A careful study of events in Ukraine is a security education in itself. Examples of compromised public information appear almost daily in the Russian invasion of Ukraine. Soldiers’ private cell phone calls are monitored and war crimes they allude to, or clearly state, are reported to media outlets. The names of potential war criminals appear in the leaked list of names of Russians who were present in Bucha. In that killing field, civilian victims with their hands tied were discovered, shot in the head.
Governments can access this data from a host of sources. Sometimes the source is government technology. Other times, hacktivists who are skilled at discovering weak links in controlled access information elicit the information through means such as phishing. Those with cleared access to the information are deceived into releasing information to someone they believe is authorized to receive it, but who is really an adversary. An astounding release of the names of Russian FSB employees allowed into the Moscow headquarters of that espionage organization was recently compromised, according to Wired Magazine. With these names, other hacktivists or government counterspies can track the activities of these people around the world.
Released Information Battles Propaganda’s Lies
Lies by an opponent about virtually anything can be contested when controlled information is compromised. The BBC validated a photograph of the Russian ship Moscow which showed two gigantic holes in the side of the vessel. This runs directly counter to the Russian statement that ‘a fire’ broke out onboard. How this information was accessed is not given. Taken from the side of vessel, it could have been a Russian citizen, a sailor, or a drone. We won’t know, but the damage was done to those on the Russian side whose job it was to lie about the nature of the damage.
Monitoring information around the world also contributes to information collection and validation. Recruitment of Russian-trained Syrian soldiers is happening, and a number of them have departed for employment against Ukraine. U.S. government and hacktivists who monitor activities in Syria are reported to be the source of this information by the Associated Press. What this means in practice could come down to a single person with access to the government information in Syria, or of an unwitting leak by that government. Or, it could not have come from Syria at all, but was leaked from Russia, thus protecting the source of the leak.
The point security professionals should take away is that our adversaries will search everywhere for information to defeat us, our allies, or our interests. Look out for possible spies in your midst, but don’t forget that you could be your own worst enemy. If you are accidentally leaking information on insecure communication devices (as many who lost their secure communication equipment in Ukraine have done) don’t look to spies betraying you. You did it to yourself. We’ve seen how easy it is for others to compromise unsecured cell phone traffic. In fact, once artillery rounds started coming in when the first conflict between Russian and Ukraine began in 2014, cell phones were banned from front line trenches altogether. How easily lessons are forgotten when a new battle arises.
Consider what is most important to your side, and protect it. Whether you are engaged in combat, potential combat, or simply preparing equipment for transfer, all of that has timely security requirements. Know what you need to protect, and for how long. If your company makes equipment necessary for the defense of an allied country, protect it as if your own country was at stake. If the arrival of special equipment is important to success on the battlefield, be sure you take care to protect all delivery information until it arrives safely. Make sure you protect your shipment information as much as the equipment itself. Think holistically. See the many ways your adversary can collect against you.
