{"id":12066,"date":"2017-01-10T03:56:15","date_gmt":"2017-01-09T23:56:15","guid":{"rendered":"https:\/\/informnapalm.org\/sv\/?p=12066"},"modified":"2017-11-07T05:13:23","modified_gmt":"2017-11-07T01:13:23","slug":"ropa-aldrig","status":"publish","type":"post","link":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/","title":{"rendered":"Ukrainska hacktivister faktakollar CrowdStrikes rapport"},"content":{"rendered":"

Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga. Hacktivister fr\u00e5n ukrainska Cyberalliansen (UCA<\/a>) ansluter sig till skeptikerna n\u00e4r publicerade fakta synas i s\u00f6mmarna.<\/strong><\/span><\/p>\n

22 december publicerade cyberf\u00f6rsvarsf\u00f6retaget CrowdStrike en rapport<\/a><\/span>\u00a0som citerade ett p\u00e5st\u00e5tt intr\u00e5ng i en mobilapp f\u00f6r ukrainska artilleristers anv\u00e4ndning. Intr\u00e5nget sades vara utf\u00f6rt av Fancy Bear, en rysk hackergrupp med anknytning till den ryska milit\u00e4ra underr\u00e4ttelsetj\u00e4nsten GRU.<\/span><\/p>\n

Aldrig ropa att bj\u00f6rnen kommer
\n<\/span><\/h2>\n

Rapporten fick snabb och vida spridning n\u00e4r m\u00e5nga mediebolag ivrigt delade dessa kittlande nyheter, medan f\u00e5 av dem brydde sig om att kontrollera fakta eller sk\u00e4rsk\u00e5da rapporten n\u00e4rmare.<\/span><\/p>\n

Redan 23 december reagerade\u00a0BBC<\/a>:s<\/span>\u00a0ryska avdelning med ett antal kritiska expertutl\u00e5tanden som ifr\u00e5gasatte rapportens material och dess slutsatser.<\/span><\/p>\n

CrowdStrike rapporterade att en fj\u00e4rrstyrd aggressiv programvara (malware) ben\u00e4mnd X-Agent hade inplanterats i ukrainska milit\u00e4ra forum som distribuerade en specifikt utvecklad artilleriprogramvara, vilken senare skulle kunna anv\u00e4ndas f\u00f6r att sp\u00e5ra och lokalisera ukrainska artillerif\u00f6rband.<\/span><\/p>\n

Programvarans utvecklare, Yaroslav Sherstiuk, en officer vid ukrainska 55:e separata artilleribrigaden, lade dock till flera s\u00e4kerhetslager i det fall programvaran skulle hamna i fel h\u00e4nder. I de flesta fall har programvaran distribuerats f\u00f6r hand, direkt fr\u00e5n utvecklaren till anv\u00e4ndarna. Sannolikheten f\u00f6r att n\u00e5gon skulle kunna ha laddat ned programvaran fr\u00e5n n\u00e5gon tredje part \u00e4r n\u00e4ra noll.<\/span><\/p>\n

Leonid Bershidskiy, skribent vid\u00a0Bloomberg View<\/a><\/span>, var ocks\u00e5 skeptisk:<\/span><\/p>\n

\u201cJag \u00e4r mycket tveksam till att den ukrainska milit\u00e4ren skulle ladda ned programvara f\u00f6r artillerlpj\u00e4sinst\u00e4llning fr\u00e5n ett webbforum. Under vanliga omst\u00e4ndigheter skulle de snarast best\u00e4lla den fr\u00e5n en k\u00e4nd utvecklare, till exempel fr\u00e5n n\u00e5gon som Sherstiuk. D\u00e4rf\u00f6r \u00e4r det sv\u00e5rt f\u00f6r mig att tro att denna hackade programvara \u2013 upphittad n\u00e5gonstans p\u00e5 n\u00e4tet och sannolikt aldrig anv\u00e4nd av ukrainska soldater \u2013 bevisar att GRU l\u00e5g bakom APT28.\u201d <\/span><\/p>\n

