Guerra cibernética na Ucrânia

cyberattackEnquanto no Brasil se comemora o resultado do desfile das escolas de samba do grupo especial (hein?), na Ucrânia a situação está cada vez mais russa… Segue artigo muito interessante, enviado por um caríssimo amigo lá do Timor Leste, que trata de ataques cibernéticos contra aquele país.

Lembro que a guerra neste novo século pode-se dar em diferentes cenários, com as armas mais distintas. E um campo absurdamente sensível é o cibernético. Daí a importância de estarmos preparados… Daí meu pleito por investimento maciço em segurança e defesa cibernética. Os danos de um ataque no mundo virtual podem ser tão ou mais nefastos que um ataque com mísseis ou com a infantaria contra um território. Ah sim, atentem na reportagem para o comentário sutil sobre a origem do ataque.

Em tempo, sempre convém lembrar que, por ocasião da guerra entre a Rússia e a Geórgia, em agosto de 2008, antes que a primeira bota russa estivesse em solo georgiano, os sistemas deste país já haviam colapsado sob ataque cibernético. Mas, por aqui, o que importa é quem venceu o desfile do grupo especial…

Finantial Times – March 7, 2014 7:25 pm

Cyber Snake plagues Ukraine networks

By Sam Jones, Defence and Security Editor
A magnifying glass is held in front of a computer screen©Reuters

An aggressive cyber weapon called Snake has infected dozens of Ukrainian computer networks including government systems in one of the most sophisticated attacks of recent years.

Also known as Ouroboros, after the serpent of Greek mythology that swallowed its own tail, experts say it is comparable in its complexity with Stuxnet, the malware that was found to have disrupted Iran’s uranium enrichment programme in 2010.

 The cyber weapon has been deployed most aggressively since the start of last year ahead of protests that climaxed two weeks ago with the overthrow of Viktor Yanukovich’s government.

Ouroboros gives its operators unfettered access to networks for surveillance purposes. But it can also act as a highly advanced “digital beachhead” that could destroy computer networks with wide-ranging repercussions for the public.

Cyber warfare experts have long warned that digital weapons could shut off civilian power or water supplies, cripple banks or even blow up industrial sites that depend on computer-controlled safety programmes.

The origins of Ouroboros remain unclear, but its programmers appear to have developed it in a GMT+4 timezone – which encompasses Moscow – according to clues left in the code, parts of which also contain fragments of Russian text. It is believed to be an upgrade of the Agent.BTZ attack that penetrated US military systems in 2008.

The malware has infected networks run by the Kiev government and systemically important organisations. Lithuanian systems have also been disproportionately hit by it.

Ouroboros has been in development for nearly a decade and is too sophisticated to have been programmed by an individual or a non-state organisation, according to the applied intelligence unit at BAE Systems, which was the first to identify and analyse the malware.

The Financial Times has corroborated the existence of Snake with security and military analysts.

BAE has identified 56 apparent infections by Snake globally since 2010, almost all in the past 14 months. Ukraine is the primary target, with 32 recorded instances, 22 of which have occurred since January 2013.

“Ukraine is top of the list [of infections] and increasing,” said Dave Garfield, managing director for cyber security at BAE, who added that the instances were almost certainly “the tip of the iceberg”.

“Whoever made it really is a very professional outfit,” Mr Garfield added. “It has a very high level of sophistication. It is a complex architecture with 50 sub-modules designed to give it extreme flexibility and the ability to evolve. It has neat and novel technical features.”

“You never get beyond reasonable doubt levels of proof in this area but if you look at it in probabilistic terms – who benefits and who has the resources – then the list of suspects boils down to one,” said Nigel Inkster, until 2006 director of operations and intelligence for MI6 and now director of transnational threats at the think tank IISS.

“Until recently the Russians have kept a low profile, but there’s no doubt in my mind that they can do the full scope of cyber attacks, from denial of service to the very, very sophisticated.”