Jump to content

Recommended Posts

  • Replies 131
  • Created
  • Last Reply

Top Posters In This Topic

I would guess that the coding team developed a program which would take raw source code inputs and apply some sort of randomized "coding style" to both obfuscate the original coders and to throw off investigators. Which I've been told is a common thing; Russians making things look like NK and vice versa.

 

Link to post
Share on other sites
On 2/16/2021 at 6:23 PM, Ssnake said:

1,000 insiders...?

Yes, on US soils, like the command servers were.

On 2/16/2021 at 7:11 PM, Ivanhoe said:

I would guess that the coding team developed a program which would take raw source code inputs and apply some sort of randomized "coding style" to both obfuscate the original coders and to throw off investigators. Which I've been told is a common thing; Russians making things look like NK and vice versa.

 

Interesting, but this lead to a second question: is there genuine RU/NK/... style then?

Link to post
Share on other sites
1 hour ago, Adam Peter said:

Interesting, but this lead to a second question: is there genuine RU/NK/... style then?

At this point, I would not trust any claims of authorship, when the suspects in question are at a high skill level and organized.

Every programmer has a style, detectable to some extent via variable names, source code indentation, etc. So you can write a program to look at those traits* in prior programs and develop signatures. In the past, I have read assertions that reverse engineers can guess what the programmer's native language is. Of course, the bad guys know this and can write a program to pre-process their source code to make it look like it was coded by the PRK rather than Russia, China, Iran, whatever.

So, wilderness of mirrors.

* Rather like how Google, Youtube, FB, et al can tell its you looking at their stuff, by timing how long it takes to get rid of ad popups etc. Fingerprinting.

Link to post
Share on other sites
  • 2 weeks later...

https://www.cyberdefensemagazine.com/the-us-government/

Quote

 

Sullivan said the Biden administration is working to attribute the attack to a specific threat actor and properly respond to the offense.

...

Sullivan added that the response of the US government will be not limited to sanctions.

 

So we're going to be sending Jason Bourne to Moscow for some wet work. Awesome! 

 

 

Link to post
Share on other sites

I'd be more inclined to put money on a small team who sourced bits of code from open source repos for what they wanted to do...hence the thousands of developers....

Link to post
Share on other sites
  • 1 month later...
Quote

US expels Russian diplomats and issues sanctions over SolarWinds hacking attack

7h ago

The US has announced sanctions against Russian entities and expelled 10 Russian diplomats in response to a hacking attack and election interference.

The United States on Thursday announced the expulsion of 10 Russian diplomats and issued a broad array of sanctions targeting Russian individuals and entities for election interference, hacking efforts and other "malign" activities. 

The sanctions represent the first retaliatory action announced against the Kremlin for last year's hacking attack, which has been called the "SolarWinds" breach.

The measures include sanctions on six Russian companies that are alleged to have aided the country's cyber activities.

A further 32 individuals and entities are accused of attempting to interfere in last year's presidential election, including by spreading disinformation.

The White House said that the 10 diplomats being expelled include representatives of the Russian intelligence services.

What is Russia being accused of?

President Joe Biden's administration had previously said it would act to hold the Kremlin accountable for interference in last year's presidential election and the hacking of several federal agencies.

In the attack, Russian hackers are suspected of having infected software with malicious codes that gave them access to US government agency networks.

It is thought that they infiltrated at least nine agencies in an intelligence-gathering project to mine government secrets.

[...] 

In a show of solidarity with the US, Poland declared three Russian diplomats, employees of the Russian embassy in Warsaw, as personae non-gratae. In a tit-for-tat response, Russia said it would expel three Polish diplomats.

NATO voices support for measures

In a statement following the US announcement of sanctions, the NATO defense alliance issued a statement of support.

"NATO Allies support and stand in solidarity with the United States, following its 15 April announcement of actions to respond to Russia’s destabilizing activities," said the statement. "Allies are taking actions individually and collectively to enhance the alliance's collective security."

"Russia continues to demonstrate a sustained pattern of destabilizing behavior, including its violations of Ukraine’s and Georgia’s sovereignty and territorial integrity, and continued violation, non-implementation, and circumvention of numerous international obligations and commitments."

The European Union also expressed solidarity, saying the hacking had also compromised EU interests.

"The compromise affected governments and businesses worldwide, including in EU members," said EU foreign affairs chief Josep Borrell.

https://m.dw.com/en/us-expels-russian-diplomats-and-issues-sanctions-over-solarwinds-hacking-attack/a-57215141

Edited by BansheeOne
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...