russia – Page 3

Russia has a plan to “restore” its dominant position in the global launch market

amur, russia, Science, Space / Paul Patrick / April 1, 2024

Enlarge / Russian President Vladimir Putin (L) and Roscosmos Space Corporation Chief Yuri Borisov peruse an exhibit while visiting the Korolev Rocket and Space Corporation Energia, October 26, 2023, in Korolev, Russia.

Contributor/Getty Images

It has been a terrible decade for the Russian launch industry, which once led the world. The country’s long-running workhorse, the Proton rocket, ran into reliability issues and will soon be retired. Russia’s next-generation rocket, Angara, is fully expendable and still flying dummy payloads on test flights a decade after its debut. And the ever-reliable Soyuz vehicle lost access to lucrative Western markets after the Russian invasion of Ukraine.

Yet there has been a more fundamental, underlying disease pushing the once-vaunted Russian launch industry toward irrelevance. The country has largely relied on decades-old technology in a time of serious innovation within the launch industry. So what worked at the turn of the century to attract the launches of commercial satellites no longer does against the rising tide of competition from SpaceX, as well as other players in India and China.

Through the first quarter of this year, Russia has launched a total of five rockets, all variants of the Soyuz vehicle. SpaceX alone has launched 32 rockets. China, too, has launched nearly three times as many boosters as Russia.

However, Russia has a plan to reclaim the dominance it once held in the global launch industry. In a recent interview published on the Roscosmos website (a non-geo-blocked version is available here) the chief of the Russian space corporation, Yuri Borisov, outlined the strategy by which the country will do so.

The first step, Borisov said, is to develop a partially reusable replacement for the Soyuz rocket, called Amur-CNG. The country’s spaceflight enterprise is also working on “ultralight” boosters that will incorporate an element of reusability.

“I hope that by the 2028–2029 timeframe we will have a completely new fleet of space vehicles and will be able to restore our position in the global launch services market,” Borisov said in the interview, which was translated for Ars by Rob Mitchell.

A miracle, Amur

Russia has previously discussed plans to develop the Amur rocket (the CNG refers to the propellant, liquified methane). The multi-engine vehicle looks somewhat similar to SpaceX’s Falcon 9 rocket in that preliminary designs incorporated landing legs and grid fins to enable a powered first-stage landing.

The country’s space industry first unveiled its Amur plans back in 2020, when officials said they were targeting a low price of just $22 million for a launch on Amur, which would be capable of delivering 10.5 tons to low-Earth orbit. Essentially, then, it would offer about half the carrying capacity of a Falcon 9 rocket for one-third of the price.

At the time, Roscosmos officials were targeting a 2026 debut for Amur. Had they been able to deliver such a capability, it would undoubtedly be an attractively priced offering. Alas, the year 2026 appears to be off the table now. Through his comments, Borisov indicated that Amur will not be ready before 2028 or 2029.

Since there has been almost a year-for-year slippage in that date since Amur’s announcement in 2020, it seems likely that even this target late in the decade is unrealistic.

Russia has a plan to “restore” its dominant position in the global launch market Read More »

Largely cut off from Western games, Russia looks into a homegrown game console

gaming, russia, video games / Rejus Almole / March 30, 2024

The new digital iron curtain —

How hard could it be?

Kyle Orland – Mar 29, 2024 4: 08 pm UTC

Enlarge / A Cold War-era arcade cabinet that serves as an example of what happened the last time Russia was forced to create a home-grown video game market.

It’s been over two years since major players in the international game industry united to largely cut off the Russian market in response to a request from a beleaguered Ukraine. The relative isolation has apparently forced Vladimir Putin’s government to contemplate the kind of homegrown gaming hardware and software that characterized Cold War gaming behind the Iron Curtain.

PC Gamer brings word of a series of recently approved Russian economic orders from the Kremlin. Amid talk of airport and museum funding, ocean shipping, and road construction is the somewhat bewildering instruction for the government to (machine translation):

consider the issue of organizing the production of stationary and portable game consoles and game consoles, as well as the creation of an operating system and a cloud system for delivering games and programs to users

Oh, is that all?

A massive undertaking

Gaming technology isn’t a completely new area of focus for the Russian government. In 2022, the Ministry of Digital Development reportedly started discussing the possibility of creating a homegrown domestic Russian game engine. But building an entire gaming platform from scratch would be an even bigger undertaking.