Experter p\u00e5 omr\u00e5det var inte ensamma i sin skepticism \u00f6ver CrowdStrikes slutsatser, ocks\u00e5 ukrainska hacktivister fr\u00e5n UCA gjorde sin egen analys \u00f6ver t\u00e4nkbara datal\u00e4ckor.<\/span><\/p>\n

Sean Townsend<\/a><\/span>, en hacktivist fr\u00e5n gruppen RUH8 (del av UCA, som skapade internationell uppm\u00e4rksamhet med intr\u00e5nget i en dator tillh\u00f6rande en av den ryske presidentens r\u00e5dgivare, Vladislav Surkov<\/a><\/span>), kommenterade ocks\u00e5 CrowdStrikes sensationella rapport:<\/span><\/p>\n

\u201cJag har l\u00e4st rapporten som CrowdStrike publicerade, med titeln \u201dFancy Bear Tracks Ukrainian Artillery.\u201d Som hacker \u00e4r jag inte speciellt f\u00f6rtjust i datas\u00e4kerhetsindustrin eftersom dessa lever p\u00e5 att sprida skr\u00e4ck, men CrowdStrike har faktiskt misslyckats med att leva upp ens till industrins l\u00e4gst st\u00e4llda standarder. De inleder sin rapport med ett braskande uttalande: att de ukrainska v\u00e4pnade styrkorna skulle ha f\u00f6rlorat \u00e4nda upp till 80% av sina D-30 haubitsar. Siffran 80% kom inte fr\u00e5n IISS (International Institute for Strategic Studies) utan n\u00e4mndes av colonelcassad (\u00f6vers. anm: en \u00f6k\u00e4nd rysk propagandistbloggare). Till och med han, n\u00e4r han spottade ur sig siffran 80%, s\u00e4ger att f\u00f6rlusterna inte h\u00e4rr\u00f6r fr\u00e5n strid utan fr\u00e5n \u00f6verf\u00f6ringar fr\u00e5n den ukrainska arm\u00e9n till nationalgardet (notera att IISS:s rapport anger ett \u201dv\u00e4ldigt precist antal\u201d av \u201dn\u00e5gra D-30\u201d). <\/span><\/p>\n

Rapporten p\u00e5st\u00e5r dessutom, utan n\u00e5gon som helst k\u00e4llh\u00e4nvisning, att intr\u00e5nget gjordes med en X-Agent f\u00f6r Android. H\u00e4r fr\u00e5gar jag mig \u2013 var \u00e4r \u201dhasharna\u201d (kryptof\u00f6rkortningar), var \u00e4r adresserna till kontrollcentra, hur m\u00e5nga telefoner ber\u00e4knas vara infekterade? Var det verkligen en X-Agent attack? Jag f\u00f6rst\u00e5r att det planeras utfr\u00e5gningar i kongressen \u00f6ver dessa \u201dryska hackare\u201d och att CrowdStrike g\u00e4rna vill visa sig relevanta i sammanhanget, men jag tycker att det \u00e4r oansvarigt att agera p\u00e5 det h\u00e4r s\u00e4ttet.\u201d<\/span><\/p>\n

\"Ropa<\/p>\n

Sk\u00e4rmavbild av den aggressiva koden (malware).<\/span><\/p>\n<\/div>\n

\u201dVi har redan exempel p\u00e5 malware som CrowdStrike associerar till Fancy Bear och vi kommer snart att sl\u00e4ppa v\u00e5ra egna resultat. Jag kan inte lova er kommunistzombies fr\u00e5n GRU. Jag har faktiskt h\u00f6ga tankar om den postsovjetiska hacker-communityn, men man b\u00f6r inte demonisera de ryska hackarna. Vi hackade n\u00e5gra av dem och det var f\u00f6r l\u00f6jligt att beskriva. Sk\u00e4rmavbilden underminerar bilden av de d\u00e4r \u201dhemska hackarna fr\u00e5n GRU\u201d. Allt man kan se i sk\u00e4rmavbilden \u00e4r m\u00e4rkliga bokst\u00e4ver och siffor, men en expert ser n\u00e5got helt annat blixtra i stora bokst\u00e4ver: \u201dDen h\u00e4r KODEN har skrivits av en fullst\u00e4ndig IDIOT\u201d. <\/span><\/p>\n

