LONDON: The FBI has put a spoke in the wheel of a major Russian digital disruption operation potentially aimed at causing havoc in Ukraine, evidence pieced together from researchers, Ukrainian officials and US court documents indicates.
On Wednesday, network technology company Cisco Systems and antivirus company Symantec warned that a half-million Internet-connected routers had been compromised in a possible effort to lay the groundwork for a cyber-sabotage operation against targets in Ukraine.
Court documents simultaneously unsealed in Pittsburgh the same day show the FBI has seized a key website communicating with the massive army of hijacked devices, disrupting what could have been — and might still be — an ambitious cyber attack by the Russian government-aligned hacking group widely known as Fancy Bear.
“I hope it catches the actors off guard and leads to the downfall of their network,” said Craig Williams, the director of outreach for Talos, the digital threat intelligence unit of Cisco that cooperated with the bureau. But he warned that the hackers could still regain control of the infected routers if they possessed their addresses and the right resources to re-establish command and control.
FBI Assistant Director Scott Smith said the agency “has taken a critical step in minimizing the impact of the malware attack. While this is an important first step, the FBI’s work is not done.”
Much about the hackers’ motives remains open to conjecture. Cisco said the malicious software, which it and Symantec both dubbed VPNFilter after a folder it creates, was sitting on more than 500,000 routers in 54 countries but mostly in Ukraine, and had the capacity to render them unusable — a massively disruptive move if carried out at such a scale.
“It could be a significant threat to users around the world,” said Williams.
The US Justice Department said the malware “could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the mizattribution of such activities.”
Ukraine’s cyberpolice said in a statement that it was possible the hackers planned to strike during “large-scale events,” an apparent reference either to the upcoming Champions League game between Real Madrid and Liverpool in the capital, Kiev, on Saturday or to Ukraine’s upcoming Constitution Day celebrations.
Ukraine has been locked in a years-long struggle with Russia-backed separatists in the country’s east and has repeatedly been hit by cyberattacks of escalating severity. Last year witnessed the eruption of the NotPetya worm, which crippled critical systems, including hospitals , across the country and dealt hundreds of millions of dollars in collateral damage around the globe. Ukraine, the United States and Britain have blamed the attack on Moscow — a charge the Kremlin has denied.
Cisco and Symantec both steered clear of attributing the VPNFilter malware to any particular actor, but an FBI affidavit explicitly attributed it to Fancy Bear, the same group that hacked into the Democratic National Committee in 2016 and has been linked to a long series of digital intrusions stretching back more than a decade. The US intelligence community assesses that Fancy Bear acts on behalf of Russia’s military intelligence service.
An FBI affidavit — whose existence was first reported by The Daily Beast — said the hackers used lines of code hidden in the metadata of online photo albums to communicate with their network of seeded routers. If the photo albums disappeared, the hackers turned to a fallback website — the same site whose seizure the FBI ordered Tuesday.
An email sent to the website’s registered owner was returned as undeliverable.
When asked why the FBI specifically named Fancy Bear where Cisco did not, Williams noted that while attribution was extremely tricky based on malware analysis alone, “if you combine that knowledge with a traditional intelligence apparatus interesting things can come to light.”
In any case, he said, “we have a high degree of confidence that the actor behind this is acting against the Ukraine’s best interest.”
Cisco said in a research note that the malware affected devices geared for small and home offices from manufacturers including Netgear, TP-Link and Linksys and had the potential to disable “Internet access for hundreds of thousands of victims worldwide or in a focused region.”
The malware’s principal capabilities, the company said, included stealthy intelligence-collecting, monitoring industrial-control software and, if triggered, “bricking” or disabling routers. It also persists on the infected routers after they are rebooted.
FBI may have disrupted major cyber attack on Ukraine
FBI may have disrupted major cyber attack on Ukraine
- Ukraine has been locked in a years-long struggle with Russia-backed separatists in the country’s east and has repeatedly been hit by cyberattacks of escalating severity. Last year witnessed the eruption of the NotPetya worm, which crippled critical system
- Network technology company Cisco Systems and antivirus company Symantec have warned that a half-million Internet-connected routers had been compromised in a possible effort to lay the groundwork for a cyber-sabotage operation against targets in Ukraine.