To be fair, building your own game console today is a bit easier than it would have been in a different era. Open source platforms like Android can provide a good starting point for a bespoke gaming operating system (it worked for Ouya, kind of), while off-the-shelf, system-on-a-chip solutions can save a lot of the hardware engineering work needed to develop a new console.

But even if those issues get “solved,” the Russian government would still have to build the other scaffolding that supports a robust gaming platform. Crafting features like payment processing, game downloads, online play, moderation, quality control, and more is not a simple undertaking, even for major conglomerates like Microsoft or Valve. And that’s before you get into attracting the developers that would need to create the actual games for this new platform.

Building a bare-bones Steam Deck competitor isn't nearly as hard as building out the platform that supports that hardware. — Enlarge / Building a bare-bones Steam Deck competitor isn’t nearly as hard as building out the platform that supports that hardware.

Valve

Speaking to Russian-language newspaper Kommersant, Anton Fomin, the head of retail projects for mobile phone company Fplus, said, “In Russia, no one has the expertise that would allow them to produce their own PlayStation or Xbox-level console” (according to a machine translation). An unnamed expert source also told Kommersant that creating a full system would take Russia 5 to 10 years and 5 to 10 billion rubles ($54 to $108 million) just to get a gaming platform that would “lag behind already existing foreign solutions in terms of parameters by 10 to 15 years.”

The fact that Russia is even contemplating this kind of move might reflect the wider state of the country’s gaming sector. A 2023 survey found a significant majority of Russian gamers resorting to piracy for their gaming fix as legitimate access to foreign games dwindled. Russian job listing data from last year also suggests that Russia’s domestic game development has withered by up to 40 percent since the start of the Ukraine war.

But this isn’t the first time Russia has been forced to bootstrap its own homegrown gaming industry. In the waning days of the Cold War, Soviet engineers cut off from the Western gaming market created a variety of odd knock-off arcade machines and hundreds of amateur computer games, including many with surprisingly activist themes. If that era of Russian gaming could create something like Tetris, maybe the idea of a new Russian gaming platform isn’t completely ridiculous.

The Russian government has until June 15 to make its recommendations about the feasibility of any domestic game console creation plans.

Largely cut off from Western games, Russia looks into a homegrown game console Read More »

Never-before-seen data wiper may have been used by Russia against Ukraine

Biz & IT, data wipers, russia, Security, Ukraine / Rejus Almole / March 23, 2024

KREMLIN FINGERPRINTS —

AcidRain, discovered in 2022, is tied to AcidPour. Both are attributed to Russia.

Dan Goodin – Mar 22, 2024 12: 37 am UTC

Researchers have unearthed never-before-seen wiper malware tied to the Kremlin and an operation two years ago that took out more than 10,000 satellite modems located mainly in Ukraine on the eve of Russia’s invasion of its neighboring country.

AcidPour, as researchers from security firm Sentinel One have named the new malware, has stark similarities to AcidRain, a wiper discovered in March 2022 that Viasat has confirmed was used in the attack on its modems earlier that month. Wipers are malicious applications designed to destroy stored data or render devices inoperable. Viasat said AcidRain was installed on more than 10,000 Eutelsat KA-SAT modems used by the broadband provider seven days prior to the March 2022 discovery of the wiper. AcidRain was installed on the devices after attackers gained access to the company’s private network.

Sentinel One, which also discovered AcidRain, said at the time that the earlier wiper had enough technical overlaps with malware the US government attributed to the Russian government in 2018 to make it likely that AcidRain and the 2018 malware, known as VPNFilter, were closely linked to the same team of developers. In turn, Sentinel One’s report Thursday noting the similarities between AcidRain and AcidPour provides evidence that AcidPour was also created by developers working on behalf of the Kremlin.

Technical similarities include:

Use of the same reboot mechanism
The exact logic of recursive directory wiping
The same IOCTL-based wiping mechanism.

AcidPour also shares programming similarities with another piece of malware attributed to Sandworm: CaddyWiper, which was used against various targets in Ukraine.

“AcidPour is programmed in C without relying on statically compiled libraries or imports,” Thursday’s report noted. “Most functionality is implemented via direct syscalls, many called through the use of inline assembly and opcodes.” Developers of CaddyWiper used the same approach.