Det internationella underr\u00e4ttelsekollektivet InformNapalm presenterar \u00e5terkommande inl\u00e4gg som baserats p\u00e5 uppgifter som gr\u00e4vts fram av UCA-hacktivister. S\u00e5 fort vi har mer uppgifter om data som hacktivisterna analyserat kommer vi sj\u00e4lvklart att dela dessa med en vidare publik. H\u00e5ll utkik efter kommande uppdateringar i v\u00e5r Hacktivismsektion<\/a><\/span>.<\/span><\/p>\n

\n

\u00d6versatt och redakterad av<\/span> Von de Plume<\/a><\/span><\/strong>.<\/p>\n

\"InformNapalm<\/a>Detta material<\/a><\/span> \u00e4r s\u00e4rskilt framtaget f\u00f6r publikation av InformNapalm<\/a> och f\u00e5r \u00e5terges enligt Creative Commons (CC-BY). <\/span><\/p>\n

Vid all \u00e5tergivning skall k\u00e4llan anges med l\u00e4nk till materialet. Vi uppmuntrar v\u00e5ra l\u00e4sare att aktivt dela v\u00e5ra publikationer<\/a><\/span><\/span> p\u00e5 sociala n\u00e4tverk. Den breda allm\u00e4nhetens k\u00e4nnedom \u00e4r avg\u00f6rande f\u00f6r att f\u00f6rst\u00e5 krigets verklighet.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga. Hacktivister fr\u00e5n ukrainska Cyberalliansen…<\/p>\n","protected":false},"author":2,"featured_media":12075,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[2453,403,3225,1693,1771,801],"tags":[4022,4023,4017,4019,4026,4020,4025,1152,4024,4018,3565,4021,3674,3607],"class_list":["post-12066","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aktuellt","category-donbas","category-hackare","category-informationskrig","category-nyheter","category-ryssland","tag-bbc-ryska-avdelning","tag-bloomberg-view","tag-crowdstrikes-rapport","tag-cyberforsvarsforetaget-crowdstrike","tag-donbass-nyhet","tag-fancy-bear","tag-kommunistzombies-fran-gru","tag-nyheter-fran-ukraina","tag-sean-townsend","tag-ukrainska-cyberalliansen-uca","tag-ukrainska-hacktivister","tag-underrattelsetjansten-informnapalm","tag-vladislav-surkov","tag-von-de-plume"],"acf":[],"yoast_head":"\nUkrainska hacktivister faktakollar CrowdStrikes rapport<\/title>\n<meta name=\"description\" content=\"Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ukrainska hacktivister faktakollar CrowdStrikes rapport\" \/>\n<meta property=\"og:description\" content=\"Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\" \/>\n<meta property=\"og:site_name\" content=\"InformNapalm p\u00e5 svenska\" \/>\n<meta property=\"article:published_time\" content=\"2017-01-09T23:56:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-11-07T01:13:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"642\" \/>\n\t<meta property=\"og:image:height\" content=\"336\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Falcon Born\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Falcon Born\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\"},\"author\":{\"name\":\"Falcon Born\",\"@id\":\"https:\/\/informnapalm.org\/sv\/#\/schema\/person\/0a9c5fc44a7fbf844f57e2c2fa5c4bef\"},\"headline\":\"Ukrainska hacktivister faktakollar CrowdStrikes rapport\",\"datePublished\":\"2017-01-09T23:56:15+00:00\",\"dateModified\":\"2017-11-07T01:13:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\"},\"wordCount\":907,\"publisher\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/#organization\"},\"image\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg\",\"keywords\":[\"BBC ryska avdelning\",\"Bloomberg View\",\"CrowdStrikes rapport\",\"Cyberf\u00f6rsvarsf\u00f6retaget CrowdStrike\",\"Donbass nyhet\",\"Fancy Bear\",\"Kommunistzombies fr\u00e5n GRU\",\"Nyheter fr\u00e5n Ukraina\",\"Sean Townsend\",\"Ukrainska Cyberalliansen UCA\",\"Ukrainska