US declassifies and releases more intel to ‘expose Russia’s strategy’

The US has released the kernel of another intelligence assessment that describes the Kremlin’s global malign influence machine. Following the liberal tradition, it produces facts, allowing the public the make up its mind. This is in contrast to the authoritarian model that relies more on producing narrative. Democracies argue in facts. Authoritarians play with meanings. The voice in the podcast is from the State Department’s Ned Price given in a press conference. What little I know about the 36 star memo is here.

With ‘hunt forward’ ops, democracies strike back

Across the ever-expanding galaxy of the internet, it’s interesting how relationships grow and take shape according to their purpose.

In the way ransomware gangs can function as an extension of an authoritarian state, attacking economic targets of democracies at will, democratic cyber forces have found their way to leverage the network effect for defensive purposes: they’re called “hunt forward” operations.

(credit svgsilh cc)

Rather than wait around for infrastructure to be attacked, as has been the custom, US cyber forces partner with the cyber defence forces of friendly nations and look for trouble. You could claim it is akin to a search and destroy operation, but with some key differences. It’s search and destroy waged from the friendly ridges of allies. And, like everything online, it’s Janus-faced. Not only does it re-enforce the defensive muscle of allies like Lithuania, or that larger country much further to the south, Ukraine, but the spoils of the operation support the broader cause of cyber security.

As this cybercom release makes clear:

“…cyber operators sit side-by-side with the partner and hunt on the networks of the host nation’s choosing, looking for bad cyber activity and vulnerabilities. These insights are shared with the host nation and then brought back to share with public and private sector networks– bolstering homeland defense before those adversary tactics, techniques, and procedures may be used against the US.”

The information passes easily from cyber defender to partner cyber defender, then right back to the private sector who are in the position to take some of the most effective and lasting action.

US Cybercom commander General Paul Nakasone, who has been key to pushing this strategy, said hunt forward operations are “so powerful… because of the fact that we see our adversaries and we expose their tools”.

“If you’re an adversary, and you’ve just spent a lot of money on a tool, and you’re hoping to utilise it readily in a number of different intrusions, suddenly it’s outed and it’s now been signatured across a broad range of networks, and suddenly you’ve lost your ability to do that.”

Now that I’ve introduced the term, here is a link to the song ‘Search and Destroy’ by the Stooges.

‘Full-scale offensive against Ukraine’s government and critical infrastructure’

Some of the first evidence of the scale of the cyber conflict going on over Ukraine appears in this release from Microsoft. The key lines are:

“Before the Russian invasion, our teams began working around the clock to help organizations in Ukraine, including government agencies, defend against an onslaught of cyberwarfare that has escalated since the invasion began and has continued relentlessly.”

“Since then, we have observed nearly all of Russia’s nation-state actors engaged in the ongoing full-scale offensive against Ukraine’s government and critical infrastructure, and we continue to work closely with government and organizations of all kinds in Ukraine to help them defend against this onslaught. “

Full statement here:

https://blogs.microsoft.com/on-the-issues/2022/04/07/cyberattacks-ukraine-strontium-russia/