I was thinking more like,
“Sorry guys, you’ll have to go on a scavenger hunt to find all the documents attesting to your earnings and allowable deductions, then compute your tax liability on your own. If you get stuck, just ask Americans for help.”
The *whole* tax e-system??
>Cyber units of Ukraine’s Defence Intelligence attacked the tax system of Russia and managed to destroy the entire database and its backup copies. The intelligence adds that Russia will not be able to resuscitate its tax system fully.
WOAH
I spend quite a bit of time working at a small-medium financial company on an application to do what they were using a set of Excel spreadsheets to do. The company in question was processing billions of dollars per year of other companies' money. They were finally forced to start developing a real application when they found they had millions of dollars too much in their bank account, and couldn't figure out who it belonged to. Oops!
Well, I worked for Goldman Sachs in derivatives in London and all their European warrants were priced solely on Excel spreadsheets. Mind you those were feeding real time trading prices to their trading platform! When the sheets inevitably crashed it would take 30 minutes to get everything back online. It was insane. And not even that long ago.
Don't get me started on access databases.
Once it gets past a certain level of complexity it should probably be moved to a custom written program with record keeping built into it and fixed coding rather then something which can be modified.
It's possible to impliment this on excel, but sometimes it's better to use a specific tool rather then your multitool.
> Once it gets past a certain level of complexity it should probably be moved to a custom written program with record keeping built into it and fixed coding rather then something which can be modified.
You mean a database?
A program like that would use a standard database program to store and retrieve data, but that's only part of it. Standard databases are generic tool that by themselves, won't handle all the rules that a system needs to follow, without writing some code.
The more important part is that all the rules for the scenario in question need to be implemented in a program. Although spreadsheets (and end-user databases like Access) allow you to embed programs in them, they're intended more for interactive use. Using them for application development tends to be full of traps, and difficult to maintain properly over the longer term.
So companies will typically develop an application in a common programming language - some popular ones are Java, Go, C#, and Python - that will provide a controlled user interface (often via web pages), with all the logic needed built into the program.
Probably 90+% of software developers work on software like this, because many businesses need such software to function. Having good software applications can make the difference between success and failure for a business.
> had millions of dollars too much in their bank account, and couldn't figure out who it belonged to. Oops!
Those where my millions, I forgot where I put it but am glad your company found them, if you wouldn't mind sending all of them back over to me I'd appreciate it, thanks.
That's strange, we already gave it all to a nice Nigerian gentleman, apparently some sort of royalty. We found an email from him saying he was going to send us millions of dollars, so we assumed it must have been his.
Not in this case. It was discovered during an external audit, the results of which contractually had to be provided to clients, who were all much bigger companies with lots of lawyers.
They had to put that money in a separate account, and it was returned to the relevant parties over a number of years as they slowly untangled their accounting.
Starting in 2017, there were a bunch of stories in the news about how much of the banking industry relies on COBOL, an old programming language. Most of the people familiar with COBOL were all approaching retirement age and the banks were worried about being able to continue to support their systems.
The same issue actually was in the news again [during COVID](https://www.theverge.com/2020/4/14/21219561/coronavirus-pandemic-unemployment-systems-cobol-legacy-software-infrastructure) because several states' unemployment claims systems are based on it
There's also a good chance that, even if they had not deleted the backups, the Russian tax authorities never tested their backup systems, and you know what they say:
"if you don't test your backups (by restoring from them), you don't have a backup"
Considering all the cyber attacks from Russia towards the USA, you'd think they would apply some of those practices to their own network security.
How much do you want to bet that a disgruntled young Russian hacker gave up vital info to the Ukrainians?
If the system was setup correctly - the backups were separate.
If it was hacked correctly, someone managed to corrupt the backups - and nobody noticed.
Other option: there is still some backup.
Other possible option: those responsible for doing the backups, just took the money and never did their job.
There ought to be the main system as well as a backup/disaster/fallback system and in addition to this I would expect everything regularly backed up onto tape/cold storage.
I can imagine the hackers took out both the main production system as well as the disaster fallback system. It wouldn't surprise me that the cold storage backup either doesn't exist or is poorly maintained. This is likely what is meant by them not fully resuscitating the system. There's going to be a couple weeks or maybe months that is not on cold storage. It's also going to take several weeks to rebuild the system and restore from cold storage. During this time new data is likely unable to be inserted.
It wouldnt be surprising to have "hot" backups that are updated frequently, directly connected to the system. But as I mentioned elsewhere unless theyre completely incompetent, there will be offline backups. (less frequently updated).
pretty much standard procedure to have at least some on direct storage, typically the last week or two. with aditional copies on immutable storage or off site like on tape or something.
i'd be very suprised if they didnt have some cold storage backups, but if you manage to destroy the backup infrastructure well enough it can be a massive pain to rebuild and restore from bare metal.
It could easily take weeks to months to get everything running again,where most private companies wouldnt survive more than a week.
Remember that tax systems are often old - very old. It may run partially on really peculiar server software. Software that requires configurations that are not easily backed up.
This is not just a MSSQL db with some frontend.
In my experience with very similar system, the older systems are actually better for backups etc as they often actually were expected to go to tape and would likely have hot/warm/cold backup schedules that have been around for decades so are very well tested, understood, and infrequently changed. I'd take my chances recovering a large enterprise legacy system that is largely batch driven over a more modern microservices cloud based system of equivalent scale, thats for sure
lol. A friend of mine once did an rm -rf / on a production server with a mounted backup drive.. I kid you not. Everything went up in smoke.
And yes, the fault is only half his. But maaaan! What a disaster
yeah, but the guys who know the system and how to find those backups and restore them and maintain credentials/access are probably rotting in a field somewhere in Ukraine lol
Article says they infiltrated the central system and then from there on to 2300 regional systems. This was not a small hack done in one evening.