hacktivister\",\"Underr\u00e4ttelsetj\u00e4nsten InformNapalm\",\"Vladislav Surkov\",\"Von de Plume\"],\"articleSection\":[\"Aktuellt\",\"Donbas\",\"Hackare\",\"Informationskrig\",\"Nyheter\",\"Ryssland\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\",\"url\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\",\"name\":\"Ukrainska hacktivister faktakollar CrowdStrikes rapport\",\"isPartOf\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg\",\"datePublished\":\"2017-01-09T23:56:15+00:00\",\"dateModified\":\"2017-11-07T01:13:23+00:00\",\"description\":\"Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga.\",\"breadcrumb\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage\",\"url\":\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg\",\"contentUrl\":\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg\",\"width\":642,\"height\":336,\"caption\":\"Ropa aldrig \u00abBj\u00f6rn!\u00bb\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/informnapalm.org\/sv\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ukrainska hacktivister faktakollar CrowdStrikes rapport\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/informnapalm.org\/sv\/#website\",\"url\":\"https:\/\/informnapalm.org\/sv\/\",\"name\":\"InformNapalm p\u00e5 svenska\",\"description\":\"Nyheter fr\u00e5n Ukraina\",\"publisher\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/informnapalm.org\/sv\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/informnapalm.org\/sv\/#organization\",\"name\":\"InformNapalm\",\"url\":\"https:\/\/informnapalm.org\/sv\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/informnapalm.org\/sv\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2016\/03\/InformNapalm_logo_07.png\",\"contentUrl\":\"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2016\/03\/InformNapalm_logo_07.png\",\"width\":220,\"height\":90,\"caption\":\"InformNapalm\"},\"image\":{\"@id\":\"https:\/\/informnapalm.org\/sv\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/informnapalm.org\/sv\/#\/schema\/person\/0a9c5fc44a7fbf844f57e2c2fa5c4bef\",\"name\":\"Falcon Born\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/informnapalm.org\/sv\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2ab3370fab9c246db359190da7fc69ece9dd5c0538f0fa255b77632480af62e6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2ab3370fab9c246db359190da7fc69ece9dd5c0538f0fa255b77632480af62e6?s=96&d=mm&r=g\",\"caption\":\"Falcon Born\"},\"sameAs\":[\"https:\/\/informnapalm.org\"],\"url\":\"https:\/\/informnapalm.org\/sv\/author\/roman\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ukrainska hacktivister faktakollar CrowdStrikes rapport","description":"Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/","og_locale":"en_US","og_type":"article","og_title":"Ukrainska hacktivister faktakollar CrowdStrikes rapport","og_description":"Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga.","og_url":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/","og_site_name":"InformNapalm p\u00e5 svenska","article_published_time":"2017-01-09T23:56:15+00:00","article_modified_time":"2017-11-07T01:13:23+00:00","og_image":[{"width":642,"height":336,"url":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg","type":"image\/jpeg"}],"author":"Falcon Born","twitter_misc":{"Written by":"Falcon Born","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#article","isPartOf":{"@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/"},"author":{"name":"Falcon Born","@id":"https:\/\/informnapalm.org\/sv\/#\/schema\/person\/0a9c5fc44a7fbf844f57e2c2fa5c4bef"},"headline":"Ukrainska