Skip to main content

tv   [untitled]    July 2, 2024 9:00am-9:31am EEST

9:00 am
on the territory of our western partners. and it was good news from valery hryabikh. thank you for participating in our program. the 90th hour is approaching. this is the time when all of ukraine freezes for a minute in memory of those who died in this russian-ukrainian conflict. we will observe a moment of silence in memory of the ukrainian military and civilian citizens of ukraine who will die. in the war that was unleashed by russia.
9:01 am
ber is looking for a hacker who allegedly stole the action data, the ministry of digital says that the action was not hacked and the data was not stolen, so what happened and for... that the fbi offers 10 million dollars. orban today will be in kyiv, and this is the first time since the beginning of the full-scale invasion. western media write about it. what will hungary demand from ukraine? this is svoboda ranok, i'm kateryna nekrecha, and we're starting. so, the us federal bureau of investigation will pay $10 million for information about the hacker. the agency is looking for a 22-year-old russian, a native of the chechen republic, amin tymovych. stigala, he may
9:02 am
be involved in the alleged hacking of ukrainian state websites, in particular the diya digital services portal, and this happened the day before full-scale russian invasion of ukraine. the cyber attack at that time was called almost the largest in the history of ukraine. the wanted and reward notices, as well as the court order , were published by the official bodies of the usa and the fbi, according to the us attorney merrick garland, the wanted person colluded with the russian main intelligence. management, while working for the gru, amin stigall, pretending to be an ordinary cybercriminal, allegedly demanded $10,000 in cryptocurrency for the recovery of stolen data. the attacks struck, at least two dozen protected computers, including those of the ministry of foreign affairs, the state treasury, the ministry of energy and the state emergency service, the data of 13.5 million ukrainians after the alleged...
9:03 am
hacking of the action portal were allegedly placed for sale on the internet, but the real goal of the hackers there was the deletion of data and the disabling of computers of state authorities in ukraine. according to the indictment, stigall and his speech participants concealed their connections specifically with the russian government by pretending to be other people and using a computer network around the world, including in the united states. minstigl himself, according to... the us attorney general, cooperated with the russian special services since december 2020. the us prosecutor's office also accuses stigal of attacks on countries that supported ukraine after the start of the full-scale invasion. the transport infrastructure of one of the central european countries, which plays a key role in the delivery of aid to ukraine, came under attack. a us government agency in maryland was also attacked. i will remind you, on the night of january 13-14. in the 2nd year, hackers en masse
9:04 am
attacked ukrainian government websites, we are talking about the website of the government, individual ministries and even the diya portal. the security service then declared that there was no leakage of personal data. on the website of the ministry of foreign affairs and some others, you could see a message like the one you see on the screens, i quote: all your personal data has been uploaded to the public network. all data on the computer is destroyed, it is impossible to restore it, all information about you has become public, fight. and wait for the worst, it was published in ukrainian, russian and polish. joins our broadcast konstantin corson, expert on cyber security. congratulations, congratulations mr. kostyantyn, thank you for joining, i will immediately tell the viewers who are not familiar with you that you write and talk a lot about work, actions and criticize this service as unreliable, you also criticize the ministry of statistics, this is important for our viewers to know. thank you for joining our broadcast. congratulations, and the news about... ber and the actions flew all over
9:05 am
the ukrainian media, the public, social networks, a lot is said, written, commented about it, in your opinion, the data of ukrainians is in danger, definitely, definitely. noisily, i firmly declare that in the personal data protection system does not work for ukraine and the biggest threat to it is the so-called state applications, this is an action, this is a reserve plus and an army plus will also be implemented according to the same scheme, this is what i tried to convey to society in january 22 , that the action was criticized by people, well, for this there is a lot to... it was then, but the ministry officially denied it, called me a liar, all services, accordingly, even the sbu , it turns out, denied just a fact, an obvious fact, well that is, there is specifically, if they were good at communication, they would know how
9:06 am
to communicate in crisis situations, there is a whole science on this matter, and a bunch of different consultants and even companies that teach crisis communications, what... to do, in particular in the case of a large-scale hack, well, that is, if such specialists work in banks, banks regularly are subject to attacks, not always successful and, let's say, rarely, increasingly rare and successful, but less so, and with kyivstar we had a situation in december last year, and there it was not ideal, but still they communicated more or less decently , they immediately recognized, well, because it was not... possible to deny, everything is too obvious. in the case of the action, two years have passed, 2.5 years have passed, as the ministry, personally minister fedorov denied the very fact of hacking actions and downloading