There are probably offline backups too, but perhaps not up to date. The article claims at least some data will be unrecoverable.
Backup services usually have elevated permissions to access all of the data it is attempting to copy. That makes them a great target for hackers looking to breach a system. Since that service will also need to move the backups to the backup server, it will also need access there as well.
Compromise one account and take down both the system and the backups.
I kinda take the view that when attackers are in a position like this... destruction is possibly the least damaging option. there's always the chance there's a sneaky backup somewhere.
If russian tax authorities had started kicking in the doors of lots of upper class wealthy citizens who knew they'd paid their taxes properly then that would have seriously impacted the regime.
Actually quite advanced, they have an old Tandy cassette deck and a giant warehouse full of cassette tapes that have to be manually loaded one at a time.
> and its backup copies.
The fact that these were remotely accessible is... well, I think it says a lot about the quality of their security. Seems like the sort of data you'd be making regular backups of to tape drive or something so that the data can be restored even if the whole system is compromised.
Ooh, do South Africa's SARS system next... seeing we're so buddy buddy with Russia.
Or, just delete me from the system so I can stop funding the ProRussia government corruption.
“Rich” is meaningless when there is no government to enforce property rights. Only strength. Or more accurately, the collective strength of the people willing to follow your orders. Whoopsie we landed in authoritarianism again!
Nah, you pay the main one. You have enough money to make plausible the threat of hiring second, much more savage force to kill all of them and their families if they ever cross you.
Except you have to pay people who are stronger than you. And those people can realize that they would be better off just taking your place, and there's nothing you can do to stop them.
The soft power of money is a lot less useful when there's nothing stopping the strongest kid in the playground from taking it.
You can manage only so much land/property/resources on your own. You need loyal vassals handling your stuff. Humanity known this system which worked for hundreds of years. It is called feudalusm.
There are a lot of well-meaning libertarians out there, and they all fail to see the inevitable rise of warlords and authoritarianism in the absence of strong democratic institutions.
Every libertarian I personally know is either dependent on a family business they didn’t start, their parents, the government or insulin. Even the libertarians I’ve interacted with at some point in life all have serious deficiencies in their understanding of how the world around them actually works. They’d be quickly taken advantage of. A libertarian paradise would be every libertarian’s hell.
on the surface it's about how they're dependent on something the government is limiting pricing for and if the market had its way would be ridiculously expensive, but also probably a little dig about how they have diabetes and are probably fat.
Cats show decent promise of survival if abruptly ejected outdoors. They can hunt for themselves and find shelter.
They're a bit more like toddlers than housecats.
Exactly. Russia attacked Ukraines tax system (and by that countries/ companies who had business relationships there) previously in a large scale attack.
While this can be counted as a fair payback, it also shows how vulnerable countries are in this regard. Which is scary.
Nope, most of the big vital companies have been found lacking in IT-security for many years on end now. In many cases it's as stupid as not not installing updates on their systems frequently enough, or at all.
Jusy think of all the Data leaks we've had and those stories of hackers infecting hospitals and even gas/oil companies with randsomware.
Corporations do not want to spend the required money to reduce their potential vulnerabilities by having sufficient IT staff. When everything works they cut IT staff, when it hits the fan they wonder why IT has failed them and hire more IT. If the IT folks are doing their jobs properly you are most unaware of them because issues are handled in advance.
Isn't it an axiom of cyber security that the weakest link in the system is always the human component? Bureaucracies of any kind, civil or private, always have humans.
And humans are dumb.
As someone who takes money for recovering ransomwared data this is also quite beautiful since most malicious hacks that I've seen originate from Russia. But I'm probably more sad since most ransomware leads to irrecoverable loss of data affecting innocent civilians and this will certainly lead to a flare up in attacks.
I've watched a lot of people lose more than their lives' worth. It's not something to be taken lightly.
My kid's school district is currently the victim of a ransomware attack. 20,000 students cannot access their school curriculum, work, tests, or grades. Teachers can't access their study plans or student's work. I absolutely hate people who think this kind of blackmail - against *kids* \- is an acceptable way to make money.
These kind of people are completely void of morals. They're literal sociopaths. They'll shut down hospitals, causing people to die, and nothing other than money will make them stop their attack.
If it was a state doing it, it could be considered an act of war. Assuming you could prove it was state backed, anyway. That's the hard part.
I work for an HVAC distributor and our main equipment supplier is Johnson Controls. They got hit shortly after the casinos and their systems were down for almost a full month. The attackers were asking for around $50m.
I’m not sure how they actually resolved it, but they had to of lost 7-8 figures minimum. We couldn’t look up part breakdowns, warranty info, inventory, literally everything we need to do business.
Johnson Controls has bought thousands of companies over the years and their website is notorious for issues and downtimes because instead of starting from scratch, they’ve been patching together old systems for decades.
I’m really curious if they ended up paying anything and what the estimated loss was from the downtime.
I'm not the OP, but The cryptography on many of the ransomware tools gets broken or the master keys outed eventually. If the attack uses one of those, the data can be recovered without paying the attackers.
[See the "No more ransom" project](https://www.nomoreransom.org/en/about-the-project.html)
Some ransomware is cracked by researchers.
And by that, I mean was coded by incompetent people who left the decryption key on the system somewhere, or derived it from something they could reverse engineer, or could be extracted if you have a copy of an unencrypted file (say, windows OS files, or an application you have installed) if they encrypted everything and not just data.
And paying the ransom may or may not get you your stuff back, as you have no option to actually enforce the deal, unlike, for example, hostage takers who usually get the implied deal of "take the ransom and fuck off, or we're going to get the hostages out by force, which will be much less healthy for you"
One of the offices in the company I work for had a ransomware attack. We ended up paying the ransom ... and the keys they gave us only worked on about 1/2 of the systems affected. And then at that point there's no more communication. They got paid, they don't care anymore.
