Nobody claims APT / cybercrime activities in Ukraine are non-existent. In fact, we organized a 1h+ webinar just to list them. https://kas.pr/4f34 What we're saying is that in the grand scheme of things, they don't matter too much. 2/10
-
-
Show this thread
-
It turns out that when mortar shells are falling, wiper attack (no matter how numerous) just don't register. And they shouldn't. We (me included) expected the infamous cyber Pearl Harbor; it just didn't happen. 3/10
Show this thread -
KA-SAT is a very significant cyber-event. What was the operational impact though? "Sat-phone down? Oh well, let's use 4G I guess." Currently, the actual effectiveness remains to be demonstrated. 4/10
Show this thread -
If anything, the vast majority of attacks we have observed appear to be wildly uncoordinated and of dubious tactical value. Anyone claiming otherwise is scrambling to defend their 2023 budget in he face of perceived uselessness. 5/10
Show this thread -
The article is at its worst when it ponders on and warns of possible capabilities that weren't used. We KNOW what they are! We've looked at NotPetya, BlackEnergy years ago! No speculation required. 6/10
Show this thread -
The current cyberattacks were not "methodically prepared" (exception: HermeticWiper, KA-SAT). They were rushed and bear all the hallmarks of last-minute running around. Here is my opinion on why this is the case. 7/10
Show this thread -
1) Plans were drawn for a blitzkrieg with close to no resistance. Further destabilization via cyber means was superfluous. 2) These plans were kept secret until the last minute, which prevented effective planning of cyber-ops. 8/10
Show this thread -
3) Now that we're entering a different phase of the conflict, cyberattacks will become relevant again. The various groups involved have had time to organize. I also expect retaliation against the West through cyber means. It will get worse before it gets better. 9/10
Show this thread -
If you're looking at the conflict and see "successful" and "unprecedented" cyber-operations, you should probably go back to writing PPTs where you confuse ports scans for millions of attacks per second. 10/10
Show this thread
End of conversation
New conversation -
-
-
Agreed, they had no statistics on impact, downtime, references to DFIR reports (which most likely won't be forthcoming). How is anyone concluding that this was a successful campaign without impact statements, and when it was all so disorganized?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.