9:07 am
personal data, but now it has become clear, well, if we believe american institutions, and the us attorney general, the fbi , the ministry. the us justice department, as well as the wall street journal and usa today, well, i tend to trust ukrainian, american institutions more than ukrainian ones. well, then it turns out that we are just 2.5 years old lied, and if so, then maybe we were lied to in something else? konstantin, we turned to the ministry of statistics for a comment, invited them, of course, to get involved, they gave us a written comment, we will tell the audience about it in more detail later, and in mintsy. we were assured that there was no data leakage from the operation, and i quote the written answer of the first deputy minister of digital transformation oleksiy vyskuba. he says the following: in the fbi case file , there is no information specifically about the hacking action, the person who appears in the case in the 22nd year, in the darknet posted a database under the guise of data from the action,
9:08 am
it was discovered immediately by the ukrainian special services, so materials were purchased and analyzed, the action portal at that time had only 1.5 million users, experts studied the materials in detail. the russians, and the russians did it, indeed, they knew that the operation was vulnerable, they knew that our menciphers were weak, weak in communications, and they broke them, and they russians were calculating, they are not stupid, in fact, unfortunately. we have a serious opponent, more developed in cyber relations than us, so they calculated all this and they immediately put out a sample, it was, well, that is a piece of the base, and several thousand real live recordings, i understand, put out the most delicious, the most relevant, but
9:09 am
this frisivilian who appears, well nick, nick he had the nickname frisivilian there, which was announced. for which they give 10 million, he put this one free for everyone, yes, there was absolutely no need to buy anything there, well, that is, the entire base could be bought, but he put there, it seems, 15 00 records, and there are many people they went there, downloaded, found themselves, some said, well, they understood that it was only due to the action, because he got passports there 3-5 months ago, nowhere but... he didn't register, he didn't have time, it was banal, and there were other examples, people there changed the place of registration a month before the downpour, and re-registered the car two months before the downpour, and all this was in a fresh database, that is
9:10 am
, it is possible that there is such a practice in dartnet to increase the number of records, to mix old compiled non-neadek ones with them there. already outdated records, well, such garbage, already garbage to supplement, you know, as for weight to increase the selling price, but what was laid out in the without ... precious access to those 15 00 records, and they were definitely fresh, definitely relevant and definitely from the action, and later even started the details appear, how exactly the hacks work through one of its contractors, who did not take much care of their security, this method has long been known for a long time, it is called a supply chain attack, i.e. through the supply network, that's it, and more. there were technical various details that indicate that this is really an action and nothing there
9:11 am
it was not particularly necessary to buy. ugh. konstantin, you criticize ukrainian, and here in this matter information security, but according to the indictment of the usa, as you mentioned, you trust the usa more, steagall and his members, from this language, they actually broke not only ukrainian, there we they tried to break into departments and computers, as well as ukraine. partners of ukraine, and in the same way they attacked the computers of the us departments there as well, that is, how powerful was the attack in your opinion, which according to the fbi, it it turns out, it was controlled by the gru, and, that is , it happened not without the russian state, and here , how protected are the data of ukraine’s western partner countries, including the usa, when such an attack is being prepared, well, i’m talking about what... and in ukraine there are problems in this matter, and the ukrainians are worried about it for a reason, but
9:12 am
we can see that they also attacked the computers and departments of the united states directly, so the attack was so full-scale that some even call it the beginning of the invasion, it was january 22 -th year, and there is land the invasion began, we only know on february 24, and... really, the fact is that the so-called russian cyber gangs, that is , the cyber army, they started preparing for this at the beginning of the zero, really in the 2000s, they began to form this the current mix of fsb officers and cybercriminals, and it's a very powerful organization, very large in fact, very well funded and organized in fact. organized, we still don't have cyber armies, we still have scattered national
9:13 am