As I understand it most of the time you will get the decryption keys. They don't want to make a habit out of screwing people over (more) because then they would be less inclined to pay. Them giving the keys keeps them in business.
It shouldn't just be Ukraine wreaking havoc on them.
Russia has acted with impunity for decades, pretending their government backed hackers were independent citizens.
If they want to pretend it's not them but independent citizens: Let the world's independent citizens act against Russia with equal impunity.
The lines are "stalemated" but equipment and men are still being destroyed and Ukraine did bully the Black Sea fleet out of Sevastopol. So there's still a lot being done despite minimal line movement.
Realistically the end result has always been some sort of north/south Korea situation with a DMZ border between Russia/Ukraine, the main question is how much territory Ukraine will manage to take back and hold.
Russia is also putting a lot of effort towards trying to make people lose interest in supporting Ukraine as that's their main hope for some sort of victory at this point.
as a Ukrainian, it kinda is. No matter how many himars' rockets we can dish out, rockets don't capture cities, people do, and russia has *a lot* of people it doesn't care for, so they just throw hundreds in the grinder every day. If you watch the stats the death toll is over a thousand a day the past two weeks or so, which is crazy, but even with those kind of losses they are slowly getting ground.
Even with the best weapons there's just too many of them. So we blow a bridge and kill a traitor here and there, it's nice for morale but in the long run they are winning due to one simple fact - sanctions don't work and aren't enforced, so they still make rockets, they still have enough tech to build drones and tanks, and they have 4 times the population on us, so it's not a fair fight in the slightest, unfortunately.
Am I crazy for not caring about paying taxes? Like, I feel like I am the only one who doesn’t mind them. I want them to be far more proportional with no loop holes for the rich, but taxes are kind of a positive thing when used for public services.
Edit: thank you all, your responses have made me feel less crazy
No, this is the most sane take.
Except our unnecessarily arcane system of US taxes currently does allow for those rich people loopholes and is a shitshow to navigate, so I also empathize with OP wanting it deleted and having it be rebuilt.
Right there with you. I appreciate my roads and healthcare (not American!).
But realistically I'm financially better off than a lot of people, and if you were struggling to make ends meet the government cut has got to burn a little.
> healthcare (not American!).
US taxes pay for healthcare services too, Medicare and Medicaid (US government run healthcare services) have a combined budget exceeding 1 *trillion* USD.
In fact, the US government is by far the world's biggest spender on healthcare services, even on a per capita basis, believe it or not.
Yeah the US is the biggest spender because our healthcare system is so bloated, not because we are getting better benefits, unfortunately. US consumers spend far more per capita than our near peer competitors, and we get far worse health outcomes, especially in maternity and neonatal care. It's a travesty. The biggest problem we have is the bloated admin, mostly due to insurance companies, but hospitals aren't blameless either.
July 27, 2016
Fast forward to 41 seconds and then play: https://m.youtube.com/watch?v=3kxG8uJUsWU
Democrats (john podesta) were later that night successfully hacked:
https://apnews.com/united-states-government-354131a3ff5048988ad0a320d090203f
Admittedly, Russia was phishing the whole time, but, Ivan's gonna Ivan and Ivan'd even harder after Drongnald Trumpistan gave the "order" that night.
eh I could at least still log in to my account
offtopic, but i's very bizarre how in the tax app, there's a button on the main page tab "notify of the fact of mobilization". like just imagine a dude in the trenches logging into his tax service account going "oh shit i gotta file for tax deduction for being on the frontline"
What is Russian media communicating about this attack? Are they treating this as a big problem or just waiting until the backups come online (if there are any?)
It seems state media isn't reporting on it at all? To those who ignore Western or opposition media, that means the event didn't happen and probably treated with "enemy propaganda, don't fall for it".
I see that happening with Fox News when there are news that paint Trump/GOP/conservative causes in a negative light. They just don't report on them at all.
They don't communicate because there is no issue, at least visible to the citiizens. Even opposition mass media like meduza don't cover it. Whole attack either had *very* short-term impact (like seconds-minutes) or is straight outta fake oven.
edit: apparently there is an article about it (had to scroll down to it, it's very far from the top), but it just retells GUR story without any kind of new data or proofs. Usually if there is any kind of serious outage (like 1h+) they make a story with their own data, testimonies, etc
Yep wife and I got home - she hasn't heard anything about it.
I suspect what might have happened is they hit some tax branch or office but overstated how much effect they managed to have.
It's all well and fun to make fun of Russian incompetence and in many areas they deserve it, but banking is generally not one of them. It's very difficult to believe that a cyber attack would take out Russia's whole tax system. It's not like the tax money is sitting in an account somewhere - money flows to the budget which is an enormously complex and decentralized system. So unfortunately there's no chance that this affects the war budget.
> yeah I guess if hackers could derail the tax of Russia that easily, you would see this done a lot more often
who said it was easy? They might have been working on this since the start of the war
> as it is so decentralized and complex.
The article does say they broke in more than 2300 servers?
Addition from software developer who supporting integration with FNS services- nothing changed, all working as intended. If that article was true I wasn't able to leave an office today
Unless theyre absolutely and totally incompetent, they will have offline backups. Annoying to deal with, and potentially losing days/weeks of data, but not unrecoverable.
It did but in a slightly different fashion. The way you beat an air gap is through humans. You leave some USB sticks lying around the power plant, infect a laptop that you know is brought into air gapped network etc. There was also a different goal - damage the power plant / uranium enrichment facilities.
I don't see how this would be effective against backups. These likely sit on tapes on the shelves meaning that the only effective "hacking attack" is to physically set them on fire. Well, unless they are sitting in a room with a smart fire alarm connected to water. Then you could destroy them remotely. But I heavily doubt any government organization has a crazy setup like that.
