Russian Invasion of Ukraine Is ‘Almost Certain,' Cyber Expert Says
spytalk.coThe biggest thing that puzzles me about this (and about many recent geopolitical events) is the elephant in the room. Nobody mentions it:
The United Nations
If it's not possible to even discuss the behavior of the 5 permanent Security Council members (5 of the most powerful countries in the world), then screw it! Let's just get rid of the UN entirely.
Because that's not what UN is. UN is not a world government.
UN for all it's glory, is just a permanent place for countries to to talk to each other.
Think of it as an expo/trade conference for governments that is always running.
The issue here is that Russia doesn't seem to want to talk to anyone (except their demand for 1on1 with USA), and can veto anything on the security council, so UN has little role to play.
> If it's not possible to even discuss the behavior of the 5 permanent Security Council members (5 of the most powerful countries in the world)
Sure you can discuss it, but to what gain ? Just to further piss some of them off ?
> then screw it! Let's just get rid of the UN entirely.
UN is a tool, but unlike a hammer can't always be used. That doesn't mean its useless.
> 5 of the most powerful countries in the world
This is a fantasy people live in that world is a fair place. It's not and it has never been. In private life we have come far, and you could say that at least in most developed countries rule of law works to a degree (it's not perfect, but its better than at any point in the past.)
But on the international stage it's still pretty much that countries with the biggest sticks get their way. Most of the big countries regularly bully smaller ones, and there is little small countries can do, except to maybe appeal to big countries population in hopes they will restrain their own government.
Unless we get some kind of global government that has it's own teeth (army/police) this wont change.
But UN is still useful.
I always find it odd to hear comments to the tune of "Well, if it doesn't bring about world peace, why bother?" As if organizations like UNESCO, UNHCR, WHO, etc didn't exist. The UN makes the world a better place, even if it doesn't make it a perfect place.
Its inability to prevent saber-rattling by the permanent Security Council members is unfortunate. But they haven't had direct wars since the UN was founded, and the UN is partly the reason. It's in the votes; it's in the behind-the-scenes talks that keep small crises from turning into world crises.
It's never going to be a world government that can be the sole legitimate user of force. That was never its goal, even if it were feasible (which it isn't). But it's just ignorant to say that it doesn't have more plausible goals at which it has some success.
> Unless we get some kind of global government that has it's own teeth (army/police) this wont change.
Having been a part of a UN “peace-keeping” military force, under UN command authority, I find this part — and your whole comment odd.
The person is said to be an "expert is cyber security", however, his arguments go way beyond his area of expertise. In fact they barely touch cyber security at all. He might end up being right of course (like anyone else). But at the moment his reasoning is a mere speculation of a person, who is maybe marginally better informed than an average commentator on the matter.
Doesn't matter if he's right, we just need to run the headlines and continue overfunding the military!
How much of this is Washington’s drumming for defence contractors to get rich? And if Russia does invade Ukraine, why do we care? Specifically as a US citizen how does it affect me? Honest question. I either don’t understand geopolitics or there is something seriously wrong with our government and media trying to get us into pointless conflict.
It's about nordstream 2. The US doesn't want it to be finished and I am quite sure it will end up as part of new sanctions against Russia after a small incident on the border.
I agree with you, having the US in play and the US president negotiating is out of place.
Imagine the US was building up troops at the Mexican border and Russia was objecting saying the US will invade Tijuana. They have done it before with New Mexico. Putin would be meeting with the US president instead of the Mexican president. At the same time Germany would be objecting to the new pipeline Mexico is building to Canada and even have people in the parlement trying to force a vote on it (some people in the US congress wanted to vote on nordstream 2, wtf)
They have done it before with New Mexico.
Talk about grasping at straws. The Mexican-American War ended in 1848, and the USA bought the rest of New Mexico in 1854.
Maybe we should discuss instead when Joe Stalin starved millions of Ukrainians to death in the Holodomor[1]. Or maybe that was just an "internal matter"? Or perhaps just Western propaganda?
There is quite the history of wrongdoing by all countries since 1854.
Of course, you know Stalin was Georgian, right?
You know also that Russia is not the USSR, right?
If it does happen, whatever the result will be, it'll be a part of your next presidential election.
Crowdstrike is one the best and most expensive EDR systems on the market. I doubt he'd put their name in jeopardy with misinformation.
Personally as a European I wouldn't mind if Eastern Ukraine (Donbas in particular) rejoins Russia. The people in the region sure want it, and that's what freedom is about, making your own choices. If they don't it'll be an unstable area of insurgency for decades anyway. It's been a warzone for years.