Western leaders reaffirm support for Ukraine as Russia targets power facilities in massive missile attack
- UK’s Starmer allies have to double down now to support Ukraine for as long as it takes
- Missiles against Russia ‘a language Putin understands’, says Poland's FM
BUENOS AIRES/LONDON/WARSAW: France, Britain and Poland on Sunday reaffirmed their support for Ukraine as Russia staged its biggest missile attack since August, targeting Ukraine's power facilities with the winter setting in.
French President Emmanuel Macron said the relentless air barrage showed that Russian President Vladimir Putin “does not want peace and is not ready to negotiate.”
The priority for France was to “equip, support and help Ukraine to resist,” Macron told reporters as he prepared to leave Argentina to attend the G20 Summit in Brazil. “It’s clear that President Putin intends to intensify the fighting,” he added.
He declined to comment on German Chancellor Olaf Scholz’s call with Putin on Friday, stressing that Ukraine’s allies “must remain united .... on an agenda for genuine peace, that is to say, a peace that does not mean Ukraine’s surrender.”
He added that he would only consider a call with the Russian leader when the “context” was right.
In London, Prime Minister Keir Starmer said that he has no plan to speak with Putin as he pledged support for Ukraine as the UK’s top priority at this week’s G20 summit.
Speaking with reporters on the way to the meeting in Brazil, Starmer said he wouldn’t speak to Putin as Scholz did on Friday.
The call between the two leaders, which the Kremlin said was initiated by Germany, was the first publicly announced conversation between Putin and a major head of a Western power in almost two years.
Ukraine's Zelensky criticized the call and said it would only make Russia less isolated.
Ukraine’s allies fear that the election of President-elect Donald Trump, who has questioned US aid sent to Kyiv and spoken favorably about Putin, could alter support from Washington, its biggest backer.
Starmer said allies have to double down now to support Ukraine for as long as it takes.
“We are coming up to the 1,000th day of this conflict on Tuesday,” Starmer said. “That’s 1,000 days of Russian aggression, 1,000 days of huge impact and sacrifice in relation to the Ukrainian people and recently we’ve seen the addition of North Korean troops working with Russians which does have serious implications.”
The UK has committed $16.15 billion in aid to Ukraine since Russia’s full-scale invasion in February 2022.
Also on Sunday, Poland welcomed news that US President Joe Biden had cleared Ukraine to use long-range missiles against military targets inside Russia, something Kyiv had been urging for months.
“With the entry into the war of North Korea troops and (Sunday’s) massive attack of Russian missiles, President Biden responded in a language that (Russian President) V.Putin understands,” Foreign Minister Radoslaw Sikorski posted on X.
“The victim of aggression has the right to defend himself,” Sikorski added in his post. “Strength deters, weakness provokes.”
Ukrainian President Volodymyr Zelensky has long pushed for authorization from Washington to use the powerful Army Tactical Missile System, known by its initials ATACMS, to hit targets inside Russia.
Russian President Vladimir Putin has warned that approval would mean that NATO was “at war” with his country — a threat he has made previously when Ukraine’s Western backers have escalated their military assistance to Kyiv.
Rising Islamophobia poses threat in UK amid ‘bleak and dystopian’ political climate, warns head of race equality think tank
- Shabna Begum said political rhetoric had fueled the problem
LONDON: The UK is witnessing an escalation in Islamophobia that risks becoming “brutally divisive,” with failure to address its underlying causes potentially leading to more racist riots, according to the chief executive of the Runnymede Trust think tank.
In an exclusive interview with The Guardian newspaper, Shabna Begum, who took the helm of the race equality group earlier this year, highlighted how political rhetoric has fueled the problem.
“The way politicians talk about Muslims now is so derogatory, it’s in the most brutally divisive terms,” she said, adding that British political discourse had evolved beyond Sayeeda Warsi’s “dinner table test,” a phrase coined by the Conservative peer in 2011 which claimed Islamophobia had become socially acceptable.
Referring to last summer’s riots, Begum warned that without change, such violence could become recurrent.
“(The unrest) was the ugliest representation of the years of racism that have been manufactured through the political media conversation. And if we don’t do something differently, that ugliness will become just a regular feature of our politics,” she said.
The Runnymede Trust’s report on Islamophobia, launched with backing from Warsi, Amnesty International UK, and the Muslim Council for Britain, documented increasing hostility faced by British Muslims.
It cited Tell Mama’s findings of a 335 percent spike in hate incidents in the four months up to February 2024, with women disproportionately affected.
Police figures indicated that nearly 38 percent of religious hate crimes targeted Muslims, and anti-religious hate crimes reached a record high last year, coinciding with the Israel-Gaza conflict, which broke out on Oct. 7 last year.