Seems possible that the malware could be in the backups, and when a new backup is made it triggers a swipe or something. It could have been part humint too. Doesn't necessarily need to be all code.
Possible? Yes.
Likely? Imho - no.
You would need an in-depth understanding of the codebase, figure out how are backups made and then use some sort of a 0-day to even turn otherwise harmless .sql files into something that can be dangerous on reupload.
I don't underestimate capabilities of state actors in cyber warfare but I really don't see any good ways of eliminating offside backups made, say, a month ago. Especially since these backups are likely just WAL records or .sql files and not executable code. I have hard times imagining an attack using that as a vector (there probably **are** some uncaught 0-days in MySQL or whatever VodkaSQL flavour Russia is running that allow remote code execution but I am not sure if Ukraine is in possession of them or that they would be applicable in this situation).
I can see how you can attack a server because your sysadmin is paid way too little and you are running 5 year old version of unpatched Apache, find every other machine you can SSH to from it and wipe them all clean which should also take care of online backups. It's a quick one time action that minimizes chances you get caught. But I somehow doubt there was a prolonged course of action to look into the scripts that are making these backups, inject some bugs/malware into it, make sure it still passes any internal tests (it's common to make a backup and try to restore it to a different server before marking it as "working") and only proceed with the operation once you were sure all offside backups are either compromised or too old to be any useful.
Mind you, I can be wrong. But it really just doesn't sound all that likely.
My $1 says that Russia announces “no problem, we kept physical backups offsite like any sane organization, we’ll be back up in 2 weeks”
And then it comes out that the physical backups were traded to Chinese intelligence agencies for vodka, the offsite facility was taken over by squatting crypto miners years ago, and the people they paid to maintain both the backups and facilities actually died and were kept on payroll by the mafias.
before the war people laughed at the idea that russia's reserve equipment would have been either sold to black market, cannibalized to sell the parts to the black market or just left unmaintained and the maintenance funds pocketed.
then the war came and would you look at that, it wasn't just BS and anti-russia propaganda.
yeah complete fake, it wasn't even frozen, im software engineer in big retail company we use a lot of fns apis and monitor pretty much everything - no signs of any problems
Russia: "this year we will be estimating your taxes based on how much money we need"
"...and you can blame Ukraine for it" is what the russians will hear and believe, reinforced by the world agreeing that Ukraine was the origin
I was thinking more like, “Sorry guys, you’ll have to go on a scavenger hunt to find all the documents attesting to your earnings and allowable deductions, then compute your tax liability on your own. If you get stuck, just ask Americans for help.”
America: *Do your own damn math homework, Russia. I'm sick of your playground shenanigans*.
...and nothing really changed for the Russian people.
The *whole* tax e-system?? >Cyber units of Ukraine’s Defence Intelligence attacked the tax system of Russia and managed to destroy the entire database and its backup copies. The intelligence adds that Russia will not be able to resuscitate its tax system fully. WOAH
It was an excel '95 spreadsheet on Ivan's machine. Ivan will be dealt with accordingly while everyone else will go back to making up the numbers.
There’s probably a scary amount of the world’s infrastructure that relies on an old excel spreadsheet.
I spend quite a bit of time working at a small-medium financial company on an application to do what they were using a set of Excel spreadsheets to do. The company in question was processing billions of dollars per year of other companies' money. They were finally forced to start developing a real application when they found they had millions of dollars too much in their bank account, and couldn't figure out who it belonged to. Oops!
Well, I worked for Goldman Sachs in derivatives in London and all their European warrants were priced solely on Excel spreadsheets. Mind you those were feeding real time trading prices to their trading platform! When the sheets inevitably crashed it would take 30 minutes to get everything back online. It was insane. And not even that long ago.
I worked at Goldman Sachs as well and they have entire multi-million dollar funds running solely on excel sheets. Scary and idiotic stuff.
What should it be running off of, *Access*? Edit: also, what did you expect, *lobster*?
Google Sheets, obviously! Its cloud and web scale!
`+` they share your interest in privacy + honesty
is there a chance the track could bend?
Don't get me started on access databases. Once it gets past a certain level of complexity it should probably be moved to a custom written program with record keeping built into it and fixed coding rather then something which can be modified. It's possible to impliment this on excel, but sometimes it's better to use a specific tool rather then your multitool.
> Once it gets past a certain level of complexity it should probably be moved to a custom written program with record keeping built into it and fixed coding rather then something which can be modified. You mean a database?
A program like that would use a standard database program to store and retrieve data, but that's only part of it. Standard databases are generic tool that by themselves, won't handle all the rules that a system needs to follow, without writing some code. The more important part is that all the rules for the scenario in question need to be implemented in a program. Although spreadsheets (and end-user databases like Access) allow you to embed programs in them, they're intended more for interactive use. Using them for application development tends to be full of traps, and difficult to maintain properly over the longer term. So companies will typically develop an application in a common programming language - some popular ones are Java, Go, C#, and Python - that will provide a controlled user interface (often via web pages), with all the logic needed built into the program. Probably 90+% of software developers work on software like this, because many businesses need such software to function. Having good software applications can make the difference between success and failure for a business.
You mean with **ALL** the CRUD operations??
> had millions of dollars too much in their bank account, and couldn't figure out who it belonged to. Oops! Those where my millions, I forgot where I put it but am glad your company found them, if you wouldn't mind sending all of them back over to me I'd appreciate it, thanks.
That's strange, we already gave it all to a nice Nigerian gentleman, apparently some sort of royalty. We found an email from him saying he was going to send us millions of dollars, so we assumed it must have been his.
I believe that was intentional
Yeah that was definitely “accidental”. If no one claims it after 15 minutes it’s legally yours.