Bolstering the theory that AcidPour was created by the same Russian threat group behind previous attacks on Ukraine, a representative with Ukraine’s State Service of Special Communications and Information Protection told Cyberscoop that AcidPour was linked to UAC-0165, a splinter group associated with Sandworm (a much larger threat group run by Russia’s military intelligence unit, GRU). Representatives with the State Service of Special Communications and Information Protection of Ukraine didn’t immediately answer an email seeking comment for this post.

Sandworm has a long history of targeting Ukrainian critical infrastructure. Ukrainian officials said last September that UAC-0165 regularly props up fake hacktivist personas to take credit for attacks the group carries out.

Sentinel One researchers Juan Andrés Guerrero-Saade and Tom Hegel went on to speculate that AcidPour was used to disrupt multiple Ukrainian telecommunications networks, which have been down since March 13, three days before the researchers discovered the new wiper. They point to statements a persona known as SolntsepekZ made on Telegram that took responsibility for hacks that took out Triangulum, a consortium providing telephone and Internet services under the Triacom brand, and Misto TV.

A message a persona known as SolntsepekZ posted to Telegram.

Sentinel One

The weeklong outage has been confirmed anecdotally and by Network intelligence firm Kentik and content delivery network Cloudflare, with the latter indicating the sites remained inoperable at the time this post went live on Ars. As of Thursday afternoon California time, Misto-TV’s website displayed the following network outage notice:

Outage notice displayed on Misto-TV's website. — Enlarge / Outage notice displayed on Misto-TV’s website.

“At this time, we cannot confirm that AcidPour was used to disrupt these ISPs,” Guerrero-Saade and Hegel wrote in Thursday’s post. “The longevity of the disruption suggests a more complex attack than a simple DDoS or nuisance disruption. AcidPour, uploaded 3 days after this disruption started, would fit the bill for the requisite toolkit. If that’s the case, it could serve as another link between this hacktivist persona and specific GRU operations.”

The researchers added:

“The transition from AcidRain to AcidPour, with its expanded capabilities, underscores the strategic intent to inflict significant operational impact. This progression reveals not only a refinement in the technical capabilities of these threat actors but also their calculated approach to select targets that maximize follow-on effects, disrupting critical infrastructure and communications.”

Never-before-seen data wiper may have been used by Russia against Ukraine Read More »

Russia’s next-generation rocket is a decade old and still flying dummy payloads

angara, angara a5, launch, russia, Science, Space, vostochny / Kris Guyer / March 7, 2024

A winding road —

Russia’s heavy-lift Angara A5 rocket is about to launch on its fourth test flight.

Stephen Clark – Mar 7, 2024 1: 33 am UTC

Technicians assemble an Angara A5 rocket at the Vostochny Cosmodrome in Russia's Far East. — Enlarge / Technicians assemble an Angara A5 rocket at the Vostochny Cosmodrome in Russia’s Far East.

Roscosmos

By some measures, Russia’s next-generation flagship rocket program—the Angara—is now three decades old. The Russian government approved the development of the Angara rocket in 1992, soon after the fall of the Soviet Union ushered in a prolonged economic recession.

It has been nearly 10 years since Russia launched the first Angara test flights. The heaviest version of the Angara rocket family—the Angara A5—is about to make its fourth flight, and like the three launches before, this mission won’t carry a real satellite.

This next launch will be a milestone for the beleaguered Angara rocket program because it will be the first Angara flight from the Vostochny Cosmodrome, Russia’s newest launch site in the country’s far east. The previous Angara launches were based out of the military-run Plesetsk Cosmodrome in northern Russia.

All dressed up and nowhere to go

On Wednesday, Russia’s space agency, Roscosmos, said technicians at Vostochny have fueled the Angara A5’s Orion upper stage and will soon install it on the rest of the rocket. The Angara A5 will roll to its launch pad a few days before liftoff, currently scheduled for next month.

The Angara A5 rocket is supposed to replace Russia’s Proton launch vehicle, which uses toxic propellant and only launches from the Baikonur Cosmodrome in Kazakhstan. Angara’s launch pads are on Russian territory. Until a few years ago, the Proton was a competitor in the global commercial launch market, but the rocket lost its position due to reliability problems, competitive pressure from SpaceX, and the fallout of Russia’s invasion of Ukraine.