hacktivister faktakollar CrowdStrikes rapport","datePublished":"2017-01-09T23:56:15+00:00","dateModified":"2017-11-07T01:13:23+00:00","mainEntityOfPage":{"@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/"},"wordCount":907,"publisher":{"@id":"https:\/\/informnapalm.org\/sv\/#organization"},"image":{"@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage"},"thumbnailUrl":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg","keywords":["BBC ryska avdelning","Bloomberg View","CrowdStrikes rapport","Cyberf\u00f6rsvarsf\u00f6retaget CrowdStrike","Donbass nyhet","Fancy Bear","Kommunistzombies fr\u00e5n GRU","Nyheter fr\u00e5n Ukraina","Sean Townsend","Ukrainska Cyberalliansen UCA","Ukrainska hacktivister","Underr\u00e4ttelsetj\u00e4nsten InformNapalm","Vladislav Surkov","Von de Plume"],"articleSection":["Aktuellt","Donbas","Hackare","Informationskrig","Nyheter","Ryssland"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/","url":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/","name":"Ukrainska hacktivister faktakollar CrowdStrikes rapport","isPartOf":{"@id":"https:\/\/informnapalm.org\/sv\/#website"},"primaryImageOfPage":{"@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage"},"image":{"@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage"},"thumbnailUrl":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg","datePublished":"2017-01-09T23:56:15+00:00","dateModified":"2017-11-07T01:13:23+00:00","description":"Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga.","breadcrumb":{"@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/informnapalm.org\/sv\/ropa-aldrig\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#primaryimage","url":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg","contentUrl":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2017\/01\/BJORN.jpg","width":642,"height":336,"caption":"Ropa aldrig \u00abBj\u00f6rn!\u00bb"},{"@type":"BreadcrumbList","@id":"https:\/\/informnapalm.org\/sv\/ropa-aldrig\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/informnapalm.org\/sv\/"},{"@type":"ListItem","position":2,"name":"Ukrainska hacktivister faktakollar CrowdStrikes rapport"}]},{"@type":"WebSite","@id":"https:\/\/informnapalm.org\/sv\/#website","url":"https:\/\/informnapalm.org\/sv\/","name":"InformNapalm p\u00e5 svenska","description":"Nyheter fr\u00e5n Ukraina","publisher":{"@id":"https:\/\/informnapalm.org\/sv\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/informnapalm.org\/sv\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/informnapalm.org\/sv\/#organization","name":"InformNapalm","url":"https:\/\/informnapalm.org\/sv\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/informnapalm.org\/sv\/#\/schema\/logo\/image\/","url":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2016\/03\/InformNapalm_logo_07.png","contentUrl":"https:\/\/informnapalm.org\/sv\/wp-content\/uploads\/sites\/22\/2016\/03\/InformNapalm_logo_07.png","width":220,"height":90,"caption":"InformNapalm"},"image":{"@id":"https:\/\/informnapalm.org\/sv\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/informnapalm.org\/sv\/#\/schema\/person\/0a9c5fc44a7fbf844f57e2c2fa5c4bef","name":"Falcon Born","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/informnapalm.org\/sv\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2ab3370fab9c246db359190da7fc69ece9dd5c0538f0fa255b77632480af62e6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2ab3370fab9c246db359190da7fc69ece9dd5c0538f0fa255b77632480af62e6?s=96&d=mm&r=g","caption":"Falcon Born"},"sameAs":["https:\/\/informnapalm.org"],"url":"https:\/\/informnapalm.org\/sv\/author\/roman\/"}]}},"post_src":"<p style=\"text-align: left\"><span style=\"color: #333333\"><strong>Slutsatserna fr\u00e5n CrowdStrikes rapport om den ryska hackergruppen \u201dFancy Bear\u201d kan vara felaktiga. Hacktivister fr\u00e5n ukrainska Cyberalliansen (<a style=\"color: #333333\" href=\"https:\/\/informnapalm.org\/uca\/\">UCA<\/a>) ansluter sig till skeptikerna n\u00e4r publicerade fakta synas i s\u00f6mmarna.