However an invasion would cause instability in itself. It would increase tensions and cause NATO to build up forces. I hope they come to a diplomatic solution but I agree that Russia's public demand are completely ridiculous and designed to fail.
I don't really understand why they view us and NATO as such a threat. We'd never invade Russia.. Nobody would ever want to. And Ukraine and Azerbaijan etc they allowed to separate years ago. It was their own choice.
While I agree with most of your comment, one sentence triggered me.
> I doubt he'd put their name in jeopardy with misinformation.
His company's top officers lied to the public during the campaign in 2016 (and ever since) that the DNC servers was hacked by the Russian Government [1], but then, when asked about it in a court of law in 2017, retractied themselves that any data trace even existed [2]. However the testimony was kept classified. Nevertheless, they continued to tell the same false story in public when asked until the testimony was unclassified in 2020 [3].
This was outright disinformation, and lies, not misinformation. As the saying goes, the first victim in war is truth. And this war is being prepared since 2014.
[1] https://www.nytimes.com/2016/12/13/us/politics/russia-hack-e...
[2] https://mate.substack.com/p/indicted-clinton-lawyer-hired-cr..., see trial transcripts in the middle of the article
[3] https://www.realclearinvestigations.com/articles/2020/05/13/...
None of your sources support the claims you made regarding Crowdstrike.
I gave the specifics in another answer at https://news.ycombinator.com/item?id=29671485 .
Yeah a variety of clowns keep posting this same conspiracy theory over and over, but the fact is that the House testimony does not in any way support your claim
> His company's top officers lied to the public during the campaign in 2016 (and ever since) that the DNC servers was hacked by the Russian Government
The only real takeaway from your links is that crowdstrike does not have pcaps showing data exfiltration.
I gave you an answer on your other comment on what my opinion is on asking for pcaps.
I don't know the ins and outs about the DNC stuff. Here in Europe all that news got lost in the turbulence around Trump. But I thought Russian influence in that case was certain, the Wikipedia page also mentions it: https://en.m.wikipedia.org/wiki/Democratic_National_Committe... and also the NYT article you quote is all about Russian involvement in that case.
And evidence in cyber security cases is super hard. There's just too much misdirection and ways to obfuscate traffic. Especially for state sponsored actors. Attribution to threat actor groups is often based on methodology and toolsets (also referred to as tactics and techniques) and not on hard traceable evidence.
However I have no political stake in this as a European (who never even visited the US) and it's just what I read. Perhaps I'm wrong. But I know in terms of capability as an EDR product crowdstrike is very highly regarded. I agree the secrecy around this testimony is very weird.
And like I said I do agree with most of his points. Something is brewing there.
> However I have no political stake in this and it's just what I read.
Sorry about my tone earlier. It was uncalled for. I edited my comment.
> Wikipedia page also mentions it:
The "talk" section of the page shows vigorous exchanges, as various editors are constantly fighting to erase or put back that part of the story. As the whole case was central to the fight around Trump being an orange but also Russian menace for 4 years, you can easily divine the editors are probably operatives of both parties.
> NYT article you quote is all about Russian involvement in that case.
Yes, that was the first time they publicly lied about it.
I understand. I had no idea how heavily this was politicized.
For us the DNC thing was just in the news when it happened and quickly overwhelmed by other news in that period.
Thanks for the links, I don't have time now but I'll read them in the days to come. I want to know more about this case. Especially because we use the product at work.
> Especially because we use the product at work.
Used to be in the industry, 10+ years ago. Friends tell me goods things about it too.
And anyways, I'm pro-neither party. Both are corrupt to the core. I just hate it when propaganda and lies at this scale works too well.
>Thanks for the links
Aaron Mate is a heavily pro-Kremlin voice, so it's not like those were very good sources, just an opinion of a quite biased journalist.
That is not opinion :
- I linked the New York articles interviewing Crowdstrike :
"The D.N.C. immediately hired CrowdStrike, [...] It made its first appearance in 2014, said Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer.[...] Whenever someone clicked on a phishing message, the Russians would enter the network, “exfiltrate” documents of interest and stockpile them for intelligence purposes. Once they got into the D.N.C., they found the data valuable and decided to continue the operation,” said Mr. Alperovitch, [...]"
There are similar claims elsewhere. You can also find their management in TV interviews or being in TV expert panels.
- The Mate link is only interesting here because of the handy scans of the House Comitee minutes where they answered a direct question by "We did not have concrete evidence that data was exfiltrated from the DNC". You can also go to the original source, if you want.
There are several scanned pages inlined in the middle of that article.
But you’re just playing games with meanings of words.