cyber security efforts, we don't have a single coordination body, they have everything clear, and already for 10-15 years, that is, they had time and resources and a clear task, they understood what they needed, they were going to the goal, they were preparing attacks and hope, and not really 10 yet, and more than 100 government institutions were attacked. and well , in january and february, i.e., it was toned down a little, and accordingly , our partners and western countries are constantly, regularly attacking the governments of all western countries that are not friendly to russia, american institutions are constantly suffering from cyber attacks, there, too, even in the states and in advanced democracies, there are many problems with cyber security, many. the russians use this, and they have been preparing for a long time, they hit weak points, they are very organized, and
9:14 am
accordingly they have been preparing for this for a long time, well, it seems that such an attack of such a scale, i think, this preparation took at least six months, no less, because kostyantina, this is an interesting moment and that this preparation lasted for a long time, as stated in the investigation, that the real goal of the hackers was to delete data and disable the computers of state authorities in ukraine. but this did not happen, so does this mean that this attack failed after all, that in ukraine they are working to protect their data? and yes, i think that the sabotage is such that it will bring everything out of order, it would be ideal for the russians, but they did not succeed, it did not succeed, and it did not succeed, it is not thanks to the contradictions, rather, we have somewhere... synchronized different systems, that is , literally every department has its own
9:15 am
little town regarding the website, regarding mail, regarding electronic communications. we do not have a single system with a single master what brain, where you can penetrate and paralyze everything. unfortunately, and fortunately it turned out in this case, we are not digitalized enough, centralized enough, i would say so, but many measures are being taken now. to centralize, so that from the point of view of cyber security it is wrong, it is necessary to decentralize, that is, but to do it correctly, we have outdated technologies there, there are some broken... applications, well, why did it end up there, what are the information systems made of, they themselves are barely pops hold, it is not so easy to fill them up it's difficult, but the fact is that what was insufficient was that there is no physical and technical possibility to destroy and delete the data,
9:16 am
that is, there are some safeguards, because we still have the president's website and the website. the supreme council and the website of the security service, well, sometimes there are problems there, but they are still some lessons being learned, konstantina, and the lessons, if you can be brief, because we have to finish, and the lessons are being studied in this direction, for example, regarding the army plus and reserve applications plus, what could be the danger here, now we understand that with the requirement of the new law on mobilization, it is necessary to register there in the same reserve, plus in these applications, and in general, what can you say, how to evaluate? these applications have been working for a while now, haven't they? and yes, i published several posts regarding my reservations and my fears in this regard, but to be very brief, some lessons are learned, but they are learned thanks to such public announcements, and if there is a wide discussion in
9:17 am
society, of some problems, then they slowly correct themselves, not always that's right, not always quickly, but... slowly, little by little, it's getting better, but i don't like this style of work at all, it's unprofessional, that is, you know, like a fire, we'll put it out, put it out, and if there's no fire, then we won't , and according to this scheme , the application was working, with so approximately on the fly , a reserve was created very quickly and very poorly, plus, in both cases, without respect for personal data, without consent, without , well, in violation of european law ... would simply ban them, our system simply does not work protection of personal data, i think that according to this scheme , the army plus will have approximately the same problems. and there are risks that these data could somehow get into the hands of russia, if possible, in your opinion briefly? these risks are not zero, let's say, they are always there
9:18 am
for any application. ugh, thank you , konstantin, for participating and expressing your opinion. well, not everything is so bad in places, as i also understood from your comments, we will continue this topic. kostyantyn korsun, an expert on cyber security, was a guest of svoboda ranok. as i said, we applied when were preparing this broadcast to the ministry of digital transformation to ask about the probable hacking of the diya portal, which could have happened on the eve of a full-scale invasion, and also to find out how protected the data of ukrainians on the portal are, the representatives of the ministry of digital transformation were not able to participate in the broadcast, but they gave us written answers. first for: deputy minister of digital transformation oleksiy vyskup told rfe/rl that cyberattacks have become more frequent since the beginning of the invasion. in total, since february 24, russia has carried out more than 600 cyber attacks on ukraine, most of them fell on authorities, the security and defense sector, the commercial sector, transport, telecommunications services, it, financial and energy sectors. the ministry of statistics assures that a mass leak of ukrainian data is impossible.