<\/strong><\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">22 december publicerade cyberf\u00f6rsvarsf\u00f6retaget CrowdStrike <span style=\"color: #000080\"><a style=\"color: #000080\" href=\"https:\/\/www.crowdstrike.com\/wp-content\/brochures\/FancyBearTracksUkrainianArtillery.pdf\">en rapport<\/a><\/span>\u00a0som citerade ett p\u00e5st\u00e5tt intr\u00e5ng i en mobilapp f\u00f6r ukrainska artilleristers anv\u00e4ndning. Intr\u00e5nget sades vara utf\u00f6rt av Fancy Bear, en rysk hackergrupp med anknytning till den ryska milit\u00e4ra underr\u00e4ttelsetj\u00e4nsten GRU.<\/span><\/p>\r\n\r\n<h2 style=\"text-align: left\"><span style=\"color: #333333\">Aldrig ropa att bj\u00f6rnen kommer\r\n<\/span><\/h2>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Rapporten fick snabb och vida spridning n\u00e4r m\u00e5nga mediebolag ivrigt delade dessa kittlande nyheter, medan f\u00e5 av dem brydde sig om att kontrollera fakta eller sk\u00e4rsk\u00e5da rapporten n\u00e4rmare.<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Redan 23 december reagerade\u00a0<span style=\"color: #000080\"><a style=\"color: #000080\" href=\"http:\/\/www.bbc.com\/russian\/features-38401834\">BBC<\/a>:s<\/span>\u00a0ryska avdelning med ett antal kritiska expertutl\u00e5tanden som ifr\u00e5gasatte rapportens material och dess slutsatser.<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">CrowdStrike rapporterade att en fj\u00e4rrstyrd aggressiv programvara (malware) ben\u00e4mnd X-Agent hade inplanterats i ukrainska milit\u00e4ra forum som distribuerade en specifikt utvecklad artilleriprogramvara, vilken senare skulle kunna anv\u00e4ndas f\u00f6r att sp\u00e5ra och lokalisera ukrainska artillerif\u00f6rband.<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Programvarans utvecklare, Yaroslav Sherstiuk, en officer vid ukrainska 55:e separata artilleribrigaden, lade dock till flera s\u00e4kerhetslager i det fall programvaran skulle hamna i fel h\u00e4nder. I de flesta fall har programvaran distribuerats f\u00f6r hand, direkt fr\u00e5n utvecklaren till anv\u00e4ndarna. Sannolikheten f\u00f6r att n\u00e5gon skulle kunna ha laddat ned programvaran fr\u00e5n n\u00e5gon tredje part \u00e4r n\u00e4ra noll.<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Leonid Bershidskiy, skribent vid\u00a0<span style=\"color: #000080\"><a style=\"color: #000080\" href=\"https:\/\/www.bloomberg.com\/view\/articles\/2016-12-22\/why-i-still-don-t-buy-the-russian-hacking-story\">Bloomberg View<\/a><\/span>, var ocks\u00e5 skeptisk:<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">\u201cJag \u00e4r mycket tveksam till att den ukrainska milit\u00e4ren skulle ladda ned programvara f\u00f6r artillerlpj\u00e4sinst\u00e4llning fr\u00e5n ett webbforum. Under vanliga omst\u00e4ndigheter skulle de snarast best\u00e4lla den fr\u00e5n en k\u00e4nd utvecklare, till exempel fr\u00e5n n\u00e5gon som Sherstiuk. D\u00e4rf\u00f6r \u00e4r det sv\u00e5rt f\u00f6r mig att tro att denna hackade programvara \u2013 upphittad n\u00e5gonstans p\u00e5 n\u00e4tet och sannolikt aldrig anv\u00e4nd av ukrainska soldater \u2013 bevisar att GRU l\u00e5g bakom APT28.