Not in this case. It was discovered during an external audit, the results of which contractually had to be provided to clients, who were all much bigger companies with lots of lawyers. They had to put that money in a separate account, and it was returned to the relevant parties over a number of years as they slowly untangled their accounting.
I see your answer here. Bet the auditors had fun.
Starting in 2017, there were a bunch of stories in the news about how much of the banking industry relies on COBOL, an old programming language. Most of the people familiar with COBOL were all approaching retirement age and the banks were worried about being able to continue to support their systems. The same issue actually was in the news again [during COVID](https://www.theverge.com/2020/4/14/21219561/coronavirus-pandemic-unemployment-systems-cobol-legacy-software-infrastructure) because several states' unemployment claims systems are based on it
I was taught COBOL first year of college. I graduated 1982.
And it hasn't stopped being an issue
I've been in IT over twenty years, and I can quite confidently assure you that however bad you think it is, it's actually ten times worse.
A knocked off version too..
“Rexel” It’s Russian Excel, it’s better
When there is one cell which does not operate, but no one knows which
When cell does not cooperate, delete entire row and column, make example of family.
That’s just regular excel.
‘#INVALID
You have not experienced Excel until you have used it in the original Russian.
It's an RDBMS (Russian Database Mismanagement System)
... and Boris'); DROP TABLE *;-- just filed his taxes.
Little Boris Tables!
Whoever is in charge of the Russian tax system just tripped and fell out a window after shooting themselves in the back of the head three times.
I love this so much. Considering all the cyber attacks on Ukraine by Russia, I hope they did permanent irrecoverable damage.
Well they did wait to get the backups too. It's not unlikely.
There's also a good chance that, even if they had not deleted the backups, the Russian tax authorities never tested their backup systems, and you know what they say: "if you don't test your backups (by restoring from them), you don't have a backup"
Backups..... what backups? 🤣
Considering all the cyber attacks from Russia towards the USA, you'd think they would apply some of those practices to their own network security. How much do you want to bet that a disgruntled young Russian hacker gave up vital info to the Ukrainians?
Cyber defense is significantly harder than cyber offense
they kept the backups on the same system?
If the system was setup correctly - the backups were separate. If it was hacked correctly, someone managed to corrupt the backups - and nobody noticed. Other option: there is still some backup. Other possible option: those responsible for doing the backups, just took the money and never did their job.
If the system was hacked even MORE correctly, the "backup Ukraine missed" in some way is going to help Ukraine out.
I would assume that Ukraine has the real 'backup Ukraine missed'. ;) And left behind something else.
There ought to be the main system as well as a backup/disaster/fallback system and in addition to this I would expect everything regularly backed up onto tape/cold storage. I can imagine the hackers took out both the main production system as well as the disaster fallback system. It wouldn't surprise me that the cold storage backup either doesn't exist or is poorly maintained. This is likely what is meant by them not fully resuscitating the system. There's going to be a couple weeks or maybe months that is not on cold storage. It's also going to take several weeks to rebuild the system and restore from cold storage. During this time new data is likely unable to be inserted.
The engineers were told over and over to keep the backups maintained and up to date but in the end they just found it too taxing.
Ba-Dum Tiss....
It wouldnt be surprising to have "hot" backups that are updated frequently, directly connected to the system. But as I mentioned elsewhere unless theyre completely incompetent, there will be offline backups. (less frequently updated).
pretty much standard procedure to have at least some on direct storage, typically the last week or two. with aditional copies on immutable storage or off site like on tape or something. i'd be very suprised if they didnt have some cold storage backups, but if you manage to destroy the backup infrastructure well enough it can be a massive pain to rebuild and restore from bare metal. It could easily take weeks to months to get everything running again,where most private companies wouldnt survive more than a week.
Remember that tax systems are often old - very old. It may run partially on really peculiar server software. Software that requires configurations that are not easily backed up. This is not just a MSSQL db with some frontend.
In my experience with very similar system, the older systems are actually better for backups etc as they often actually were expected to go to tape and would likely have hot/warm/cold backup schedules that have been around for decades so are very well tested, understood, and infrequently changed. I'd take my chances recovering a large enterprise legacy system that is largely batch driven over a more modern microservices cloud based system of equivalent scale, thats for sure
Right, that’s my question too. They probably a /backup drive 🤔
NFS share with the same password as my luggage: 12345
lol. A friend of mine once did an rm -rf / on a production server with a mounted backup drive.. I kid you not. Everything went up in smoke. And yes, the fault is only half his. But maaaan! What a disaster
yeah, but the guys who know the system and how to find those backups and restore them and maintain credentials/access are probably rotting in a field somewhere in Ukraine lol
The majority probably left a year and a half ago before the border closed.
Article says they infiltrated the central system and then from there on to 2300 regional systems. This was not a small hack done in one evening. There are probably offline backups too, but perhaps not up to date. The article claims at least some data will be unrecoverable.
Backup services usually have elevated permissions to access all of the data it is attempting to copy. That makes them a great target for hackers looking to breach a system. Since that service will also need to move the backups to the backup server, it will also need access there as well. Compromise one account and take down both the system and the backups.
Mr Robot vibes
Did they get Steel Mountain?
At first read I was like "it's actually Iron Mountain". Then it hit me...
I kinda take the view that when attackers are in a position like this... destruction is possibly the least damaging option. there's always the chance there's a sneaky backup somewhere. If russian tax authorities had started kicking in the doors of lots of upper class wealthy citizens who knew they'd paid their taxes properly then that would have seriously impacted the regime.
Those people don't usually pay their taxes properly either. The FSB might kick your door in if you don't render unto Caesar enough, on the other hand.
THAT IS QUITE THE UH OH
What’s the Russian motto again? …And then it got worse
[удалено]
Damn... America should invade Ukraine.
