back to article Kremlin hacking crew went on a 'Roman Holiday' – researchers

Researchers have claimed the infamous APT28 Kremlin-linked hacking group was behind a new cyber-espionage campaign they believe was targeted at the Italian military. Security researchers from the Z-Lab at CSE Cybsec spent the weekend unpicking a new malware-base cyber-espionage campaign allegedly conducted by APT28 (AKA Fancy …

  1. Mark 85 Silver badge

    Numbered days?

    There's a very real possibility that the days of the "open and free" internet are numbered. Governments really need their own networks isolated from the internet in general and perhaps allow contracting companies a heavily monitored and controlled connection. But rather than do that, it's more likely that some countries will just take the cheap route and cut the cable at the borders.

    1. Anonymous Coward
      Anonymous Coward

      Re: Numbered days?

      Cutting the cable is exactly what trump, putin and other Fascist dictators want.

    2. Anonymous Coward
      Anonymous Coward

      Re: Numbered days?

      @Mark 85: "Governments really need their own networks isolated from the internet in general and perhaps allow contracting companies a heavily monitored and controlled connection."

      Something like a Virtual Private Network (1996):

      1. Doctor Syntax Silver badge

        Re: Numbered days?

        "Something like a Virtual Private Network (1996):"

        Your link goes to LinkedIn. Like any other site that requires an account to read it that isn't particularly useful.

        1. Michael Wojcik Silver badge

          Re: Numbered days?

          Your link goes to LinkedIn

          Indeed. And what's so special about 1996? A quick search of the ACM DL found a presentation on VPNs from SIGCOMM'93 (Schneider et al, "Management of virtual private networks for integrated broadband communication").

  2. Jacob's Elevator

    RUSSIA covertly acquiring information about Italian Marine Border security?

    Interesting perhaps, in that the ITALIAN Marine Militaire are likely involved in overseeing their EUROpean guarded sea-frontiers vis-a-viz SYRIAN (or other) refugee/asylum-seekers, legal or not.

    Why would RUSSIA be interested in acquiring covert information about Italian Marine Border security?

    1. James 51
      Mushroom

      Re: RUSSIA covertly acquiring information about Italian Marine Border security?

      Okay, for a moment I am going to suppose you're not a troll or a moron and bite. Russia is weaponising the population it is helping to displace in the Syria conflict. A lot of these people end up crossing the Med and end up in southern EU states such as Italy. Knowing how Italy is planning to cope could help them plan their stragety and know how effective what they have been doing has been. There's also the principal that you hack everyone you can all the time for the chance you'll find something you can use or simply to embarrass the target.

      1. Anonymous Coward
        Anonymous Coward

        Re: weaponising the population

        So Syrian refugees are really Russian double agents planning to destabilise southern Europe?

        I suppose by that token China is sending over all the African refugees from the mines they own in Africa to overthrow the French government.

        It's a scary world out there people.

        1. James 51

          Re: weaponising the population

          https://www.theguardian.com/world/2016/feb/16/refugees-are-becoming-russias-weapon-of-choice-in-syria

          1. Anonymous Coward
            Anonymous Coward

            Re: weaponising the population

            I think there is a difference between displacing people by bombing their country and actively helping them to make their way into Italy by hacking the military. How exactly would they get that information to the refugees they just bombed out of their homes? Not sure they would be open to talk to the Russians at that point.

      2. Anonymous Coward
        Big Brother

        Re: RUSSIA covertly acquiring information about Italian Marine Border security?

        "Russia is weaponising the population it is helping to displace in the Syria conflict."

        how the US fuelled the rise of Isis in Syria and Iraq

    2. LDS Silver badge

      Re: RUSSIA covertly acquiring information about Italian Marine Border security?

      Most Syrian refugees took the far shorter Greek route, and then up through the Balkans. That route has been blocked by Germany getting EU pay 6 billions to Turkey to stop them.

      Italy from the sea mostly faces African migrants arriving through Libya.

      It's beyond doubt that massive refugees/migrants movements, or the fear of them, created the conditions to increase the votes given to populist parties in EU, many of which are very friendly with Putin, thereby the actual situation is very advantageous for Russia, which has no reason to modify it.

      Regardless of migration, if Russia plans a Mediterranean presence from Syria and the like, it will inevitably face Italian Marina Militare given the Italian position in the middle of it. Attempts to gather intelligence about their operations looks inevitable, and may also open access to NATO data.