\u201d <\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Experter p\u00e5 omr\u00e5det var inte ensamma i sin skepticism \u00f6ver CrowdStrikes slutsatser, ocks\u00e5 ukrainska hacktivister fr\u00e5n UCA gjorde sin egen analys \u00f6ver t\u00e4nkbara datal\u00e4ckor.<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\"><span style=\"color: #000080\"><a style=\"color: #000080\" href=\"https:\/\/www.facebook.com\/photo.php?fbid=223992428049123&set=a.130395897408777.1073741828.100013151020465&type=3&theater\">Sean Townsend<\/a><\/span>, en hacktivist fr\u00e5n gruppen RUH8 (del av UCA, som skapade internationell uppm\u00e4rksamhet med intr\u00e5nget i en dator tillh\u00f6rande en av den ryske presidentens r\u00e5dgivare, <span style=\"color: #000080\"><a style=\"color: #000080\" href=\"https:\/\/informnapalm.org\/en\/surkovleaks-part2\/\">Vladislav Surkov<\/a><\/span>), kommenterade ocks\u00e5 CrowdStrikes sensationella rapport:<\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">\u201cJag har l\u00e4st rapporten som CrowdStrike publicerade, med titeln \u201dFancy Bear Tracks Ukrainian Artillery.\u201d Som hacker \u00e4r jag inte speciellt f\u00f6rtjust i datas\u00e4kerhetsindustrin eftersom dessa lever p\u00e5 att sprida skr\u00e4ck, men CrowdStrike har faktiskt misslyckats med att leva upp ens till industrins l\u00e4gst st\u00e4llda standarder. De inleder sin rapport med ett braskande uttalande: att de ukrainska v\u00e4pnade styrkorna skulle ha f\u00f6rlorat \u00e4nda upp till 80% av sina D-30 haubitsar. Siffran 80% kom inte fr\u00e5n IISS (International Institute for Strategic Studies) utan n\u00e4mndes av colonelcassad (\u00f6vers. anm: en \u00f6k\u00e4nd rysk propagandistbloggare). Till och med han, n\u00e4r han spottade ur sig siffran 80%, s\u00e4ger att f\u00f6rlusterna inte h\u00e4rr\u00f6r fr\u00e5n strid utan fr\u00e5n \u00f6verf\u00f6ringar fr\u00e5n den ukrainska arm\u00e9n till nationalgardet (notera att IISS:s rapport anger ett \u201dv\u00e4ldigt precist antal\u201d av \u201dn\u00e5gra D-30\u201d). <\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Rapporten p\u00e5st\u00e5r dessutom, utan n\u00e5gon som helst k\u00e4llh\u00e4nvisning, att intr\u00e5nget gjordes med en X-Agent f\u00f6r Android. H\u00e4r fr\u00e5gar jag mig \u2013 var \u00e4r \u201dhasharna\u201d (kryptof\u00f6rkortningar), var \u00e4r adresserna till kontrollcentra, hur m\u00e5nga telefoner ber\u00e4knas vara infekterade? Var det verkligen en X-Agent attack? Jag f\u00f6rst\u00e5r att det planeras utfr\u00e5gningar i kongressen \u00f6ver dessa \u201dryska hackare\u201d och att CrowdStrike g\u00e4rna vill visa sig relevanta i sammanhanget, men jag tycker att det \u00e4r oansvarigt att agera p\u00e5 det h\u00e4r s\u00e4ttet.\u201d<\/span><\/p>\r\n\r\n\r\n[caption id=\"attachment_31374\" align=\"alignnone\" width=\"642\"]<img class=\"wp-image-31374 size-full\" title=\"Ropa aldrig Bj\u00f6rn!\" src=\"https:\/\/informnapalm.org\/wp-content\/uploads\/2016\/12\/fan.jpg\" alt=\"Ropa aldrig Bj\u00f6rn!\" width=\"642\" height=\"411\" \/> <span style=\"color: #333333\">Sk\u00e4rmavbild av den aggressiva koden (malware).