{"id":219,"date":"2017-05-18T13:59:10","date_gmt":"2017-05-18T13:59:10","guid":{"rendered":"http:\/\/securitycurve.com\/?p=219"},"modified":"2017-05-18T13:59:10","modified_gmt":"2017-05-18T13:59:10","slug":"musings-on-cyber-atomic-bomb","status":"publish","type":"post","link":"https:\/\/securitycurve.com\/?p=219","title":{"rendered":"Musings on cyber “atomic bomb”"},"content":{"rendered":"
\"\"<\/a>

Castle Bravo Test<\/p><\/div>\n

Do you remember this comment from\u00a0Andrey Krutskikh<\/a> back during Infoforum 2016<\/a>?<\/p>\n

“You think we are living in 2016. No, we are living in 1948. And do you know why? Because in 1949, the Soviet Union had its first atomic bomb test. And if until that moment… the Americans were not taking us seriously, in 1949 everything changed and they started talking to us on an equal footing. \u00a0I\u2019m warning you: We are at the verge of having \u2018something\u2019 in the information arena, which will allow us to talk to the Americans as equals.\u201d<\/p><\/blockquote>\n

Basically, he said at the time that Russia was on the verge of developing the cyber equivalent of an “atomic bomb.” \u00a0Seems like a fairly significant boast.<\/p>\n

So, here it is a year later and\u00a0there have been a few cyberwarfare victories under Russia’s belt. \u00a0Two of which were pretty significant IMHO. \u00a0I’ve been trying to see if I can figure out which of the recent Russia cyberwarfare campaigns (or maybe something else we in the public arena don’t know about yet) is the “atomic bomb” that Krutskikh was crowing about.<\/p>\n

The way I see it, there are four\u00a0possibilities:<\/p>\n

    \n
  1. Global election tampering<\/strong><\/li>\n
  2. Equation Group Infiltration<\/strong><\/li>\n
  3. Something we don’t know about because it\u00a0isn’t public<\/strong><\/li>\n
  4. Something we don’t know about because it hasn’t happened yet<\/strong><\/li>\n<\/ol>\n

    If he’s referring to the use of cyberwarfare capability for election tampering, that would be what most folks thought he meant on the basis of the timing. \u00a0Specifically, just a short while after the statement, we started seeing systematic attempts to influence election outcomes: the US, France, and so forth. \u00a0What makes this\u00a0option seem less likely to me though is that election tampering isn’t exactly new for Russia – they were tampering with elections<\/a> (their own and other countries) for years. \u00a0 So was it instead\u00a0the method by which they’ve effected the tampering that makes it “atomic bomb” level impact? \u00a0I’m a little dubious that this was what he meant by “atomic” level capability. \u00a0Hiring a bunch of trolls is a far cry from atomic bomb level capability. \u00a0But maybe he’s into hyperbole. \u00a0Could happen.<\/p>\n

    It could also be that he’s referring to the infiltration of the NSA<\/del> Equation Group by the FSB\/GRU<\/del> Shadow Brokers. \u00a0We know that the Shadow Brokers published the Equation Group toolset<\/a> a while back (if anybody was unclear on this point, see WannaCry.) \u00a0We can intuit since the toolset was dated (2013) that, whatever infiltration they did, it’s either been uncovered or closed off — there’s no way that a covert infiltration could continue after they posted that they had acquired the toolset and also the files were pre-2013. \u00a0But if it was closed of in 2013, why would he be bringing it up in 2016? \u00a0The level of impact (systematic infiltration of the NSA<\/del> Equation Group) seems pretty severe – maybe “atomic” level – but the timing of this seems off.<\/p>\n

    The last two possibilities – i.e. something we haven’t seen yet – seem most likely to me in light of the above. \u00a0Specifically, that Russia has an as-yet-undisclosed cyberwarfare capability that we haven’t seen yet. \u00a0It’s possible that’s “tin foil hat” territory – and frankly is the result of wild-ass speculation on my part – but if so it should be interesting times ahead.<\/p>\n","protected":false},"excerpt":{"rendered":"

    Do you remember this comment from\u00a0Andrey Krutskikh back during Infoforum 2016? “You think we are living in 2016. No, we are living in 1948. And do you know why? Because in 1949, the Soviet Union had its first atomic bomb test. And if until that moment… the Americans were not taking us seriously, in 1949 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[10,36,70,102],"class_list":["post-219","post","type-post","status-publish","format-standard","hentry","category-security","tag-atomic-bomb","tag-cyberwarfare","tag-intelligence","tag-russia"],"_links":{"self":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/219","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=219"}],"version-history":[{"count":0,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/219\/revisions"}],"wp:attachment":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}