Russian officials once touted Angara as a successor to Proton on the commercial market. Now, Angara will solely serve the Russian government, but it’s doubtful the government has enough demand to fill the Angara A5’s heavy launch capacity on a regular basis. According to RussianSpaceWeb.com, a website run by veteran Russian space reporter Anatoly Zak, the Russian government didn’t have any functional satellites ready to fly on the upcoming Angara A5 launch from Vostochny.

Eventually, the Angara A5 could take over the launch responsibility of the handful of large satellites that require the capacity of the Proton rocket. But this is a small number of flights. The Proton has launched three times in the last two years, and there are roughly a dozen Proton launch vehicles remaining in Russia’s inventory.

Russia plans a next-generation crew spacecraft, Orel, that officials claim will begin launching on the Angara A5 rocket in 2028. There’s no evidence Orel could be ready for test flights within four years. So, while the Angara rocket is finally flying, albeit at an anemic rate, there aren’t many payloads for Russia to put on it.

North Korean leader Kim Jong Un and Russian President Vladimir Putin visited the Angara rocket's launch pad at the Vostochny Cosmodrome last year. — Enlarge / North Korean leader Kim Jong Un and Russian President Vladimir Putin visited the Angara rocket’s launch pad at the Vostochny Cosmodrome last year.

Russia’s economic woes might explain some of the delays that have befallen the Angara program since 1992, but Russia’s space program has long suffered from chronic underfunding, mismanagement, and corruption. Angara is the only rocket Russia has developed from scratch since the 1980s, and the Russian government selected Khrunichev, one of the country’s oldest space companies, to oversee the Angara program.

Finally, in 2014, Russia launched the first two Angara test flights, one with a single-booster lightweight version of the rocket, called the Angara 1.2, and another with the heavy-lift Angara A5, made up of five Angara rocket cores combined into one rocket.

The Angara A5 can place up to 24.5 metric tons (about 54,000 pounds) into low-Earth orbit, according to Khrunichev. The expendable rocket has enough power to launch modules for a space station or deploy the Russian military’s largest spy satellites, but in 2020, each Angara A5 reportedly cost more than $100 million, significantly more than the Proton.

The smaller Angara 1.2 has flown twice since 2014, but both missions delivered functional satellites into orbit for the Russian military. The much larger Angara A5 has launched three times, all with dummy payloads. The most recent Angara A5 launch in 2021 failed due to a problem with the rocket’s Persei upper stage. The Orion upper stage set to fly on the next Angara A5 mission is a modified version of the Persei, which is itself modeled on the Block-DM upper stage, a design with its roots in the 1960s.

Essentially, the Angara A5 flight will allow engineers to test out changes to the upper stage and allow Russia to activate a second launch pad at Vostochny, which itself has been mired in corruption and delays. Medium-lift Soyuz rockets have been flying from Vostochny since 2016.

Russia’s next-generation rocket is a decade old and still flying dummy payloads Read More »

DOJ quietly removed Russian malware from routers in US homes and businesses

Biz & IT, china, DDoS, department of justice, DoJ, Fancy Bear, fbi, routers, russia, Security, ubiquiti / Kris Guyer / February 18, 2024

Fancy Bear —

Feds once again fix up compromised retail routers under court order.

Kevin Purdy – Feb 16, 2024 4: 37 pm UTC

Ethernet cable plugged into a router LAN port — Getty Images

More than 1,000 Ubiquiti routers in homes and small businesses were infected with malware used by Russian-backed agents to coordinate them into a botnet for crime and spy operations, according to the Justice Department.

That malware, which worked as a botnet for the Russian hacking group Fancy Bear, was removed in January 2024 under a secret court order as part of “Operation Dying Ember,” according to the FBI’s director. It affected routers running Ubiquiti’s EdgeOS, but only those that had not changed their default administrative password. Access to the routers allowed the hacking group to “conceal and otherwise enable a variety of crimes,” the DOJ claims, including spearphishing and credential harvesting in the US and abroad.

Unlike previous attacks by Fancy Bear—that the DOJ ties to GRU Military Unit 26165, which is also known as APT 28, Sofacy Group, and Sednit, among other monikers—the Ubiquiti intrusion relied on a known malware, Moobot. Once infected by “Non-GRU cybercriminals,” GRU agents installed “bespoke scripts and files” to connect and repurpose the devices, according to the DOJ.

