry foul and say the election was hacked. But I admit that's a stretch. However, Russia could do a lot of damage to our financial system not to mention our military. We all know where that would lead.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    OctalDump wrote: »
    I always wonder if that means that there have been a lot more successful attacks that weren't detected because whatever errors were made in the case of Stuxnet weren't made, and consequently never came to light. Most IT failures aren't treated as being a sophisticated attack. Even if some attack were suspected, if it was reasonably sophisticated, it could easily not be noticed. Chances are it'd be put down to a hardware issue, or bug, or problem with a recent update or some other issue. Most people would be focussed more on getting the system back up and running than worrying about exploring every possible cause. And if the attack was just to exfiltrate data, or lay the ground work for overt warfare (where the aim is to cause maximum disruption and damn the consequences), then there'd be no reason to even look for evidence of an attack.

    I'm really interested how a cyber war might pan out. At what point does it escalate to conventional war? When would people be ok with bombing another country because they took out the power grid, or shutdown whitehouse.gov, or were implicated in throwing a major election?

    You hit one point really well which is to say that things move quickly to get systems back online. A lot of places have no historical way to review data so if they have an inkling of what the problem was they just go with that. To add to that, most nation states are dealing in the zero-day world, be it through their own development (typically the case) or thru purchases. They'll test them and then throw them into the cache for future use. If the world doesn't know about them then the only thing an IT person has to go on is some sort of error that popped up.

    But you are also correct that these weapons target very specific things. Like anything else, once they get in they establish persistence and then start (very slowly) to learn about the network. What does it do? Who does it belong to? The last thing you want is to be inside and to run a command that causes a problem.

    Personally, I tend to believe that neither side wants a cyber war. If someone were to launch a cyber war the casualties will be high and I don't believe anyone wants that. It will cement your enemies resolve and you will then deal with the kinetic war. The only places you will see it is in small countries with no resources to fight back (like Estonia), but who are very much connected.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • scaredoftestsscaredoftests Security +, ITIL Foundation, MPT, EPO, ACAS, HTL behind youMod Posts: 2,781 Mod
    NBC..now that is REAL news. (and remember it is always Trump's fault...)icon_rolleyes.gif Seriously, posturing..like always.
    Never let your fear decide your fate....
  • ChinookChinook Member Posts: 206
    @The Grinch

    Yes, I think a lot of IT failures ARE security breaches. It's just often the admin's don't have the time or skill to investigate.
  • mbarrettmbarrett Member Posts: 397 ■■■□□□□□□□
    There don't appear to be further stories about this. Only thing I found was this write-up on Slashdot which just links back to the same NBC story.
  • superbeastsuperbeast Member Posts: 86 ■■□□□□□□□□
    What if this report was made to have Russia make the first move so the US can say we're on the defensive and use that to justify our reason for engaging in a "cyber war" or just engage in war itself. Unfortunately a lot of these things happening are either leading to something big in the near future or serves as a distraction from something else that is going on. Not sure if I'm just more aware regarding this upcoming election and the incidents revolving around it or what, but being 32 now, I haven't felt this anxious/nervous going into an election before.
  • koz24koz24 Member Posts: 766 ■■■■□□□□□□
    superbeast wrote: »
    What if this report was made to have Russia make the first move so the US can say we're on the defensive and use that to justify our reason for engaging in a "cyber war" or just engage in war itself. Unfortunately a lot of these things happening are either leading to something big in the near future or serves as a distraction from something else that is going on. Not sure if I'm just more aware regarding this upcoming election and the incidents revolving around it or what, but being 32 now, I haven't felt this anxious/nervous going into an election before.
    I think Cyber Warfare is so above Hillary or Trump that it doesn't really matter which one of them gets elected in the grand scheme of things. Unless one of them plans to expand DoD/CyberCommand/NSA/CIA/etc operations in this area I don't see much of a difference. Please correct me if I'm wrong but I don't follow politics all that much.

    Edit: Actually don't correct me :) Let's not start a politics war
  • mudflapsmudflaps Member Posts: 75 ■■□□□□□□□□
    Wikileaks probably obtains its docs from multiple sources. My guess would be some are Russian sourced, but not state sponsored. Hillary is trying her damnedest to do what she should be doing in this instance - discredit the source, and deflect it as Russia attempting to affect our election.

    No matter the source, there is some pretty telling evidence against her. The only authentication you need is her admitting to some, and Julian Assange having his internet access curiously disconnected two weeks before the election.
  • mudflapsmudflaps Member Posts: 75 ■■□□□□□□□□
    Please dont take my last post as political. Just watching the game of 4D chess unfold and making some observations.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I pointed this out to my boss, there are a lot of people who are in the emails that would prefer to not be "exposed". So as far as his internet being cut off, much bigger fish than Hillary got that done. Simple call from someone high up to Ecuador saying "do you want this loan called in? Then contain this." and that was that (in my humble opinion).
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    As for Russia being the culprit, maybe, but then again maybe not. I read this great book on Chinese hackers that talked about how nationalistic they are. Thus while they might not work for the government, it is through a sense of national pride that they hack various systems. I'd imagine this is true of any country and thus could just as easily be a group who just through national pride hacked the emails for release.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • koz24koz24 Member Posts: 766 ■■■■□□□□□□
    I think we have that here too. The group Anonymous and Lulzsec just to name a few are hackers with no government ties.

    You could be right, Grinch. It could be Russian or Chinese enthusiasts. I'm just not following why they would so adamantly want Trump over Hillary though. Why would Russia and China want Donald Trump as President so much? Can anyone enlighten me?
  • GeekyChickGeekyChick CISSP, CEH, CCNA, Sec+, Splunk Member Posts: 322 ■■■■□□□□□□
    Just a guess, but maybe Russia knows Hillary will push for global government and Trump of course won't Russia knows they wouldn't rank high in that situation. Or it could be the pantsuits.
  • mudflapsmudflaps Member Posts: 75 ■■□□□□□□□□
    My thought would also be that Russia would want Hillary. She will more or less be an extension of the Obama administration which has been run roughshod by Putin. He's been able to take Crimea and call the shots in Syria with no US intervention. I would assume their defacto choice would be Hillary. Though, there is some odd perception that Trump and Putin have a favorable relationship. Whether this is true or not, Russian nationalists could be pushing for Trump, in hopes that US and Russia could be allied. Knowing that their economy is garbage and Russia isn't a super power anymore, this could be the case. The perceive a Trump presidency could reverse that.
  • superbeastsuperbeast Member Posts: 86 ■■□□□□□□□□
    The difference is Chinese hacker groups agenda are very much in cooperation with their own government. Anonymous is very anti our government and will release information to people to expose our government.

    In regards to why other countries would want Trump in office? I believe it's because they can accomplish more with Trump as president. I do believe Trump would run our country very similar to a business and other countries would be able to capitalize on that.
Sign In or Register to comment.