Зростання відбувається на тлі зупинки подачі палива газопроводом «Ямал-Європа» та прогнозів про холодну зиму
…
ukrlines skype чат
популярні новини
In the months since President Joe Biden warned Russia’s Vladimir Putin that he needed to crack down on ransomware gangs in his country, there hasn’t been a massive attack like the one last May that resulted in gasoline shortages. But that’s small comfort to Ken Trzaska.
Trzaska is president of Lewis & Clark Community College, a small Illinois school that canceled classes for days after a ransomware attack last month that knocked critical computer systems offline.
“That first day,” Trzaska said, “I think all of us were probably up 20-plus hours, just moving through the process, trying to get our arms around what happened.”
Even if the United States isn’t currently enduring large-scale, front-page ransomware attacks on par with ones earlier this year that targeted the global meat supply or kept millions of Americans from filling their gas tanks, the problem hasn’t disappeared. In fact, the attack on Trzaska’s college was part of a barrage of lower-profile episodes that have upended the businesses, governments, schools and hospitals that were hit.
The college’s ordeal reflects the challenges the Biden administration faces in stamping out the threat — and its uneven progress in doing so since ransomware became an urgent national security problem last spring.
Smaller-scale attacks continue
U.S. officials have recaptured some ransom payments, cracked down on abuses of cryptocurrency, and made some arrests. Spy agencies have launched attacks against ransomware groups and the U.S. has pushed federal, state and local governments, as well as private industries, to boost protections.
Yet six months after Biden’s admonitions to Putin, it’s hard to tell whether hackers have eased up because of U.S. pressure. Smaller-scale attacks continue, with ransomware criminals continuing to operate from Russia with seeming impunity. Administration officials have given conflicting assessments about whether Russia’s behavior has changed since last summer. Further complicating matters, ransomware is no longer at the top of the U.S.-Russia agenda, with Washington focused on dissuading Putin from invading Ukraine.
The White House said it was determined to “fight all ransomware” through its various tools but that the government’s response depends on the severity of the attack.
“There are some that are law enforcement matters and others that are high impact, disruptive ransomware activity posing a direct national security threat that require other measures,” the White House statement said.
Ransomware attacks — in which hackers lock up victims’ data and demand exorbitant sums to return it — surfaced as a national security emergency for the administration after a May attack on Colonial Pipeline, which supplies nearly half the fuel consumed on the East Coast.
The attack prompted the company to halt operations, causing gas shortages for days, though it resumed service after paying more than $4 million in ransom. Soon after came an attack on meat processor JBS, which paid an $11 million ransom.
Biden met with Putin in June in Geneva, where he suggested critical infrastructure sectors should be “off limits” for ransomware and said the U.S. should know in six months to a year “whether we have a cybersecurity arrangement that begins to bring some order.”
He reiterated the message in July, days after a major attack on a software company, Kaseya, that affected hundreds of businesses, and said he expected Russia to take action on cybercriminals when the U.S. provides enough information to do so.
Since then, there have been some notable attacks from groups believed to be based in Russia, including against Sinclair Broadcast Group and the National Rifle Association, but none of the same consequence or impact of those from last spring or summer.
‘Whole-of government’ effort
One reason may be increased U.S. government scrutiny, or fear of it.
The Biden administration in September sanctioned a Russia-based virtual currency exchange that officials say helped ransomware gangs launder funds. Last month, the Justice Department unsealed charges against a suspected Ukrainian ransomware operator who was arrested in Poland and has recovered millions of dollars in ransom payments. Gen. Paul Nakasone, the head of U.S. Cyber Command, told The New York Times his agency has begun offensive operations against ransomware groups. The White House says that “whole-of-government” effort will continue.
“I think the ransomware folks, the ones conducting them, are stepping back like, ‘Hey, if we do that, that’s going to get the United States government coming after us offensively,'” Kevin Powers, security strategy adviser for cyber risk firm CyberSaint, said of attacks against critical infrastructure.
U.S. officials, meanwhile, have shared a small number of names of suspected ransomware operators with Russian officials, who have said they have started investigating, according to two people familiar with the matter who were not authorized to speak publicly.
It’s unclear what Russia will do with those names, though Kremlin spokesperson Dmitry Peskov insisted the countries have been having a useful dialogue and said “a working mechanism has been established and is actually functioning.”
It’s also hard to measure the impact of individual arrests on the overall threat. Even as the suspected ransomware hacker awaits extradition to the U.S. following his arrest in Poland, another who was indicted by federal prosecutors was later reported by a British tabloid to be living comfortably in Russia and driving luxury cars.
Some are skeptical about attributing any drop-off in high-profile attacks to U.S. efforts.
“It could have just been a fluke,” said Dmitri Alperovitch, former chief technology officer of the cybersecurity firm Crowdstrike. He said asking Russia to crack down on large-scale attacks won’t work because “it’s way too granular of a request to calibrate criminal activity they don’t even fully control.”