The DOJ also used the Moobot malware to copy and delete the botnet files and data, according to the DOJ, and then changed the routers’ firewall rules to block remote management access. During the court-sanctioned intrusion, the DOJ “enabled temporary collection of non-content routing information” that would “expose GRU attempts to thwart the operation.” This did not “impact the routers’ normal functionality or collect legitimate user content information,” the DOJ claims.

“For the second time in two months, we’ve disrupted state-sponsored hackers from launching cyber-attacks behind the cover of compromised US routers,” said Deputy Attorney General Lisa Monaco in a press release.

The DOJ states it will notify affected customers to ask them to perform a factory reset, install the latest firmware, and change their default administrative password.

Christopher A. Wray, director of the FBI, expanded on the Fancy Bear operation and international hacking threats generally at the ongoing Munich Security Conference. Russia has recently targeted underwater cables and industrial control systems worldwide, Wray said, according to a New York Times report. And since its invasion of Ukraine, Russia has focused on the US energy sector, Wray said.

The past year has been an active time for attacks on routers and other network infrastructure. TP-Link routers were found infected in May 2023 with malware from a reportedly Chinese-backed group. In September, modified firmware in Cisco routers was discovered as part of a Chinese-backed intrusion into multinational companies, according to US and Japanese authorities. Malware said by the DOJ to be tied to the Chinese government was removed from SOHO routers by the FBI last month in similar fashion to the most recently revealed operation, targeting Cisco and Netgear devices that had mostly reached their end of life and were no longer receiving security patches.

In each case, the routers provided a highly valuable service to the groups; that service was secondary to whatever primary aims later attacks might have. By nesting inside the routers, hackers could send commands from their overseas locations but have the traffic appear to be coming from a far more safe-looking location inside the target country or even inside a company.

Similar inside-the-house access has been sought by international attackers through VPN products, as in the three different Ivanti vulnerabilities discovered recently.

DOJ quietly removed Russian malware from routers in US homes and businesses Read More »

Rocket Report: Falcon 9 flies for 300th time; an intriguing launch from Russia

ariane 6, Commercial space, launch, missile defense, rocket report, russia, Science, Space, spacex, starship / Kris Guyer / February 18, 2024

Co-planar —

Starship is fully stacked in South Texas for the rocket’s third test flight.

Stephen Clark – Feb 16, 2024 12: 00 pm UTC

The upper stage for the first Ariane 6 flight vehicle is seen inside its factory in Bremen, Germany. The upper stage's hydrogen-fueled Vinci engine is visible in this image. — Enlarge / The upper stage for the first Ariane 6 flight vehicle is seen inside its factory in Bremen, Germany. The upper stage’s hydrogen-fueled Vinci engine is visible in this image.

Welcome to Edition 6.31 of the Rocket Report! Photographers at Cape Canaveral, Florida, noticed a change to the spaceport’s skyline this week. Blue Origin has erected a full-size simulator of its New Glenn rocket vertically on its launch pad for a series of fit checks and tests. Late last year, we reported Blue Origin was serious about getting the oft-delayed New Glenn rocket off the ground by the end of 2024. This is a good sign of progress toward that goal, but there’s a long, long way to go. It was fun to watch preparations for the inaugural flights of a few other heavy-lift rockets in the last couple of years (Starship, SLS, and Vulcan). This year, it’s New Glenn.

As always, we welcome reader submissions, and if you don’t want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets, as well as a quick look ahead at the next three launches on the calendar.

Russia launches a classified satellite. On February 9, Russia launched its first orbital mission of the year with the liftoff of a Soyuz-2-1v rocket from the Plesetsk Cosmodrome in the far north of the country. The two-stage rocket delivered a classified satellite into orbit for the Russian military, Anatoly Zak of RussianSpaceWeb.com reports. In keeping with the Russian military’s naming convention, the satellite is known simply as Kosmos 2575, and there’s little indication about what it will do in space, except for one key fact.

But wait, there’s more … It turns out the launch of Kosmos 2575 occurred at exactly the same time of day as another Soyuz-2-1v rocket launched on December 27 with a Russian military satellite named Kosmos 2574. The newer spacecraft launched into the same orbital plane as Kosmos 2574, a strong indication that the two satellites have a shared mission. In recent years, Russia has tested rendezvous, proximity operations, and, at least in one instance, a projectile that would have applications for an anti-satellite weapon. You can be sure the US military and a global community of hobbyist satellite trackers will watch closely to see if these two satellites approach one another. If they do, they could continue technology demonstrations for an anti-satellite system. It’s unclear if the recent revelations regarding US officials’ concerns about Russian anti-satellite capabilities are related to these recent launches.