    3. Michael Wojcik Silver badge

      Re: RUSSIA covertly acquiring information about Italian Marine Border security?

      The REAL question is whether BLOCK CAPITALS are RHETORICALLY EFFECTIVE, or just extremely ANNOYING.

  3. Anonymous Coward
    Anonymous Coward

    The source code for these exploits has been in the wild since around 2013. Quite why the mere presence of this widely available set of tools is insistently tied back to Russian intelligence agencies is a bit of a mystery. Several other groups have used the same exploits including a set of bank exploiters, and the Ukrainians.

    But that the Russians would want to spy on the Italian military is not surprsing, and it would be absolutely no surprise if the Italians weren't returning the favour.

    1. Anonymous Coward
      Anonymous Coward

      Quite why the mere presence of this widely available set of tools is insistently tied back to Russian intelligence agencies is a bit of a mystery.

      Simple answer is the neocons need a whipping boy and since the 50s in the US when McCarthy brought the 'reds under the bed' into full-fledged hunting form, there has always been that lingering suspicion that he might have been right especially now when the left liberals need someone to blame for their mistakes.

    2. Anonymous Coward
      Anonymous Coward

      Allies don't do that sort of thing, we would have heard about it in the press if they did.

      1. Schultz Silver badge

        Allies don't do that kind of thing...

        You forgot to use the <irony> tag, it's not obvious to all readers otherwise.

        1. Anonymous Coward
          Anonymous Coward

          Re: Allies don't do that kind of thing...

          Oh I don't know, I would be surprised of any readers of el reg unaware of the practices of governments allied or otherwise. If there are any then they are clearly lost and for those poor souls "Facebook is over there down that big gaping hole is nothingness"

  4. ScissorHands

    Dephi?

    Quick, call Stob! It atent't dead!

    1. Lord Elpuss Silver badge

      Re: Dephi?

      Upvote for the Verity reference :D

  5. Anonymous Coward
    Big Brother

    Alleged Kremlin-linked hacking waffle

    Any of these Kremlin-linked hacking stories got anything to do with the Trump/Putin summit?

    Has the Italian military ever considered not putting their secrets on the Intertubes?

    Has APT28 not considered using the name of the target on their C&C server?

    The group was involved also in the string of attacks that targeted 2016 Presidential election.” link

    Apart from some self serving entities of the deepstate, there is no real verifiable evidence for any of this cyberwaffle.

    What is this neocon propaganda doing on a technology website?

    1. Doctor Syntax Silver badge

      Re: Alleged Kremlin-linked hacking waffle

      "What is this neocon propaganda doing on a technology website?"

      What is this waffle about neocons, whatever they might be, doing on a technology website?

      1. CrazyOldCatMan Silver badge

        Re: Alleged Kremlin-linked hacking waffle

        waffle about neocons, whatever they might be, doing on a technology website?

        Sush - the poor guy needs to earn his daily roubles..

    2. Michael Wojcik Silver badge

      Re: Alleged Kremlin-linked hacking waffle

      What is this neocon propaganda doing on a technology website?

      Sigh. If any technologically-advanced state isn't mucking about in the IT affairs of its peers, then its government isn't doing its job. You don't have to be a neocon to believe that Russia played all sorts of social-media and SIGINT games in recent US elections, or that the US doesn't do the equivalent1 right back at 'em. Ditto the UK, France, Germany, Israel, Japan, China, and so on.

      Everyone has their fingers in everyone else's pies. Why wouldn't they?

      1In a broad sense. There's little point in trying to influence the Russian presidential election, obviously, since it's just a piece of theater.

    3. mhenriday
      Boffin

      Re: Alleged Kremlin-linked hacking waffle

      «What is this neocon propaganda doing on a technology website?» Because the neocons and the neolibs - there seems to be little difference nowadays - actively recruit technology websites to participate in their attempts to convince everyone, including not least techies, of their Weltanschauung, in which all the evil in the world is due to those dastardly Russians (i e, when it is not due to those equally dastardly - but far more profitable - Chinese). Whinging about alleged «Russian hacking», presented as iron-clad facts, will continue to be a prominent feature of sites like the present....

      Henri

  6. Anonymous Coward
    Anonymous Coward

    No No No!!!

    Thats not possible, Russians wouldn't do that. Trump told us so....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020