Top American officials have given conflicting answers about ransomware trends since Biden’s discussions with Putin. Some FBI and Justice Department officials say they’ve seen no change in Russian behavior. National Cyber Director Chris Inglis said there’s been a discernible decrease in attacks but that it was too soon to say why.
It’s hard to quantify the number of attacks given the lack of baseline information and uneven reporting from victims, though the absence of disruptive incidents is an important marker for a White House trying to focus its attention on the most significant national security risks and catastrophic breaches.
Victims of ransomware attacks in the past few months have included hospitals, small businesses, colleges like Howard University — which briefly took many of its systems offline after discovering a September attack — and Virginia’s Legislature.
Not if, but when
The attack at Lewis & Clark, in Godfrey, Illinois, was discovered two days before Thanksgiving when the school’s IT director detected suspicious activity and proactively took systems offline, said Trzaska, the president.
A ransom note from hackers demanded a payment, though Trzaska declined to reveal the sum or identify the culprits. Though many attacks come from hackers in Russia or Eastern Europe, some originate elsewhere.
With vital education systems affected, including email and the school’s online learning platform, administrators canceled classes for days after the Thanksgiving break and communicated updates to students via social media and through a public alert system.
The college, which had backups on the majority of its servers, resumed operations this month.
The ordeal was daunting enough to inspire Trzaska and another college president who he says endured a similar experience to plan a cybersecurity panel.
“The stock quote from everyone,” Trzaska said, “is, ‘Not if it’s going to happen, but when it’s going to happen.’”
…
China and Russia have begun collaborating on technology to rival the United States’ GPS and European Galileo satellite navigation systems, as the two countries pursue closer military and strategic ties.
Earlier this year, China agreed to host ground monitoring stations for Russia’s GLONASS positioning system on its soil, which improves global range and accuracy but can pose a security risk. In turn, Russia agreed to host ground stations for China’s BeiDou system.
The reciprocal agreement indicates a growing level of trust and cooperation between Moscow and Beijing, says analyst Alexander Gabuev, senior fellow and chair of the Russia in the Asia-Pacific Program at the Carnegie Moscow Center.
“Russia’s schism with the West and deepening confrontation and competition between China and the U.S. as two superpowers is definitely contributing to rapprochement between Moscow and Beijing. There is a natural economic complementarity where Russia has (an) abundance of natural resources, and China has capital and technology to develop those resources. And finally, both are authoritarian states, so they don’t have this allergy when talking domestic political setup, or the poisoning of (Russian opposition leader) Alexi Navalny, or issues like Hong Kong or human rights in Xinjiang,” Gabuev told VOA.
It will take some time for the collaboration on satellite navigation systems to be felt on the ground.
“So far, we have yet to see important results, because in Russia, Russia still relies increasingly on GLONASS but also on GPS. We don’t have major BeiDou-linked projects,” Gabuev added.
Satellites
Satellites are seen as a crucial component of 21st century military power. Last month, Russia tested a missile against one of its own satellites. The U.S. said the resulting debris threatened astronauts on the International Space Station.
“What’s most troubling about that is the danger that it creates for the international community. It undermines strategic stability,” U.S. Secretary of Defense Lloyd Austin told reporters Nov. 17.
Russia, China and the U.S. are among several nations developing hypersonic missiles, which travel through the upper atmosphere at up to five times the speed of sound.
Space treaty
Russian Foreign Minister Sergei Lavrov said the U.S. had failed to engage on a joint Russian-Chinese space treaty.
“They have ignored for many years the initiative of Russia and China to prepare a treaty to prevent an arms race in space. They simply ignore it, insisting instead on developing some sort of universal rules,” Lavrov said.
In an interview June 11 with U.S. broadcaster NBC, Russian President Vladimir Putin said cooperation with Beijing was deepening.
“We have been working and will continue to work with China, which applies to all kinds of programs, including exploring deep space. And I think there is nothing but positive information here. Frankly, I don’t see any contradictions here,” Putin said.
There are limits to Russian and Chinese cooperation, Gabuev said.
“Both Russia and China are religious about their strategic autonomy. There is deep-seated nationalism, there is some level of mistrust and some level of competition in many of those areas where there is seeming complementarity, like space programs. I think that these advances in military technology is happening mostly in parallel, but not jointly.”
India
Gabuev notes that Russia has worked more closely with India than China, including on the development of the joint BrahMos cruise missile system since the 1990s.
“Russia felt secure enough to develop BrahMos missiles together with Indian colleagues. So, this military cooperation between Russia and China is deepening, it’s definitely causing a significant challenge to the West, particularly because it helps the PLA (China’s People’s Liberation Army) to become a really 21st century fighting power and a global military power. But at the same time, we don’t see the depth that exists between, for example, the U.S. and America’s allies,” Gabuev said.
India has also purchased Russia’s S-400 missile defense system, an attempt to counter China’s military might that also risks angering Delhi’s ally, the United States, and an indication of the complexity of strategic relations in a changing world order.
Read More