European startup testing methane-fueled rocket engine. Space transportation startup The Exploration Company has continued testing its methane-fueled Huracán engine, which will power an in-space and lunar transportation vehicle under development, European Spaceflight reports. Most recently, the Huracán engine completed another round of thrust chamber testing using liquid methane fuel as a coolant and tested a new thermal barrier coating. The methane/liquid oxygen engine is undergoing testing at a facility in Lampoldshausen, Germany, ahead of use on The Exploration Company’s Nyx Moon spacecraft, a transfer vehicle designed for transportation to and from cislunar space and also capable of Moon landings. The Nyx Moon is an evolution of a transfer vehicle the European startup is developing to ferry satellites between different orbits around Earth.

Other uses for Huracán… The Exploration Company appears to be positioning itself not only as a builder and operator of orbital and lunar transfer vehicles but also as a propulsion supplier to other space companies. In 2022, The Exploration Company received funding for the Huracán engine from the French government. At the time, the company described the engine as serving the needs of “the upper stages of small launchers and those of orbital vehicles.” (submitted by Ken the Bin)

The easiest way to keep up with Eric Berger’s space reporting is to sign up for his newsletter, we’ll collect his stories in your inbox.

Rocket Report: Falcon 9 flies for 300th time; an intriguing launch from Russia Read More »

Backdoors that let cops decrypt messages violate human rights, EU court says

csam, e2ee, email, end to end encryption, end-to-end, European Commission, European Court of Human Rights, European Court of Justice, European Union, Freedom of speech, Online Privacy, Policy, Private messaging, russia, telegram, Terrorism / Kris Guyer / February 15, 2024

Enlarge / Building of the European Court of Human Rights in Strasbourg (France).

The European Court of Human Rights (ECHR) has ruled that weakening end-to-end encryption disproportionately risks undermining human rights. The international court’s decision could potentially disrupt the European Commission’s proposed plans to require email and messaging service providers to create backdoors that would allow law enforcement to easily decrypt users’ messages.

This ruling came after Russia’s intelligence agency, the Federal Security Service (FSS), began requiring Telegram to share users’ encrypted messages to deter “terrorism-related activities” in 2017, ECHR’s ruling said. A Russian Telegram user alleged that FSS’s requirement violated his rights to a private life and private communications, as well as all Telegram users’ rights.

The Telegram user was apparently disturbed, moving to block required disclosures after Telegram refused to comply with an FSS order to decrypt messages on six users suspected of terrorism. According to Telegram, “it was technically impossible to provide the authorities with encryption keys associated with specific users,” and therefore, “any disclosure of encryption keys” would affect the “privacy of the correspondence of all Telegram users,” the ECHR’s ruling said.

For refusing to comply, Telegram was fined, and one court even ordered the app to be blocked in Russia, while dozens of Telegram users rallied to continue challenging the order to maintain Telegram services in Russia. Ultimately, users’ multiple court challenges failed, sending the case before the ECHR while Telegram services seemingly tenuously remained available in Russia.

The Russian government told the ECHR that “allegations that the security services had access to the communications of all users” were “unsubstantiated” because their request only concerned six Telegram users.

They further argued that Telegram providing encryption keys to FSB “did not mean that the information necessary to decrypt encrypted electronic communications would become available to its entire staff.” Essentially, the government believed that FSB staff’s “duty of discretion” would prevent any intrusion on private life for Telegram users as described in the ECHR complaint.

Seemingly most critically, the government told the ECHR that any intrusion on private lives resulting from decrypting messages was “necessary” to combat terrorism in a democratic society. To back up this claim, the government pointed to a 2017 terrorist attack that was “coordinated from abroad through secret chats via Telegram.” The government claimed that a second terrorist attack that year was prevented after the government discovered it was being coordinated through Telegram chats.

