A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 14 users / day
- 18 users / week
- 24 users / month
- 15 users / 6 months
- 20 subscribers
- 619 Posts
- 1.56K Comments
- Modlog
The university I work for had a flood of phishing right after Russia started attacking Ukraine. It’s hard to know who was behind the attacks, but our best guess was criminals harbored and directed by the Russian state. We are a university, we’re not out to hurt anyone. This is just yet more innocent civilians getting hurt because Russia got angry that Ukraine turned out to be a tougher pill to swallow than it thought.
Yes, according to my sources, a phishing campaign has been going on since the beginning of the invasion. The problem that knowing exactly who is behind it is a bit difficult, it starts from almost all over the world, and pointing the finger at someone is just unethical: until proven otherwise it can also be the Ukrainians themselves or even criminal groups that are exploiting the situation, not necessarily the Russians.
Nation states and criminal organizations have been doing that for years it’s not a new thing that just started happening.
In fact the method of phishing if exploited really properly for a state can be a really powerful weapon, more for the fact that it can involve so many people and less that it can cause damage to be legally actionable.
Doesn’t make any sense! Does Russia have any incentive at phishing your university? Why would they waste their scarce resources in time of hardships just to phish some university website?
It could be a very important university to be considered even strategic for an adversary state, you have to consider also the fact that at the level of military strategy it can be an objective to prevent to make grow culturally the people… That’s why I’m not surprised. Then it’s not just the university, it’s the whole world that is affected.
Unless you wanted to make a strategic strike on the US’s urban planning & policy capabilities, I’m afraid it wouldn’t do much. We’re a fairly large university, but we don’t have a whole lot of mind share among the general population.
Nation states and criminal organizations have considered universities a valuable target for a long time now. Easier than financial institutions and military targets, campus-wide networks, sensitive data on thousands and thousands of students, often lots of powerful hardware and even research equipment to botnet or abuse for processing/mining coing. Lots of value in owning them.
It’s just retribution and harassment. From what I understand, the way it works is that the Russian state harbors criminals as long as they don’t attack Russian targets. So in some cases, the malware they used literally checked for a Russian language pack on Windows and left the computer alone if it found that. They are essentially modern day privateers, harassing soft targets of an adversary.
I wouldn’t be confident assuming “it’s just retribution”, it’s tactically useful. More detail in https://lemmy.ml/post/239272/comment/165414
May I ask for which university?
I’m not sure that I should say (though it’s not exactly a secret if you do some work).