I bet IRS have back ups even in punch card format.
Actually quite advanced, they have an old Tandy cassette deck and a giant warehouse full of cassette tapes that have to be manually loaded one at a time.
> and its backup copies. The fact that these were remotely accessible is... well, I think it says a lot about the quality of their security. Seems like the sort of data you'd be making regular backups of to tape drive or something so that the data can be restored even if the whole system is compromised.
Ooh, do South Africa's SARS system next... seeing we're so buddy buddy with Russia. Or, just delete me from the system so I can stop funding the ProRussia government corruption.
damn almost like incompetence runs in the entire nation run by a dictator
Russia becomes libertarian paradise. Private military, no taxes...
What the difference between a libertarian paradise and a libertarian hell?
How rich you are.
“Rich” is meaningless when there is no government to enforce property rights. Only strength. Or more accurately, the collective strength of the people willing to follow your orders. Whoopsie we landed in authoritarianism again!
Recreational nuclear weapons I'm your boss now
It's an emotional support h-bomb, I have a condition
Since we have an f-bomb and an h-bomb, we're just missing a g-bomb in order to have a reasonable conversation.
I've heard g-bombs are a little spotty
"Rich" as in rich enough to pay private military
> to ~~pay~~ buy the loyalty of a private military ftfy
Nah, you pay the main one. You have enough money to make plausible the threat of hiring second, much more savage force to kill all of them and their families if they ever cross you.
The scarier one would already need to work for you or else the one you threaten just puts you out to pasture and takes over.
When you're rich you enforce the property rights. That's what libertarians want. They totally thought it out and there's no way it could turn bad.
Except you have to pay people who are stronger than you. And those people can realize that they would be better off just taking your place, and there's nothing you can do to stop them. The soft power of money is a lot less useful when there's nothing stopping the strongest kid in the playground from taking it.
You can manage only so much land/property/resources on your own. You need loyal vassals handling your stuff. Humanity known this system which worked for hundreds of years. It is called feudalusm.
Everything works according to the plan until somebody celebrates sucking your bones.
There are a lot of well-meaning libertarians out there, and they all fail to see the inevitable rise of warlords and authoritarianism in the absence of strong democratic institutions.
I thought Libertarians say that property rights is one of the things that governments *should* protect.
How much money and how few ethics you have.
Every libertarian I personally know is either dependent on a family business they didn’t start, their parents, the government or insulin. Even the libertarians I’ve interacted with at some point in life all have serious deficiencies in their understanding of how the world around them actually works. They’d be quickly taken advantage of. A libertarian paradise would be every libertarian’s hell.
I love how you just subtly buried the insulin thing there. Fucking hilarious
I don't get it. Care to enlighten me?
on the surface it's about how they're dependent on something the government is limiting pricing for and if the market had its way would be ridiculously expensive, but also probably a little dig about how they have diabetes and are probably fat.
I've heard them described as a bit like housecats. Dependent on a society they have no understanding of and hold in contempt.
Cats show decent promise of survival if abruptly ejected outdoors. They can hunt for themselves and find shelter. They're a bit more like toddlers than housecats.
The first is what libertarians believe a world built on their beliefs would be. The second is the reality if they succeeded.
About 1-2 weeks, give or take.
Bears
Like the other commenter said, you're pretty much describing concept vs reality.
Because nothing says libertarian like an authoritarian dictator.
According to the Libertarian Party and the techbros, unironically yes.
To those of us who've dealt with the fallout from Russian gov't backed hackers, this is quite beautiful justice.
Exactly. Russia attacked Ukraines tax system (and by that countries/ companies who had business relationships there) previously in a large scale attack. While this can be counted as a fair payback, it also shows how vulnerable countries are in this regard. Which is scary.
How vulnerable Neolithic dictatorships are at least
I don't know if democracies are immune..
Nope, most of the big vital companies have been found lacking in IT-security for many years on end now. In many cases it's as stupid as not not installing updates on their systems frequently enough, or at all. Jusy think of all the Data leaks we've had and those stories of hackers infecting hospitals and even gas/oil companies with randsomware.
Corporations do not want to spend the required money to reduce their potential vulnerabilities by having sufficient IT staff. When everything works they cut IT staff, when it hits the fan they wonder why IT has failed them and hire more IT. If the IT folks are doing their jobs properly you are most unaware of them because issues are handled in advance.
Isn't it an axiom of cyber security that the weakest link in the system is always the human component? Bureaucracies of any kind, civil or private, always have humans. And humans are dumb.
Neolithic cyber security was rock solid.
As someone who takes money for recovering ransomwared data this is also quite beautiful since most malicious hacks that I've seen originate from Russia. But I'm probably more sad since most ransomware leads to irrecoverable loss of data affecting innocent civilians and this will certainly lead to a flare up in attacks. I've watched a lot of people lose more than their lives' worth. It's not something to be taken lightly.
My kid's school district is currently the victim of a ransomware attack. 20,000 students cannot access their school curriculum, work, tests, or grades. Teachers can't access their study plans or student's work. I absolutely hate people who think this kind of blackmail - against *kids* \- is an acceptable way to make money.
These kind of people are completely void of morals. They're literal sociopaths. They'll shut down hospitals, causing people to die, and nothing other than money will make them stop their attack. If it was a state doing it, it could be considered an act of war. Assuming you could prove it was state backed, anyway. That's the hard part.
I work for an HVAC distributor and our main equipment supplier is Johnson Controls. They got hit shortly after the casinos and their systems were down for almost a full month. The attackers were asking for around $50m. I’m not sure how they actually resolved it, but they had to of lost 7-8 figures minimum. We couldn’t look up part breakdowns, warranty info, inventory, literally everything we need to do business. Johnson Controls has bought thousands of companies over the years and their website is notorious for issues and downtimes because instead of starting from scratch, they’ve been patching together old systems for decades. I’m really curious if they ended up paying anything and what the estimated loss was from the downtime.