However, privacy advocates backed up Telegram’s claims that the messaging services couldn’t technically build a backdoor for governments without impacting all its users. They also argued that the threat of mass surveillance could be enough to infringe on human rights. The European Information Society Institute (EISI) and Privacy International told the ECHR that even if governments never used required disclosures to mass surveil citizens, it could have a chilling effect on users’ speech or prompt service providers to issue radical software updates weakening encryption for all users.

In the end, the ECHR concluded that the Telegram user’s rights had been violated, partly due to privacy advocates and international reports that corroborated Telegram’s position that complying with the FSB’s disclosure order would force changes impacting all its users.

The “confidentiality of communications is an essential element of the right to respect for private life and correspondence,” the ECHR’s ruling said. Thus, requiring messages to be decrypted by law enforcement “cannot be regarded as necessary in a democratic society.”

Martin Husovec, a law professor who helped to draft EISI’s testimony, told Ars that EISI is “obviously pleased that the Court has recognized the value of encryption and agreed with us that state-imposed weakening of encryption is a form of indiscriminate surveillance because it affects everyone’s privacy.”

Backdoors that let cops decrypt messages violate human rights, EU court says Read More »

Ukrainian cells and Internet still out, 1 day after suspected Russian cyberattack

Biz & IT, cellular, cyberattack, Internet, russia, Security, Ukraine / Rejus Almole / December 13, 2023

PLEASE STAND BY —

Hackers tied to Russian military take responsibility for hack on Ukraine’s biggest provider.

Dan Goodin – Dec 14, 2023 1: 33 am UTC

Enlarge / A service center for “Kyivstar”, a Ukrainian telecommunications company, that provides communication services and data transmission based on a broad range of fixed and mobile technologies.

Getty Images

Ukrainian civilians on Wednesday grappled for a second day of widespread cellular phone and Internet outages after a cyberattack, purportedly carried out by Kremlin-supported hackers, hit the country’s biggest mobile phone and Internet provider a day earlier.

Two separate hacking groups with ties to the Russian government took responsibility for Tuesday’s attack striking Kyivstar, which has said it serves 24.3 million mobile subscribers and more than 1.1 million home Internet users. One group, calling itself Killnet, said on Telegram that “an attack was carried out on Ukrainian mobile operators, as well as on some banks,” but didn’t elaborate or provide any evidence. A separate group known as Solntsepek said on the same site that it took “full responsibility for the cyberattack on Kyivstar” and had “destroyed 10,000 computers, more than 4,000 servers, and all cloud storage and backup systems.” The post was accompanied by screenshots purporting to show someone with control over the Kyivstar systems.

In the city of Lviv, street lights remained on after sunrise and had to be disconnected manually, because Internet-dependent automated power switches didn’t work, according to NBC News. Additionally, the outage prevented shops throughout the country from processing credit payments and many ATMs from functioning, the Kyiv Post said.

The outage also disrupted air alert systems that warn residents in multiple cities of incoming missile attacks, a Ukrainian official said on Telegram. The outage forced authorities to rely on backup alarms.

“Cyber specialists of the Security Service of Ukraine and ‘Kyivstar’ specialists, in cooperation with other state bodies, continue to restore the network after yesterday’s hacker attack,” officials with the Security Service of Ukraine said. “According to preliminary calculations, it is planned to restore fixed Internet for households on December 13, as well as start the launch of mobile communication and Internet. The digital infrastructure of ‘Kyivstar’ was critically damaged, so the restoration of all services in compliance with the necessary security protocols takes time.”

Kyivstar suspended mobile and Internet service on Tuesday after experiencing what company CEO Oleksandr Komarov said was an “unprecedented cyberattack” by Russian hackers. The attack represents one of the biggest compromises on a civilian telecommunications provider ever and one of the most disruptive so far in the 21-month Russia-Ukraine war. Kyivstar’s website remained unavailable at the time this post went live on Ars.

According to a report by the New Voice of Ukraine, hackers infiltrated Kyivstar’s infrastructure after first hacking into an internal employee account.

Solntsepek, one of two groups taking responsibility for the attack, has links to “Sandworm,” the name researchers use to track a hacking group that works on behalf of a unit within the Russian military known as the GRU. Sandworm has been tied to some of the most destructive cyberattacks in history, most notably the NotPetya worm, which caused an estimated $10 billion in damage worldwide. Researchers have also attributed Ukrainian power outages in 2015 and 2016 to the group.

Ukrainian cells and Internet still out, 1 day after suspected Russian cyberattack Read More »