Below is from Russian blogger site:
Well, the situation in the infosec direction is heating up.
Yesterday followed a series of DDoS attacks on Russian government resources and banking structures. Some operations were difficult, they themselves noticed.
Toward evening, the official website of the Russian Ministry of Defense mil.ru stopped responding to IP addresses outside the CIS. Most likely there was a fencing due to DDoS.
Today, the Crimean authorities announced the continuation of DDoS attacks.
Anonymous reported that they were entering into a cyber war against the Russian government.
But Anonymous is bullshit, much more dangerous than Biden’s statement that if Russia continues to cyberattack US companies and infrastructure, the US will retaliate. Bearing in mind the level of attribution that reigns recently in the reports of Western infosec companies, one must understand that the reason for cyber operations by the Americans can be found at any moment. “For a bun! For SolarWinds!”
NBC News reports that intelligence agencies offered Biden cyber attack options to disrupt the network in Russia, strikes on the energy sector and railways. And although Psaki soon denied this news, we believe that there was such a conversation.
Is it real? We think it is quite. American three-letter companies have very skilled hackers, a bunch of bookmarks in hardware and software around the world, and decades of experience in conducting cyber attacks. In Russia, it is often – “information security for a small price”, especially in the field of industrial OT networks (although this is the case all over the world).
Hackers again attacked the IT infrastructure of the Crimean government
February 25, 2022
Moscow. 25 February. INTERFAX.RU – The IT infrastructure of the Crimean authorities has been subjected to a DDoS attack for the second day, Interfax was told at Krymtekhnologii JSC.
On February 24, “the IT infrastructure of the authorities of the Republic of Crimea was subjected to massive DDoS attacks that began at 20:28 and continue at the present time,” the company said.
Experts note that a botnet was used to organize the attacks, the IP addresses of which are mainly located in North and South America, Taiwan and a number of other countries.
“All attacks refer to http-flood attacks aimed at disabling web resources. At the same time, at the moment, the attackers have not been able to disrupt the work of state information systems of the authorities and the portal of the Republic of Crimea,” the company said.
Nevertheless, the quantity and quality of Russian specialists in infosec is excellent, and if there is a desire and political will, all these problems can be solved.
Some infosec channels very unequivocally “painted themselves in the colors they painted themselves” (c) Well, let it remain on their conscience. We personally do not call on anyone to lustrate.
Another, more important, moment – since yesterday evening, bots have been massively uploaded to a number of Russian TG channels.
If anyone does not know, this is done, as a rule, for the subsequent ban of the channel by the Telegram administration. We will not paint the scheme itself, but it is there.
The channel Nezygar.Brief (https://t.me/russicabrief) lost its short link at night, trying to prevent bots from pouring in (the situation is known, you should not take the channel to private).
Bots also came to a number of infosec-friendly channels. Therefore, if you see that your subscribers are growing abnormally, then first of all notify the Telegram administration. And in the second – start cleaning the bots with your hands. Optionally, you can tell your audience about it.
And we will only remember our own wangs two years ago (although we did not assume the presence of real hostilities, but it still looks like it).