9:19 am
first, the action is built on the principle of data in transit. this means that the action does not accumulate personal data, but only displays user data from the relevant registers, which prevents a mass data leak as such. secondly, we constantly work on the security of the application by conducting various audits and contests for buckbounty hackers. the specified audits and tenders did not reveal critical vulnerabilities of the system. the response also states that the ukrainian special services immediately detected an attempt to hack into the diya portal. at that time, there were only 1.5 million users, experts studied the materials in detail and found that 13 million data is a compilation of various databases that were merged much earlier from private companies. volodymyr aryv, people's deputy of ukraine and member of the committee on digital transformation volodymyr, congratulations, thank you for joining. good morning. you are in the profile
9:20 am
committee, it is important for our conversation. do you think the data from the action is securely protected? i believe that all the comments of experts regarding the security of our registers in general have not been fully used by the relevant authorities, in particular the ministry of digital affairs and other structures, in particular the state intelligence service and others, which are responsible for the security of data, in this case is taken faster by developing speed faster. and not quality the development of those applications and services, which are then used by ukrainians, which they use to... their personal data, and in this case here we always see rather superficial answers from the ministry of digital transformation that what do you
9:21 am
understand there, everything is actually very good , we 're testing here, we 're developing everything right here, but you don't understand anything here at all, so it's better to just take our word for it, but when you read information from serious publications, including usa today, about... that data was leaked, well, they were poured from, and if you just answer about what and there, probably from old registers, or taken from somewhere, it is not known from where, this is not an answer, here a serious internal investigation is needed to establish all channels of data fusion, is this an action, was it really in circumvention of the action, is it a complex, complex work of hackers who are now... wanted by the united states of america and $10 million is quite a large amount for the amount of the reward for finding
9:22 am
a suspect in a cybercrime, so i suggested that as at least for the committee meeting, then the minister came digital transformation, but at the moment i don't know whether we will be able to see it or not, government officials in general ... when it is a fashion not to come to parliamentarians and treat it as a waste of time, which in principle undermines the very essence of parliamentary control, which are embedded in the constitution, have seen such examples, but was there an official invitation from your committee, including from the deputies to mr. fedorov, to come to the verkhovna rada or to the committee. i offered to send an invitation to the chairman committee in this case, i do not have information whether he sent such an invitation, uh, but look, well, i will once again repeat what we said in the answer from the ministry of digital, that experts
9:23 am
studied the materials in detail, found that 13 million data - this is a compilation of various databases that were merged much earlier and specifically from private companies, that is, this is the answer, well, mr. corson got involved and said that the data was merged, in fact, as you mentioned, they are more calm there , so to speak, reacting to it , and whether you, as a people's deputy... act and whether there is, well, at least what are the arguments of the ministry of statistics for you? well, let's say that they act on you and you still trust the ukrainian state in this matter and the department that is directly responsible for it? i don't use action, this is the first answer, i didn't register there at all, i didn't register, and if i need to, i definitely enter action from a desktop computer, but... i don't have the action application in my mobile phone, that is, that's why , that you do not trust the application, but i understand you correctly, you understand correctly that i, knowing how
9:24 am
this system works, i understand that it allows access to data, those that i would not want to share with outsiders, this is one thing, and secondly, i believe that the state in this case did not conduct any serious investigation into cybercrimes, and in general , we have a problem with cybercrime investigations, it is, well, at a fairly low level, there are problems, and the investigations are at a fairly low level, it affects many aspects, from ... system, so there has not been a serious
9:25 am
