https://www.bbc.com/news/world-us-canada-57318965
Russia is giving these criminals safe harbor and allowing them to wreak havoc on Russia's opponents. Want to prosecute? The trail will lead to Russia (or one of Russia's allies) and then go no further. Officially, Russia can say whatever it wants about these attacks, condemning them left and right, but doing nothing to actually stop them.
And, because networks are seen primarily as a way to make lots of money by going as fast as possible, they are about as secured as the electrical wires in most places...
Yep and when you have idiots like this guy, paying the ransom; there really are incentives for running a malware ransomware business.
https://www.bbc.com/news/business-57178503
If it's a state actor, the disruption is the primary reason for the attack. Any paid ransom is just a little icing on the cake.
The Ruskies are good at Maskarova - the art of military deception. In the case of cyberattacks denial and misinformation are their primary plays.
https://www.verdict.co.uk/fujifilm-ransom-demand/
(https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/240/emojipedia/280/saluting-face_.png)
in the news again
https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/
Damn... OK, everyone, time to change the passwords on everything again...
As for Maskarova, that goes back to WW2 and the Battle of Kursk. The Germans thought that there were one-fourth of the Russian forces at Kursk than were actually there. Imagine planning to have you and 3 buddies beat up on 2 dudes, only to suddenly discover that there were 6 more just waiting for your crew to throw the first punches...
https://www.pcgamer.com/hackers-begin-leaking-stolen-data-after-vice-refuses-to-help-them-blackmail-ea/
Don't pay the ransom!
Check your attachments in email and you may not have all that much to decrypt...
I'm loving all the C-level marketing/mindshare talks/podcasts/presentations/conferences about this crap. Its all boils down to security basics which we as competent engineers all know (regardless of vendor/platofrm/tool). But these morons have to waste reams of paper/bytes over and over again to explain what is really basic arithmetic level concepts. It would be funny if it wasn't for the fact that these are all very highly paid, very senior management. The head of one of the largest telcos in my region just did one of these conferences and I could boil down his very expensive time to: 2FA, have backups. He's 100% right, but if you don't know this shit by now should you really be in an IT management position.... yet this is the height of the bar, and this is what it takes to lift the general discourse.
OTOH its really good for business LOL
German military intelligence was notoriously terrible, I mean they consistently underestimated Russian numbers since day 1 of Barbarossa, its really a miracle that anyone believed them at all by 1943. Not helped by Hitler's megomaniac Trumpian rejection of reality.
The advanced course covers patching hygiene and replacing legacy, EOL software.
:ivan: