The thieves grabbed anything they could get: Big companies and small companies, Russian sites and sites every/anywhere else. Hold would not release a victims list, so exactly what or whom was violated, we don't know. Nor do we know what the crooks plan to do with the info. So your question, Should I change my password right away? , has no definite answer. A password is a flimsy thing.
Next day, Russian president Putin spoke. He is smarting from Western economic sanctions against Russia for its annexation of most of the Crimean peninsula in March, and for apparently slipping Ukrainian rebels the missiles that shot down a Malaysian passenger jet on July 16, killing all aboard.
As revenge goes, it isn't exactly crippling: One-year bans on agricultural imports into Russia from countries that have imposed sanctions. U.S. poultry, for example. And the measures are somewhat soft: If the Russian people or economy start to suffer from them, they stop.
That's what Putin said. What about what he didn't say? Will there be a dark-side, under-the-table component, a spike in cyber-warfare? Russian hackers are known to be among the world's busiest, best, and, therefore, worst. Cyberattacks on U.S. government, business, financial, utility, and infrastructure sites go on all the time, every day. And many come from Russian sources. Hacking is how most spying today is done, most attempts to learn what our enemies don't want us to know - and mess up plans we don't like.
So are the two stories related? Holder of Hold Security said he saw no evidence of a government connection in the colossal theft announced Tuesday.
Yeah, but. The relation between Russia's mighty government and its mighty, thriving cyber-underground is, shall we say, relaxed. Russia seldom prosecutes such criminals, even when there's good evidence.
Shane Harris is an expert on Russia who writes for the journal Foreign Policy and its website. "My first reaction to the news was that it was probably not a state-sponsored attack," he said in an e-mail. "But there are other informal connections between cyber-criminals in Russia and the Russian government. A lot of organized crime in Russia is effectively an arm of the state. I'm also told by U.S. law enforcement that when the Russians determine we're looking for a criminal hacker in Russia, they'll tip that person off and suggest he take steps to evade detection. So I wouldn't immediately dismiss a connection, even if an attenuated one, between the criminal hackers and the Russian government."
Steven Chabinsky is former deputy assistant director of the FBI's Cyber Division and now general counsel and chief risk officer of the cybersecurity firm CrowdStrike. He says that when the Russian courts do finger a hacker, they agree to go easy in return for "cooperation." "The concern with Russia," Chabinsky says, "is that their brand of cooperation means working for the Russian intelligence service to continue hacking against the West."
Chabinsky adds that "there is good reason to believe that Russian criminals that are hacking for political, nationalistic reasons - so-called hacktivists - are receiving some direction from the Russian government. Examples of this include cyberattacks that occurred during recent Russian conflicts with Estonia and Georgia, as well as currently in Ukraine."
Deniability and lying ability throw thick gray blankets over attempts to link hacking and official policy. One thing is undeniable: All war today is part cyber. As Chabinsky points out, Russia and Ukraine have been busy hacking each other. So with Hamas and Israel. Russia is hardly alone in its sub-rosa government-hacker link. Think China, waging a low-level cyber-war against the entire West. But then, these countries are up against the best: The United States. Think of the successful bollixing of the Iranian nuclear program for years, and not very secretly, by a computer worm called Stuxnet. Many experts see a U.S. hand in it.
Hacking: It's foreign policy by other means.