> "We did not have concrete evidence that data was exfiltrated from the DNC"
They did not have pcaps of exfil traffic but did recover the compressed files that had been prepared for exfiltration. Without pcaps there can be no “concrete evidence” that those files were exfiltrated, but we do know that the intruders did prepare data for exfiltration and had nothing stopping them from doing so.
This is basically as good as it ever gets. How about you name examples of some better investigations?
> They did not have pcaps of exfil traffic
You are playing into Crowdstrike's own Motte and Baily argument in restricting the words "proof" and "evidence" by substitting their meaning to what amounts to a recording of the attack. That is an impossibly high threshold, but it can more easily defended if you do. They kind of had to considering their actual technical arguments were weak.
"We did not have a sensor in place", as said by Shawn Henry. Yes, Crowdstrike didn't have them, and said they relied on "circumstential evidence", but it seems the DNC did have "sensors" in place, and Crowdstrike had access to them:
From the Mueller report, p. 40 [1], "On April 25, 2016, the GRU collected and compressed PDF and Microsoft documents from folders on the DCCC’s shared file server that pertained to the 2016 election. The GRU appears to have compressed and exfiltrated over 70 gigabytes of data from this file server (See SM-2589105-GJ, serial 649. As part of its investigation, the FBI later received images of DNC servers and copies of relevant traffic logs)" - btw all of this info originally comes from Crowdstrike.
While not pcaps per se, most varieties of such logs would show a different profile for downloading 70Gb "thousands of emails", zip/compressed files, etc, than much shorter instrumentation data for their Malware.
You can't have caught one but not having had the other, X-Tunnel + VPN or not. I mean, there are ways for that to be, but you'd have to have been inept on purpose. I have some trouble believing the DNC IT would considering the general environment back then.
So it followed concerning these point that S. Henry, when pressed for what the circumstantial evidence was for 70Gb to have been exfiltrated, S. Henry said "And there might not be evidence of it being exfiltrated, but they would have knowledge of what was in the email. … There would be ways to copy it. You could take screenshots.".
I mean, c'mon man... "screenshots" ??? You basically got VNC but you "sceenshot" ??? Either Mr. Henry is a fool or takes his House Commitee for one - which the latter may very well be.
IMHO, either of us would have to look at the source code for X-Agent (available) or the Sea Daddy implant (no idea) to see if
1. not having logs of large transfers makes sense in this context, at least in its known variant and
2. are the Crowdstrike declarations coherent in that regard.
Until we do, we're kind of stuck to see whose stretching the argument between you and me.
---
On a related note, but not directly involving Crowdstrike, the Dutch cyberdefense org and the NSA seemingly did have such real-time evidence from 2015-2018.
As far as is publicly known, those particular intercepts weren't shared with the Mueller team, nor the House Commitee inquiry.
It would be interesting to know why if it was not on natsec "ways and means" grounds. If it wasn't, the FBI wouldn't have had to rely on Crowdstrike.
> games with meanings of words.
I don't believe I am.
The context I'm using in both my references above is what is understandable by the layman, not mixing technical "in-knowledge" and what said layman reading the NYT can understand :
- D.A. said to the NYT "the Russians would enter the network, “exfiltrate” documents of interest and stockpile them for intelligence purposes. Once they got into the D.N.C., they found the data valuable and decided to continue the operation". I understand "the operation" is refering to "phishing, exfiltrating, stockpiling".
- Later D.A. says to the commission "We did not have concrete evidence that data was exfiltrated from the DNC". That implies no traffic logs, at all.
But then, we're back, again, to the technical problem outlined earlier.
IMHO, a correct and honest wording to the NYT would have been "We have strong indications Russian hackers may have entered DNC servers, but nothing in logs we do have indicates they did anything with it.
[1] https://www.justice.gov/archives/sco/file/1373816/download
[2] https://www.volkskrant.nl/wetenschap/dutch-agencies-provide-... and https://nos.nl/nieuwsuur/artikel/2213767-dutch-intelligence-...
> I don't really understand why they view us and NATO as such a t[h]reat. We'd never invade Russia.. Nobody would ever want to.
I guess it's a paranoia which he's supported with cherry-picked info from history. Someone else better has written that world politics is about who has the most influence, e.g. USA and Europe used to be able to decide almost everything everywhere ("we'll give you development loans, in return you'll have to buy our products"). China is doing that in Africa now, and from Putin's perspective Eastern Europe now has "puppet" governments controlled by USA/Germany (in the guise of EU), I wouldn't be surprised if he thinks their democratic elections are as rigged as Russia's ones, with the media under control of the rulers.
