• pingveno@lemmy.ml
    link
    fedilink
    arrow-up
    4
    arrow-down
    8
    ·
    edit-2
    3 years ago

    The university I work for had a flood of phishing right after Russia started attacking Ukraine. It’s hard to know who was behind the attacks, but our best guess was criminals harbored and directed by the Russian state. We are a university, we’re not out to hurt anyone. This is just yet more innocent civilians getting hurt because Russia got angry that Ukraine turned out to be a tougher pill to swallow than it thought.

    • IΛM0DΛY@lemmy.mlOP
      link
      fedilink
      arrow-up
      8
      ·
      3 years ago

      Yes, according to my sources, a phishing campaign has been going on since the beginning of the invasion. The problem that knowing exactly who is behind it is a bit difficult, it starts from almost all over the world, and pointing the finger at someone is just unethical: until proven otherwise it can also be the Ukrainians themselves or even criminal groups that are exploiting the situation, not necessarily the Russians.

    • CritiGalDesist∞@lemmygrad.ml
      link
      fedilink
      arrow-up
      5
      arrow-down
      2
      ·
      3 years ago

      Doesn’t make any sense! Does Russia have any incentive at phishing your university? Why would they waste their scarce resources in time of hardships just to phish some university website?

      • comfy@lemmy.ml
        link
        fedilink
        arrow-up
        4
        arrow-down
        3
        ·
        3 years ago

        Nation states and criminal organizations have considered universities a valuable target for a long time now. Easier than financial institutions and military targets, campus-wide networks, sensitive data on thousands and thousands of students, often lots of powerful hardware and even research equipment to botnet or abuse for processing/mining coing. Lots of value in owning them.

      • IΛM0DΛY@lemmy.mlOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        edit-2
        3 years ago

        It could be a very important university to even be considered strategic for an opposing state, you also have to consider the fact that at the level of military strategy it can be a target to prevent culturally growing people… That’s why I’m not surprised. Then it is not only the university, it is the whole country that is affected.

        • pingveno@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          3 years ago

          Unless you wanted to make a strategic strike on the US’s urban planning & policy capabilities, I’m afraid it wouldn’t do much. We’re a fairly large university, but we don’t have a whole lot of mind share among the general population.

          • IΛM0DΛY@lemmy.mlOP
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            3 years ago

            Everything you do is probably always an ulterior motive for your country, rest assured that every state makes money on it for everything you produce. Now it may be that the “phishing” that hit your university may actually be an isolated thing, but it may be hiding behind a plan that probably no one can know about.

            • pingveno@lemmy.ml
              link
              fedilink
              arrow-up
              2
              ·
              3 years ago

              I just learned that we do have at least one government grant that could mean sensitive information going through our systems. It’s fully a defensive/hardening grant, but it could still make us a target.

              • IΛM0DΛY@lemmy.mlOP
                link
                fedilink
                arrow-up
                1
                ·
                3 years ago

                You may have discovered one of the possible reasons why they attempted phishing. And I can confirm that most universities, as well as private companies, work with their country’s government… So I’m not even surprised.

      • pingveno@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        5
        ·
        3 years ago

        It’s just retribution and harassment. From what I understand, the way it works is that the Russian state harbors criminals as long as they don’t attack Russian targets. So in some cases, the malware they used literally checked for a Russian language pack on Windows and left the computer alone if it found that. They are essentially modern day privateers, harassing soft targets of an adversary.

      • pingveno@lemmy.ml
        link
        fedilink
        arrow-up
        2
        arrow-down
        2
        ·
        3 years ago

        I’m not sure that I should say (though it’s not exactly a secret if you do some work).

        • iortega@lemmy.eus
          link
          fedilink
          arrow-up
          3
          ·
          3 years ago

          People started upvoting me and downvoting him/her. But my question was legit. I wasn’t trying falsify his arguments. I was just curious because I have heard of similar things near me.

    • comfy@lemmy.ml
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      3 years ago

      Nation states and criminal organizations have been doing that for years it’s not a new thing that just started happening.

      • IΛM0DΛY@lemmy.mlOP
        link
        fedilink
        arrow-up
        3
        ·
        3 years ago

        In fact the method of phishing if exploited really properly for a state can be a really powerful weapon, more for the fact that it can involve so many people and less that it can cause damage to be legally actionable.