CyberSecurity news

FlagThis - #cyberwarfare

@tomshardware.com //

Russia-Linked Tanker Detained for Baltic Sea Cable Damage - A Russia-linked tanker has been detained by Finnish authorities for allegedly damaging undersea power and data cables in the Baltic Sea, and it was found to have spying equipment.
References: OODAloop , Splash247 , kim_harding ? ...
Finnish authorities have detained the Eagle S, a Russia-linked oil tanker, for allegedly damaging undersea power and data cables in the Baltic Sea. The tanker, registered in the Cook Islands and owned by Caravella LLCFZ in the United Arab Emirates, was carrying oil from Russia to Egypt when the incident occurred on Christmas Day. The vessel is suspected to be part of Russia’s shadow fleet, a group of older, poorly maintained ships used to circumvent international sanctions on oil exports, further raising concerns about potential sabotage of critical infrastructure. Initial investigations indicate the ship's anchors are missing, and are thought to be the cause of the damage.

The Eagle S is under investigation for the damage to the Estlink 2 power cable connecting Finland and Estonia, as well as three other internet lines. This incident follows a series of similar events in the Baltic Sea, including damage to other subsea cables and pipelines. Officials, including Finnish President Alexander Stubb and Estonian Foreign Minister Margus Tsahkna, have expressed serious concern over the increasing frequency of these incidents, suggesting they may be deliberate attacks against vital structures. The Eagle S has been moved to Finnish territorial waters as the investigation continues into what is now being treated as suspected sabotage.

Recommended read:
References :
  • OODAloop: Finland probes Russian shadow fleet oil tanker after cable-cutting incident
  • Splash247: Finland detains Russia-linked tanker after latest Baltic Sea cables incident
  • www.tomshardware.com: Finnish authorities board tanker suspected of damaging undersea cables — tanker is reportedly linked to Russia’s shadow fleet
  • kim_harding ?: Finland boards oil tanker suspected of causing internet, power cable outages ▪️Finland suspects ship of breaching power, telecom cables ▪️Coast Guard boards ship, takes it to Finnish waters ▪️Finland says vessel belongs to Russian shadow fleet ▪️Tanker is registered in Cook Islands
  • bsky.app: russian ,"Shadow fleet" oil tanker, which is suspected of severing power and internet cables in the Baltic Sea, has been seized by Finnish authorities.
  • Hacker News: Cable-cutting tanker seized by Finland 'was loaded with spying equipment'
  • NPR Topics: World: Ship linked to Russia is suspected of cutting major cables between Finland and Estonia
  • www.breitbart.com: Russian 'Dark Fleet' Cable-Cutter Ship Boarded in Baltic Loaded With Spying Equipment: Report
  • www.lloydslist.com: Cable-cutting tanker seized by Finland 'was loaded with spying equipment'
  • Breitbart News: Russian 'Dark Fleet' Cable-Cutter Ship Boarded in Baltic Loaded With Spying Equipment: Report
  • www.tomshardware.com: Tom's Hardware article about Finnish investigators discovering anchor drag marks in undersea cable damage case.
  • www.theguardian.com: Sixty-mile drag mark found near damaged Baltic Sea cable, says Finland
  • Chuck Darwin: Sixty-mile drag mark found near damaged Baltic Sea cable, says Finland
  • Tom's Hardware: Finnish investigators discover anchor drag marks of “almost a hundred kilometers” in undersea cable damage case — anchor is allegedly missing from detained tanker
@csoonline.com //

US Halts Cyber Operations Against Russia? - Reports claimed the US government paused cyber operations against Russia, causing debate, but CISA denied these reports as fake news, highlighting the sensitivity and importance of reliable reporting.
Recent reports have surfaced indicating that the US government ordered a temporary halt to offensive cyber operations against Russia, a decision that has stirred considerable debate and concern within the cybersecurity community. According to an exclusive report, Defense Secretary Pete Hegseth instructed U.S. Cyber Command (CYBERCOM) to suspend all planning against Moscow, including offensive digital actions. The directive, delivered to CYBERCOM chief Gen. Timothy Haugh, appears to be part of a broader effort by the White House to normalize relations with Russia amid ongoing negotiations regarding the war in Ukraine.

The decision to pause cyber operations has been met with skepticism and warnings from cybersecurity professionals, who fear the potential consequences of reducing vigilance against a known digital adversary. Concerns have been raised about potential increases in global cyber threats and a decrease in shared confidence in the U.S. as a defensive partner. However, the Cybersecurity and Infrastructure Security Agency (CISA) has denied these reports, labeling them as fake news and a danger to national security. CISA also noted that Russia has been at the center of numerous cybersecurity concerns for the U.S.