<\/span>[\/caption]\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">\u201dVi har redan exempel p\u00e5 malware som CrowdStrike associerar till Fancy Bear och vi kommer snart att sl\u00e4ppa v\u00e5ra egna resultat. Jag kan inte lova er kommunistzombies fr\u00e5n GRU. Jag har faktiskt h\u00f6ga tankar om den postsovjetiska hacker-communityn, men man b\u00f6r inte demonisera de ryska hackarna. Vi hackade n\u00e5gra av dem och det var f\u00f6r l\u00f6jligt att beskriva. Sk\u00e4rmavbilden underminerar bilden av de d\u00e4r \u201dhemska hackarna fr\u00e5n GRU\u201d. Allt man kan se i sk\u00e4rmavbilden \u00e4r m\u00e4rkliga bokst\u00e4ver och siffor, men en expert ser n\u00e5got helt annat blixtra i stora bokst\u00e4ver: \u201dDen h\u00e4r KODEN har skrivits av en fullst\u00e4ndig IDIOT\u201d. <\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Det internationella underr\u00e4ttelsekollektivet InformNapalm presenterar \u00e5terkommande inl\u00e4gg som baserats p\u00e5 uppgifter som gr\u00e4vts fram av UCA-hacktivister. S\u00e5 fort vi har mer uppgifter om data som hacktivisterna analyserat kommer vi sj\u00e4lvklart att dela dessa med en vidare publik. H\u00e5ll utkik efter kommande uppdateringar i v\u00e5r <span style=\"color: #000080\"><a style=\"color: #000080\" href=\"https:\/\/informnapalm.org\/en\/category\/hacker\/\">Hacktivismsektion<\/a><\/span>.<\/span><\/p>\r\n\r\n\r\n<hr \/>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">\u00d6versatt och redakterad av<\/span> <strong><span style=\"color: #000080\"><a style=\"color: #000080\" href=\"https:\/\/twitter.com\/vondeplume\" target=\"_blank\" rel=\"noopener\">Von de Plume<\/a><\/span><\/strong>.<\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\"><a style=\"color: #333333\" href=\"https:\/\/twitter.com\/sv_informnapalm\/\" target=\"_blank\" rel=\"noopener\"><img class=\"alignleft\" title=\"InformNapalm p\u00e5 Twitter\" src=\"https:\/\/informnapalm.org\/fr\/wp-content\/uploads\/sites\/2\/2015\/12\/InformNapalm_logo_05.png\" alt=\"InformNapalm p\u00e5 Twitter\" width=\"120\" height=\"55\" \/><\/a>Detta <span style=\"color: #003366\"><a style=\"color: #003366;text-decoration: underline\" href=\"https:\/\/informnapalm.org\/31373-fakt-cheking-doklada-crowdstrike\/\" target=\"_blank\" rel=\"noopener\">material<\/a><\/span> \u00e4r s\u00e4rskilt framtaget f\u00f6r publikation av <a style=\"color: #333333\" href=\"https:\/\/informnapalm.org\/\" target=\"_blank\" rel=\"noopener\">InformNapalm<\/a> och f\u00e5r \u00e5terges enligt Creative Commons (CC-BY). <\/span><\/p>\r\n<p style=\"text-align: left\"><span style=\"color: #333333\">Vid all \u00e5tergivning skall k\u00e4llan anges med l\u00e4nk till materialet. Vi uppmuntrar v\u00e5ra l\u00e4sare att aktivt dela v\u00e5ra <span style=\"text-decoration: underline\"><span style=\"color: #003366;text-decoration: underline\"><a style=\"color: #003366;text-decoration: underline\" href=\"https:\/\/informnapalm.org\/sv\/\" target=\"_blank\" rel=\"noopener\">publikationer<\/a><\/span><\/span> p\u00e5 sociala n\u00e4tverk. Den breda allm\u00e4nhetens k\u00e4nnedom \u00e4r avg\u00f6rande f\u00f6r att f\u00f6rst\u00e5 krigets verklighet.<\/span><\/p>","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/posts\/12066","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/comments?post=12066"}],"version-history":[{"count":15,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/posts\/12066\/revisions"}],"predecessor-version":[{"id":15913,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/posts\/12066\/revisions\/15913"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/media\/12075"}],"wp:attachment":[{"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/media?parent=12066"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/categories?post=12066"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/informnapalm.org\/sv\/wp-json\/wp\/v2\/tags?post=12066"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}