US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Mainstream media has been full of stories about how the U.S. cleverly anticipated the Russian invasion of Ukraine and skilfully helped the country shore up its defences against Russian hacking. But scratch the surface and there’s not much of a There there.

What looks like a coordinated PR campaign relies on “people familiar with the operation” and other background sources, which is often a red flag. And the ugly implication is that Ukraine’s some sort of second-rate tech backwater, unable to defend itself from a modern adversary. But nothing could be further from the truth—it’s the first casualty of war, don’cha’know?

As ever, reality lies somewhere in the middle. In today’s SB Blogwatch, we put your mind at ease.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Truth in advertising.

Unhelpful and Myopic

What’s the craic, pretty please? Mehul Srivastava, Madhumita Murgia and Hannah Murphy report—“The secret US mission to bolster Ukraine’s cyber defences ahead of Russia’s invasion”:

Russia has held back its elite corps
Months before the Russian invasion, a team of Americans fanned out across Ukraine … in preparation of impending war. People familiar with the operation described an urgency in the hunt for hidden malware, the kind which Russia could have planted, then left dormant.

In the Ukrainian Railways, the team of American soldiers and civilians found and cleaned up one particularly pernicious type of malware. … If the malware had remained undiscovered and was triggered, “it could have been catastrophic,” said a Ukrainian official familiar with the issue.

So far, experts who have watched the Russian cyber assaults have been confused at their lack of success, as well as the lower tempo, intensity and sophistication. … One European official … said the reason was that, so far, Russia has held back its elite corps in the cyber arena, much as it has on the battlefield.

O RLY? Karl Paul put our minds at ease—“Cyberwar between Ukraine and Russia hasn’t happened (yet)”:

False narratives
Fears of cyber warfare are stoked by a long history of international attacks coordinated out of Russia. The country was behind a large-scale attack on Ukraine’s power grid in 2015 in coordination with its annexation of Crimea. In 2017, Moscow unleashed on to Ukraine the data-wiping NotPetya virus, [which] ultimately spread globally.

Coinciding with its invasion of Ukraine, Russia unleashed a number of smaller hacks. [But] no international power yet wants to be the one to cast the first stone in a cyber third world war.

Russia also seems to be investing more resources in coordinated disinformation campaigns than overt hacking operations. … Disinformation experts have reported Russia is leading a coordinated campaign to push false narratives around the invasion of Ukraine, including doctored videos.

And Steven J. Vaughan-Nichols seems a little stressed out—“Where are the (serious) Russian cyberattacks?”:

Russia isn't just fighting Ukraine
I’m heartsick over Russia’s invasion of Ukraine. But, before it began, I’d been really worried about Russian cyberattacks, which would overrun Ukraine. … I was wrong. So far, anyway.

Why is Ukraine’s electrical system still up and running – except for damaged nuclear reactors? … It’s clear that Putin thought he’d easily overrun Ukraine. He was wrong. Russia is still winning the war, but it’s costing more in time, blood, and economic damage than its leaders ever dreamed.

Both Ukraine and its allies already knew what was coming and had built up sturdy cyberdefenses. Ukraine’s friends aren’t just governments. Its comrades in this fight also include top technology companies. … Russia isn’t just fighting Ukraine, it’s fighting … hacker groups like Anonymous too.

Was SJVN right to be worried? Statistical suspects sources lied a little:

Keystone Cops
Or it could be Russian “elite” hackers aren’t really all that great. … Exploits have a limited shelf life. You find one, you use it, people develop fixes and eventually it is worthless.

Right now Ukraine is under such a microscope any exploits will be noticed quickly and patched not just in the Ukraine but globally. Exploits will have a much shorter effective shelf life than usual. … Maybe the kind of thing real cyber special forces would go after not such much a bunch of hackers mostly used to attacking weak targets.

Watching the vaulted Russian armor half ass their way across Ukraine, Keystone Cops style, has been shocking. … Entirely possible the same is true of their “cyber forces.”

SRSLY? This Anonymous Coward wasn’t gonna change:

The way history views the Nazis
Russian hackers, to be effective, have to operate outside of the Kremlin’s walled prison garden, which means they can see what is going on and the world’s reaction to it. Maybe they realize history will view Russian hackers retaliating against the civilized world supporting Ukraine sovereignty the way history views the Nazis.

And the Russian people might view them that way as well, when the truth eventually diffuses in.

Still, I bet Ukraine is glad of the U.S. help? Ummm, about that. Dmitri Alperovitch feels a different kinda tension:

There are no shortcuts in cyber
Stories like that—implying a few months of a small contingent of US personnel working to secure Ukrainian networks have magically stopped Russian cyber attacks—are really unhelpful.

It is not the reason why there were no significant Russian cyber attacks on Ukrainian networks. … What explains it is the most obvious and clear explanation: like with many things in this war, Russia chose not to employ this capability.

To imply otherwise is to create a false perception of a capability that doesn’t exist. … If such magic capability existed, wouldn’t you think we would use it? … There are no shortcuts in cyber.

Are you sure about that? plw’s mind is running wild:

Open communication channels
There is this persisting narrative that the Russians are holding significant sophisticated assets in reserve. I’ve yet to see a conclusive analysis that actually supports that hypothesis.

What we have seen is Russia searching for mercenaries in places like Syria, using literal dump trucks to transport troops, and using unsecured open communication channels. … Has western intelligence significantly overestimated Russian capabilities?

At least we can look for the silver lining. OldLadyJosie finds sweet relief:

I genuinely love learning about the non-violent ways this nonsense is being stymied. My personal favorite so far was the group of Russian soldiers who got stuck in the elevator because the Ukrainians simply cut the power.

It had big Looney Tunes energy, which I’m absolutely here for because I’m so tired of pointless death.

But that went out the window. @liv29 returns to the original story, and whether it’s helpful:

It’s more than unhelpful—it’s dangerous, myopic arrogance.

And Finally:

Cutscenes, 20 years ago

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Image sauce: Aleksandr Eremin (via Unsplash; leveled and cropped)

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 596 posts and counting.See all posts by richi