investigation yet, it is clear that there is no trust, today we only have correspondence from the ministry of digital transformation and a very great reluctance to come and explain something in more detail and to the point, for example, in relation to the reserve plus application, which was developed on the ministry of digital transformation of the ministry of defense, the deputy minister came to the committee meeting because the conversation was very harsh, they even took offense at the fact that the deputies from the committee specialized in her activities behaved quite harshly, let's say yes, they asked extremely uncomfortable and unpleasant questions, but i... i believe that this is the essence of parliamentary control by specialized committees, that they should be naughty kittens, on the contrary, guard
9:26 am
tigers for... in order to protect state interests, because the executive power, which has no control, or control, if it is in the hands of the same power, then this is not control profanation, so in this case we must understand that trust will arise in the messages of the ministry of transformation when they are explained results are not easy in fact, when the ministry of transformation... will actively act in order to investigate cybercrimes and very stable and constantly inform about what is being done to ensure that there are no more data leaks, well, here is a conversation with a representative of the ministry of defense regarding reserve plus, and those awkward questions and answers that you received on them,
9:27 am
they accommodated you, again, do you use reserve plus yourself and do you recommend others to do so? i reserve plus reco use, but i still don't have mine exact information, who were the developers and in whose hands are the first codes, but since it was generally nonsense to us that an access program that has such a, let's say, a bridge between the user and... and the database of military conscription charms plus it the amulet, the reserve plus, was developed with the funds of a charitable foundation with roots in kryvyi rih , and the customer was actually a third organization, and we
9:28 am
never found out for sure who directly performed the work. not only that, the works were ordered 36 days before the introduction application, and as we were informed, the issue of security and security testing takes place during the operation of this application, that is, in principle, well, in fact, this application should be prepared in advance, well tested, because it is, after all, access to the database of all military personnel of ukraine , and then... launch it, but it is clear that no one is safe from hacking, but at least you could order this application in advance and do everything to ensure that its security level is high enough, and yes, thank you, mr. volodymyr , and it is clear your remark, indeed, we also talk about it a lot on radio liberty, so today we also talked about the action, the data leak, and the fbi investigation, and
9:29 am
of course we touched on the reserve plus... because this is a timely issue for ukrainians today. thank you for participating. volodymyr ariev, people's deputy of ukraine, was a guest of svoboda ranok. and then we will talk about ukraine's international partners or non-partners. well, orban unexpectedly goes to ukraine. already today , the ukrainian prime minister can come to the hungarian prime minister, i apologize to arrive in kyiv and meet there with the president of ukraine, volodymyr zelenskyi. this is reported by the financial publication. times, guardian, and refer to their sources in hungary. if this happens, it will be viktor orbán's first visit to ukraine since the start of the full-scale invasion, and it will take place the day after hungary took over the presidency of the european union. the guardian writes that the plans for the trip were made after achieving success in long negotiations on the rights of the hungarian language minorities of ukraine. they live,
9:30 am
the publication writes, in the extreme west of ukraine not far away. from the border of the two countries, transcarpathia is obviously meant. these agreements are to be announced today as a success, the publication quoted its unnamed source in budapest as saying. in general, informing about the plans of orbán's visit to ukraine, the guardian refers to three sources in the circle of the hungarian prime minister. in addition, this information was allegedly confirmed to the publication in kyiv. the ukrainian authorities did not officially announce orban's arrival, but there are already many there messages in various telegram channels associated with there. from the president that orban will come to kyiv, there is no information about that on the official resources of the prime minister of hungary. i will note that viktor orban, known for his consistent criticism and blocking of many initiatives of the european union to help ukraine in the war with russia, orban is called an ally of putin in the eu. the hungarian prime minister does not hide and is even proud of the fact that he continues the communication.

18 Views

info Stream Only

Uploaded by TV Archive on