Begum emphasized that the issue extended beyond physical attacks to “state-sponsored Islamophobia” embedded in policies and narratives, without naming specific politicals, and added that the ruling Labour Party and the Conservatives had both been guilty of feeding a “bleak and dystopian” hostile climate for British Muslims.
She also highlighted the double standard faced by Muslims in public life, saying: “Whether it’s through being governors at schools, as we see through the Trojan horse affair … we are seen trying to take over and hijack local schools.”
She continued: “Or when we go on protest marches, along with many other people, we are described as hate marchers and Islamist extremists. And when we use our vote to express our political preferences, we’re described as sectarian and divisive.”
Drawing on her personal history as the daughter of Bangladeshi migrants who grew up in Tower Hamlets in London, Begum described how her upbringing had shaped her understanding of systemic discrimination.
After more than two decades as a teacher, she moved into academia, ultimately leading her to running the Runnymede Trust.
While she welcomed a recent £15 million ($18.9 million) community recovery fund introduced by the UK government, she called for more substantial investment to combat structural racism.
“What we’re objecting to is a dispersal of insecure funds to community groups... There’s no point saying all Muslims are all bad, but go and have a cup of tea with them in your local community.”
Biden authorizes Ukraine’s use of US-supplied long-range missiles for deeper strikes inside Russia
- Biden's decision follows Russia's reported use of North Korean troops in its war against Ukraine
- The US had previously allowed Ukraine to use ATACMS only for limited strikes just across the border with Russia
MANAUS, Brazil: President Joe Biden has authorized the use of US-supplied long-range missiles by Ukraine to strike even deeper inside Russia, the latest easing of limitations meant to prevent the conflict from further spiraling, according to one US official and three people familiar with the matter.
The decision allowing Ukraine to use the Army Tactical Missile System, or ATACMs, for attacks farther into Russia comes as thousands of North Korean troops have been sent into a region along Ukraine’s northern border to help Russia retake ground and as President-elect Donald Trump has said he would bring about a swift end to the war, expressing skepticism over continued support by the United States.
Biden's decision came hours after Russia launched a massive drone and missile attack on Ukraine, described by officials as the largest in recent months, targeting energy infrastructure and killing civilians.
The attack came as fears are mounting about Moscow’s intentions to devastate Ukraine's power generation capacity ahead of the winter.
It is the second time the US has permitted the use of Western weapons inside Russian territory within limits after permitting the use of HIMARS systems, a shorter-range weapon, to stem Russia's advance in Kharkiv region in May.
President Volodymyr Zelenskyy said that Russia had launched a total of 120 missiles and 90 drones in a large-scale attack across Ukraine. Various types of drones were deployed, he said, including Iranian-made Shaheds, as well as cruise, ballistic and aircraft-launched ballistic missiles.
Ukrainian defenses shot down 144 out of a total of 210 air targets, Ukraine's air force reported later on Sunday.
Zelensky and many of his Western supporters have been pressing Biden for months to allow Ukraine to strike military targets deeper inside Russia with Western-supplied missiles, saying the US ban had made it impossible for Ukraine to try to stop Russian attacks on its cities and electrical grids.
Some supporters have argued that this and other US constraints could cost Ukraine the war. The debate has become a source of disagreement among Ukraine’s NATO allies.
Biden had remained opposed, determined to hold the line against any escalation that he felt could draw the US and other NATO members into direct conflict with Russia.
But North Korea has deployed thousands of troops to Russia to help Moscow try to claw back land in the Kursk border region that Ukraine seized this year. The introduction of North Korean troops to the conflict comes as Moscow has seen a favorable shift in momentum. Trump has signaled that he could push Ukraine to agree to give up some land seized by Russia to find an end to the conflict.
As many as 12,000 North Korean troops have been sent to Russia, according to US, South Korean and Ukrainian assessments. US and South Korean intelligence officials say North Korea also has provided Russia with significant amounts of munitions to replenish its dwindling weapons stockpiles.
Trump, who takes office in January, spoke for months as a candidate about wanting Russia’s war in Ukraine to be over, but he mostly ducked questions about whether he wanted US ally Ukraine to win.
He also repeatedly slammed the Biden administration for giving Kyiv tens of billions of dollars in aid. His election victory has Ukraine’s international backers worrying that any rushed settlement would mostly benefit Putin.