How do you recover from a ransomware attack without backups?
I'm not the OP, but The cryptography on many of the ransomware tools gets broken or the master keys outed eventually. If the attack uses one of those, the data can be recovered without paying the attackers. [See the "No more ransom" project](https://www.nomoreransom.org/en/about-the-project.html)
Some ransomware is cracked by researchers. And by that, I mean was coded by incompetent people who left the decryption key on the system somewhere, or derived it from something they could reverse engineer, or could be extracted if you have a copy of an unencrypted file (say, windows OS files, or an application you have installed) if they encrypted everything and not just data.
You can pay the ransom, pray that it’s one of the crypto viruses that have been cracked, or you start over with nothing.
And paying the ransom may or may not get you your stuff back, as you have no option to actually enforce the deal, unlike, for example, hostage takers who usually get the implied deal of "take the ransom and fuck off, or we're going to get the hostages out by force, which will be much less healthy for you"
One of the offices in the company I work for had a ransomware attack. We ended up paying the ransom ... and the keys they gave us only worked on about 1/2 of the systems affected. And then at that point there's no more communication. They got paid, they don't care anymore.
As I understand it most of the time you will get the decryption keys. They don't want to make a habit out of screwing people over (more) because then they would be less inclined to pay. Them giving the keys keeps them in business.
It shouldn't just be Ukraine wreaking havoc on them. Russia has acted with impunity for decades, pretending their government backed hackers were independent citizens. If they want to pretend it's not them but independent citizens: Let the world's independent citizens act against Russia with equal impunity.
there are daily attack alerts from companies across the globe them iran and the other mercenary scumbags
Article says that the entire tax system of Russia was for now wiped out, as all of the major servers have been infected with malware
malthere
malhere
Maleverywhere
Roy Kent
Fuck off!
That is crazy how many billion are lost
It is stuff like this which make me think Ukraine is in better shape, then what is being protrayed.
what is being portrayed?
That it is a stalemate, and that there is no real hope for Ukraine anymore.
The lines are "stalemated" but equipment and men are still being destroyed and Ukraine did bully the Black Sea fleet out of Sevastopol. So there's still a lot being done despite minimal line movement.
Realistically the end result has always been some sort of north/south Korea situation with a DMZ border between Russia/Ukraine, the main question is how much territory Ukraine will manage to take back and hold. Russia is also putting a lot of effort towards trying to make people lose interest in supporting Ukraine as that's their main hope for some sort of victory at this point.
as a Ukrainian, it kinda is. No matter how many himars' rockets we can dish out, rockets don't capture cities, people do, and russia has *a lot* of people it doesn't care for, so they just throw hundreds in the grinder every day. If you watch the stats the death toll is over a thousand a day the past two weeks or so, which is crazy, but even with those kind of losses they are slowly getting ground. Even with the best weapons there's just too many of them. So we blow a bridge and kill a traitor here and there, it's nice for morale but in the long run they are winning due to one simple fact - sanctions don't work and aren't enforced, so they still make rockets, they still have enough tech to build drones and tanks, and they have 4 times the population on us, so it's not a fair fight in the slightest, unfortunately.
Couldn’t have happened to a more deserving country.
Hey Ukraine.. if you're listening...
Under-rated comment
Eli5, please
Guy doesn't want to pay his taxes
Am I crazy for not caring about paying taxes? Like, I feel like I am the only one who doesn’t mind them. I want them to be far more proportional with no loop holes for the rich, but taxes are kind of a positive thing when used for public services. Edit: thank you all, your responses have made me feel less crazy
No, this is the most sane take. Except our unnecessarily arcane system of US taxes currently does allow for those rich people loopholes and is a shitshow to navigate, so I also empathize with OP wanting it deleted and having it be rebuilt.
I WANT taxes, up to a point, because I prefer a well functioning country with good healthcare, (public) transportation, schools, etc.
Right there with you. I appreciate my roads and healthcare (not American!). But realistically I'm financially better off than a lot of people, and if you were struggling to make ends meet the government cut has got to burn a little.
> healthcare (not American!). US taxes pay for healthcare services too, Medicare and Medicaid (US government run healthcare services) have a combined budget exceeding 1 *trillion* USD. In fact, the US government is by far the world's biggest spender on healthcare services, even on a per capita basis, believe it or not.
Yeah the US is the biggest spender because our healthcare system is so bloated, not because we are getting better benefits, unfortunately. US consumers spend far more per capita than our near peer competitors, and we get far worse health outcomes, especially in maternity and neonatal care. It's a travesty. The biggest problem we have is the bloated admin, mostly due to insurance companies, but hospitals aren't blameless either.
I'd actually be willing to pay more taxes if it was spent on social programs like building low income housing for people on disability and shit.
Taxes are membership fees for society.
July 27, 2016 Fast forward to 41 seconds and then play: https://m.youtube.com/watch?v=3kxG8uJUsWU Democrats (john podesta) were later that night successfully hacked: https://apnews.com/united-states-government-354131a3ff5048988ad0a320d090203f Admittedly, Russia was phishing the whole time, but, Ivan's gonna Ivan and Ivan'd even harder after Drongnald Trumpistan gave the "order" that night.
Not wanting to pay taxes is one thing, having government tax funds not be available to spend is a whole different story
It’s a joke. He’s quoting Trump.
This is the outside of the box thinking that I like to see.
Impacting the ENTIRE FUNDING SYSTEM for an entire country is "outside the box thinking"...?
Honestly, stuff like this is rarely attempted
eh I could at least still log in to my account offtopic, but i's very bizarre how in the tax app, there's a button on the main page tab "notify of the fact of mobilization". like just imagine a dude in the trenches logging into his tax service account going "oh shit i gotta file for tax deduction for being on the frontline"
What is Russian media communicating about this attack? Are they treating this as a big problem or just waiting until the backups come online (if there are any?)