I guess Putin is worried that Russia could fall under that sphere of influence, although I don't know how missiles pointed at Moscow would make the country more democratic... Maybe he sees them as a persuasion tools, after all that's also what he uses his forces for.
I don't think Russia would ever fall under our sphere of influence. Their media is much too tightly controlled and Russia itself is pretty much the master of social media influencing.
But it's a very interesting insight, that he might think we play the game like he does. And I wouldn't rule out that the EU had a hand in the political changes in Ukraine. There's been some rumblings about it. Not sure if it's another misdirection campaign or real. And I know we don't have an unblemished history either.
Most of the population in Western Ukraine seems to be pro EU though. And I don't think that's a result of influencing.
Ps Thanks for pointing out the typo. I know the difference but it must have been auto correct, I'm on my mobile.
yea but the problem is that it likely won't stop there right
I don't think so. The remaining countries in that area are not very pro-Russian. Thinking of the Baltics, Romania..
It's one thing to take a territory where most of the population wants you there. It's another to take an unwilling territory by force.
But it will lead to more military tension all over Europe that's for sure.
Even if you ignore that it's always Crowdstrike when it comes to Russians or that one the founder seems to have a personal vendetta against Putin, Crowdstrike is too large and to close the US government to be trusted.
This is obvious. Plus, Russia announced in the past 1-2 days that it was going to legalise mass graves. See Radio Free Europe publication: https://www.rferl.org/a/russia-mass-burials-regulations/3161...
In recent history (past 30 years), the vast majority of usage cases for mass graves pretty much have been for genocide.
Pay attention people and use your critical thinking skills. Stay off of social media: Russian propaganda is making claims that this is for COVID-19 which is pure BS!
In addition to this RT (Russia Today) along with Sputnik News apps need to be removed from app stores!
Radio Free Europe is a CIA funded propaganda outlet. No different than RT.
Russia Today (RT) has been sanctioned as a propaganda service by international journalism organisations for years.
Radio Free Europe/Radio Liberty does not have this reputation unlike Russia Today.
Who have these international journalism organizations identified as US propaganda services?
If they have not made those distinctions about US funded propaganda outlets, is that because they don't exist? Or because those international journalism organizations can't be trusted to call balls and strikes?
> Radio Free Europe/Radio Liberty does not have this reputation unlike Russia Today.
Wholly untrue and easily disproven.
RFE used to be one of the more important propaganda tool of the US against the Soviets. It was directly managed by the CIA until 1973.
If you look at their wikipedia page [1], you'll even see several references to it that used to be in their own "history" page. Strangely enough, all Wayback machine version now point to the current version since last year.
Nevertheless, at this point it's even been the subject of academic works [2].
RFE is now nominally financed by the US Congress, and overseen by a governmental agency called the Broadcasting Board of Governors, who are all directly named by the US president. The organisation it belongs to used to be called the United States Information Agency [3] until the 90's, and were the explicit international propaganda arm of the US. Trump changed the name and internal organistaion to the US Agency for Global Media [5].
It might not be an outright CIA shop anymore, but it is still following the editorial line of the US government at least as late as 2016 [6].
They also "coincidentally" often open subsidiary offices generally in the year before a conflict in the country next to said conflict (Kosovo in 1999, Afghanistan and Iraq in 2002). Same for anti-communist revolutions, where RFE was instrumental for example in spreading the Romanian orphan story which led to the fall of Ceaucescu [7].
[1] https://fr.wikipedia.org/wiki/Radio_Free_Europe/Radio_Libert...
[2] https://www.jstor.org/stable/43134017
[3] https://en.wikipedia.org/wiki/United_States_Information_Agen...
[4] https://www.csmonitor.com/1983/0620/062048.html
This is scary. What has dissuaded Putin from this kind of thing in the past (if anything)?
A more confident America and Europe.
Keep in mind that Russia has a history of corrupting Western politicians, on a strategic and multi-decade basis, for example Gerhard Shroder, ex-Chancellor of Germany. He initiated the nuclear shutdown, and now serves as Chairman of Rosneft:
https://www.irishtimes.com/news/world/europe/gerhard-schr%C3...
The message to Europe is presumably: intervene in Ukraine this time, and we'll completely shut off your Winter gas.
That makes no sense. Russia is building a pipeline directly to Germany and the ones opposed to it is the US.
Russia doesn't want to support the Ukraine with gas but it want to sell it to Europe.
The purpose of the pipeline is precisely to bypass Ukraine and connect into Germany directly. That way Russia can declare war on Ukraine whilst gas connectivity is maintained. Nordstream also avoids going through Polish territory.
Its basically the Molotov-Ribbentrop pact all over again.