America is Ukraine’s most valuable ally in the war, providing more than $56.2 billion in security assistance since Russian forces invaded in February 2022.
Worried about Russia’s response, however, the Biden administration repeatedly has delayed providing some specific advanced weapons sought by Ukraine, only agreeing under pressure from Ukraine and in consultation with allies, after long denying such a request.
That includes initially refusing Zelensky’s pleas for advanced tanks, Patriot air defense systems, F-16 fighter jets, among other systems.
The White House agreed in May to allow Ukraine to use ATACMS for limited strikes just across the border with Russia.
Ukrainian drones strike Russia
A local journalist died Sunday as Ukrainian drones struck Russia's embattled Kursk region, its Gov. Aleksei Smirnov reported.
Moscow’s forces have for months strained to dislodge Ukrainian troops from the southern province after a bold incursion in August that constituted the largest attack on Russia since World War II and saw battle-hardened Ukrainian units swiftly take hundreds of square miles (kilometers) of territory.
In Russia’s Belgorod province, near Ukraine, a man died on the spot after a Ukrainian drone dropped explosives on his car, local Gov. Vyacheslav Gladkov reported.
Another Ukrainian drone on Sunday targeted a drone factory in Izhevsk, deep inside Russia, according to anti-Kremlin Russian news channels on the Telegram messaging app. The regional leader, Aleksandr Brechalov, reported that a drone exploded near a factory in the city, blowing out windows but causing no serious damage. A man was briefly hospitalized with a head injury, Brechalov said.
COP29 success requires G20 ‘leadership’: UN chief
- Annual UN climate talks in Baku deadlocked at midway point
RIO DE JANEIRO: UN Secretary-General Antonio Guterres on Sunday called on G20 leaders gathering in Rio de Janeiro to rescue stalled concurrent UN climate talks in Azerbaijan by showing “leadership” on cutting emissions.
“A successful outcome at COP29 is still within reach, but it will require leadership and compromise, namely from the G20 countries,” Guterres, who will attend the summit of the world’s biggest economies starting Monday, told a press conference in Rio.
The annual UN talks in Baku are deadlocked at the midway point, with nations no closer to agreeing a $1 trillion deal for climate investments in developing nations after a week of negotiations.
The talks are stuck over the final figure, the type of financing, and who should pay, with Western countries wanting China and wealthy Gulf states to join the list of donors.
All eyes have turned to Rio in the hope of a breakthrough.
“The spotlight is naturally on the G20. They account for 80 percent of global emissions,” Guterres said, calling on the group to “lead by example.”
India announces successful hypersonic missile test
- Defense ministry says missile designed to carry payloads over distances greater than 1,500 km
- Other countries known to have hypersonic missile capabilities are the US, China and Russia
NEW DELHI: India has test-fired its first long-range hypersonic missile, the Ministry of Defense announced on Sunday, marking the country’s entry into a small group of nations known to possess such weapons programs.
The Defense Research and Development Organization — an agency under the Ministry of Defense — conducted the test on Saturday night on Abdul Kalam Island off the coast of the eastern state of Odisha.
The missile, designed to carry payloads over 1,500 km, was “indigenously developed by the laboratories of Dr. APJ Abdul Kalam Missile complex, Hyderabad along with various other DRDO laboratories and industry partners,” the ministry said in a statement Sunday.
“The flight data obtained from down range ship stations confirmed the successful terminal maneuvers and impact with high degree of accuracy.”
Defense Minister Rajnath Singh took to social media to say the test was a “historic moment” that has put India country in the “group of select nations having capabilities of such critical and advanced military technologies.”
Hypersonic missiles can travel at speeds greater than five times the speed of sound, or 6,115 km per hour — much faster than other ballistic and cruise missiles, making them more difficult to track than traditional missile technology.
The other countries known to have such capabilities are the US, China, and Russia.
Defense expert Ranjit Kumar told Arab News that the successful launch of the hypersonic missile has enhanced the deterrent capabilities of the Indian missile arsenal.
“(The) hypersonic missile will add more teeth to the Indian missile firepower. (The) Indian Armed Forces already possess over 300 km range (supersonic) Brahmos cruise missile and over 5,000 km range Agni-V intercontinental ballistic missile, but the latest, over 1,500 km range hypersonic missile will ... give more confidence to the Indian military to be able to hit the target with sure success,” he said.
“At a time when India is surrounded with adversaries possessing long-range ballistic missiles, the latest hypersonic missile will deter them from launching a preemptive strike on Indian locations.”