Recommended read:
References :
  • bsky.app: DHS says CISA will not stop monitoring Russian cyber threats
  • The Register - Security: US Cyber Command reportedly pauses cyberattacks on Russia
  • Anonymous ???????? :af:: US Cybersecurity and Infrastructure Security Agency says that media reports about it being directed to no longer follow or report on Russian cyber activity are untrue, and its mission remains unchanged.
  • securityboulevard.com: Security Pros Push Back as Trump Orders Halt to Cyber Ops vs. Russia
  • www.bitdefender.com: Stop targeting Russian hackers, Trump administration orders US Cyber Command
  • www.csoonline.com: US Cybercom, CISA retreat in fight against Russian cyber threats: reports
  • Carly Page: The US has suspended its offensive cyber operations against Russia, according to reports, amid efforts by the Trump administration to grant Moscow concessions to end the war in Ukraine.
  • Metacurity: US Cybercom, CISA are softening stances on Russia as a cyber foe: reports
  • Zack Whittaker: The U.S. has reportedly suspended its offensive cyber operations against Russia, per multiple news outlets, amid efforts by the Trump administration to grant Moscow concessions to end the war in Ukraine.
  • securityaffairs.com: CISA maintains stance on Russian cyber threats despite policy shift
  • CyberInsider: CISA Denies Reports That It Has Halted Cyber Operations Against Russian Threats
  • iHLS: U.S. Pauses Cyber Operations Against Russia
@tomshardware.com //

Russian Ship Boarded With Spying Equipment - A Russian-linked ‘dark fleet’ ship suspected of cutting cables was found with spying equipment, indicating a dual mission of physical disruption and intelligence gathering.
A Russian-linked 'dark fleet' ship, the Eagle S, initially suspected of severing undersea cables between Finland and Estonia on Christmas Day, has been found to be equipped with advanced spying technology. This revelation suggests a dual-purpose operation, combining physical infrastructure damage with signals intelligence gathering. The ship, part of a fleet known for circumventing sanctions, was boarded in the Baltic Sea by Finnish authorities, who discovered equipment for intercepting and recording signals intelligence, including monitoring NATO naval and aircraft frequencies.

The spying equipment, described as abnormal for a merchant vessel, was reportedly so power-hungry it caused repeated blackouts on board. Sources indicate the gear was operated by a mix of Russian, Turkish, and Indian personnel. This discovery, coupled with the suspected cable cutting, raises serious concerns about the security of critical infrastructure and the potential for hostile intelligence activities. NATO chief Mark Rutte has assured Finland and Estonia of added military support following these incidents.

Recommended read:
References :
  • Randahl Fink: Finland has seized Putin's tanker which is suspected of cutting an undersea cable, and it turns out the ship is loaded with spy equipment meant for spying on NATO vessels and more.
  • Hacker News: Cable-cutting tanker seized by Finland 'was loaded with spying equipment'
  • www.lloydslist.com: Cable-cutting tanker seized by Finland 'was loaded with spying equipment'
  • www.breitbart.com: Russian 'Dark Fleet' Cable-Cutter Ship Boarded in Baltic Loaded With Spying Equipment: Report
  • Breitbart News: Russian 'Dark Fleet' Cable-Cutter Ship Boarded in Baltic Loaded With Spying Equipment: Report
  • NPR Topics: World: NPR report on a Russian ship suspected of cutting cables between Finland and Estonia.
  • bsky.app: The russian tanker Eagle S (IMO: 9329760) that was boarded by Finnish law enforcement officers had spy equipment on board.
  • www.tomshardware.com: Finnish investigators discover anchor drag marks of “almost a hundred kilometers” in undersea cable damage case — anchor is allegedly missing from detained tanker
info@thehackernews.com (The Hacker News)@The Hacker News //

Russian Meddling in Romanian Presidential Elections - Romania's presidential election was annulled due to alleged Russian meddling on TikTok, involving fake accounts, cyberattacks, and a coordinated disinformation campaign.
Romania's presidential election has been annulled following allegations of significant Russian interference, prompting a global outcry. The Constitutional Court cited evidence of a coordinated disinformation campaign involving over 25,000 fake pro-Georgescu accounts on TikTok, alongside more than 85,000 cyberattacks targeting election websites and IT systems. Leaked election-related credentials were also discovered on a Russian hacker forum, further solidifying suspicions of state-sponsored meddling. This unprecedented action underscores the increasing sophistication of foreign interference in democratic processes, leveraging social media platforms and advanced cyber capabilities to manipulate election outcomes.

The European Union has responded swiftly, issuing an urgent request to TikTok for information regarding Russia's role in the election turmoil. This follows a previous order for TikTok to preserve all election-related data. The US State Department also weighed in, stating that Romanians must have confidence in the fairness and integrity of their elections, free from foreign malign influence. The annulment of the election results and the subsequent investigation highlight the vulnerability of democratic systems to sophisticated cyberattacks and disinformation campaigns, prompting renewed focus on election security and the role of social media platforms in safeguarding democratic processes.

Recommended read:
References :
  • securityaffairs.com: Article detailing the cyberattacks targeting Romania's election systems.
  • The Hacker News: News about the annulment of the Romanian presidential election due to alleged Russian interference on TikTok.
  • www.techmeme.com: The EU sends TikTok an urgent request for information on Russia's role in Romanian election turmoil, a day after ordering it to retain all election-related data (Kelvin Chan/Associated Press)

Blogs

Research Tools