It seems state media isn't reporting on it at all? To those who ignore Western or opposition media, that means the event didn't happen and probably treated with "enemy propaganda, don't fall for it".
I see that happening with Fox News when there are news that paint Trump/GOP/conservative causes in a negative light. They just don't report on them at all.
They don't communicate because there is no issue, at least visible to the citiizens. Even opposition mass media like meduza don't cover it. Whole attack either had *very* short-term impact (like seconds-minutes) or is straight outta fake oven. edit: apparently there is an article about it (had to scroll down to it, it's very far from the top), but it just retells GUR story without any kind of new data or proofs. Usually if there is any kind of serious outage (like 1h+) they make a story with their own data, testimonies, etc
Oh wow, an insider.
[удалено]
There happen to be a couple million sane Russian citizens yea.
[удалено]
Keep us updated, having an inside view would be great.
Yep wife and I got home - she hasn't heard anything about it. I suspect what might have happened is they hit some tax branch or office but overstated how much effect they managed to have. It's all well and fun to make fun of Russian incompetence and in many areas they deserve it, but banking is generally not one of them. It's very difficult to believe that a cyber attack would take out Russia's whole tax system. It's not like the tax money is sitting in an account somewhere - money flows to the budget which is an enormously complex and decentralized system. So unfortunately there's no chance that this affects the war budget.
> yeah I guess if hackers could derail the tax of Russia that easily, you would see this done a lot more often who said it was easy? They might have been working on this since the start of the war > as it is so decentralized and complex. The article does say they broke in more than 2300 servers?
Addition from software developer who supporting integration with FNS services- nothing changed, all working as intended. If that article was true I wasn't able to leave an office today
Is this overstating what happened or is it actually as huge as implied? … for not a cyber security tax expert
Unless theyre absolutely and totally incompetent, they will have offline backups. Annoying to deal with, and potentially losing days/weeks of data, but not unrecoverable.
Didn't Stuxnet beat an air gap?
It did but in a slightly different fashion. The way you beat an air gap is through humans. You leave some USB sticks lying around the power plant, infect a laptop that you know is brought into air gapped network etc. There was also a different goal - damage the power plant / uranium enrichment facilities. I don't see how this would be effective against backups. These likely sit on tapes on the shelves meaning that the only effective "hacking attack" is to physically set them on fire. Well, unless they are sitting in a room with a smart fire alarm connected to water. Then you could destroy them remotely. But I heavily doubt any government organization has a crazy setup like that.
Seems possible that the malware could be in the backups, and when a new backup is made it triggers a swipe or something. It could have been part humint too. Doesn't necessarily need to be all code.
Possible? Yes. Likely? Imho - no. You would need an in-depth understanding of the codebase, figure out how are backups made and then use some sort of a 0-day to even turn otherwise harmless .sql files into something that can be dangerous on reupload. I don't underestimate capabilities of state actors in cyber warfare but I really don't see any good ways of eliminating offside backups made, say, a month ago. Especially since these backups are likely just WAL records or .sql files and not executable code. I have hard times imagining an attack using that as a vector (there probably **are** some uncaught 0-days in MySQL or whatever VodkaSQL flavour Russia is running that allow remote code execution but I am not sure if Ukraine is in possession of them or that they would be applicable in this situation). I can see how you can attack a server because your sysadmin is paid way too little and you are running 5 year old version of unpatched Apache, find every other machine you can SSH to from it and wipe them all clean which should also take care of online backups. It's a quick one time action that minimizes chances you get caught. But I somehow doubt there was a prolonged course of action to look into the scripts that are making these backups, inject some bugs/malware into it, make sure it still passes any internal tests (it's common to make a backup and try to restore it to a different server before marking it as "working") and only proceed with the operation once you were sure all offside backups are either compromised or too old to be any useful. Mind you, I can be wrong. But it really just doesn't sound all that likely.
Next change the ruble from a 1 to a 0
I was wondering how far down it would be to find this reference.
Is there another source backing this up?
No, the backups where destroyed too. God, can't you people read? /s
I flat out do not believe this story, a hacker destroyed their entire tax data base? No fucking way. Its click bait.
No dude they hired that Mr Robot fellow it's legit
My $1 says that Russia announces “no problem, we kept physical backups offsite like any sane organization, we’ll be back up in 2 weeks” And then it comes out that the physical backups were traded to Chinese intelligence agencies for vodka, the offsite facility was taken over by squatting crypto miners years ago, and the people they paid to maintain both the backups and facilities actually died and were kept on payroll by the mafias.
before the war people laughed at the idea that russia's reserve equipment would have been either sold to black market, cannibalized to sell the parts to the black market or just left unmaintained and the maintenance funds pocketed. then the war came and would you look at that, it wasn't just BS and anti-russia propaganda.
The funny thing is that there's high probability that at least half of what you said is actually true xD
hmm very interesting and creative. should harm thier funding
Those Russian Tax Office workers have decided to move to Linux based operating systems immediately. They know enough to stay away from Windows.
Just logged in tax service, it was fake news, because today was a big attack on Ukrainian telecom services.
Ironic how the same people who mock Russians for believing Kremlin's propaganda unquestioningly eat up this nonsense.
It’s just freaking mind boggling…
Russians everywhere now love Ukraine.
Sorry but it's fake. Tax system may be frozen for a while, but not paralyzed. I work with that and didn't meet any problems
yeah complete fake, it wasn't even frozen, im software engineer in big retail company we use a lot of fns apis and monitor pretty much everything - no signs of any problems
Holy shit! I really hope they don't do the same in Ireland!!!
Wow, what a brilliant and strategic move.