Russia: Inconsistent Cyber Attack Capabilities
October 7, 2022
Do you remember that Microsoft’s president Brad Smith opined that the SolarWinds’ misstep required about 1,000 engineers? I do. Let’s assume those engineers then turned their attention to compromising Ukraine as part of a special military operation.
“Failure of Russia’s Cyber Attacks on Ukraine Is Most Important Lesson for NCSC” presents information I found interesting about Mr. Smith’s SolarWinds’ remark. [The NCSC is the United Kingdom’s National Cyber Security Council.’
Here’s the key passage from the write up:
Ukrainian cyber defences, IT security industry support and international collaboration have so far prevented Russian cyber attacks from having their intended destabilising impact during Russia’s invasion of Ukraine.
The write up also points out that a cyber content marketing campaign designed to undermine Ukraine’s leadership was also not effective.
Okay, but, Mr. Smith said that Russia was able to coordinate the efforts of 1,000 individuals to breach SolarWinds’ security and create considerable distress among some in commercial enterprises and other organizations.
How could Ukraine resist this type of capable force? I have no idea. I prefer to flip the information around and ask, “Why did SolarWinds’ security yield so easily?” Did Russia put more effort into breaching SolarWinds than fighting a kinetic war? Yeah, sure it did.
Maybe the 1,000 programmer idea was hand waving and blame shifting? Microsoft cannot make printers work. Why would Microsoft security be much better?
Stephen E Arnold, September 2022