Always strive to learn something useful. --Sophocles

Oh, dear! Now that the kids have seen the big city, you can't get them back to the farm!

Let's take a look at some parameters here. Not all people in NK - military or civilian - believe all the propaganda crap that is fire-hosed at them. But they know trying to escape is certain death. So you're in the army, and your unit is shipped off to Russia. You're no longer under constant watch from NK handlers, so what the hell!

At least 18 NK troops have defected in the Kursk region where the Russians were trying to form up a battalion where the Ukrainians forces have invaded Russia and have been having all sorts of fun attacking fuel and ammunition depots. Additionally, nine or so NK officers have been seriously injured or killed, several have been air-lifted to Moscow for treatment.

In June, Russia and North Korea signed a mutual defense pact with a clause akin to NATO's Article 5, NK is now supplying troops in addition to the weapons and munitions that they've shipped over.

https://www.newsweek.com/north-korean-troops-deserting-ukraine-frontline-hours-after-arrival-report-1969726

The Eastern Orthodox Church is pretty much hand in hand with Putin et al, and they're now, through media, telling people that soldiers who suffered fatal wounds are being resurrected on the battlefield in hopes that this will spur enlistment.

Estimates are that Russia has suffered between 300,000 to 450,000 soldiers lost in battle in Ukraine.

I'm really hoping the Russian people are smarter than this.

https://www.thedailybeast.com/panicked-russia-is-now-telling-reluctant-soldiers-they-will-be-resurrected

In the last twelve months, twice Russia has had leaks on Soyuz space craft radiators, resulting in them dumping all of their coolant into space.

Well, it's happened again.

In this case, it's their Nauka science module, and an unused coolant loop. That is to say, a coolant loop that is not currently in use, it's planned for use with future experiments. Something happened and it has or is in the process of dumping all its coolant.

The two Soyuz leaks were blamed on micrometeorite impacts, what will take the blame for the Nauka leak? One micrometeorite? Okay, plausible. Two? When nothing has damaged any of the American equipment in similar fashion? Why don't we instead talk about the terrible state of the Russian space program: the funding cuts, the very low morale, the poor quality control.

I think you might find a lot of micrometeorite accumulation if you looked there.

https://arstechnica.com/space/2023/10/for-the-third-time-in-a-year-russian-hardware-on-the-space-station-is-leaking/

While on the surface it's over, there's going to be lots going on for some time.

I vaguely heard about Russia wanting to get all its 'contractor' military units under the unified Russian command, i.e. absorb them into the regular army. This included Wagner. Which would essentially cause the organization to cease to exist. Bad news for them.

Several things are happening right now. First and foremost, Prighozin has called off the advance on Moscow, and is leaving Russia! He's going to Belarus, after having spent most of the day in talks with Lukashenko. Now, will he be safe there? Belarus has effectively been a transit point for most of the Russian military invading Ukraine. While I would expect Yevgeny to have a small armed guard, I don't think he's going to be allowed to keep a large armed guard. I believe he'll be vulnerable to assassination, especially in a country like Belarus. Whether he gets poisoned with a nerve agent or he throws himself out a high window, we shall see.

Prighozin's men have left Rostov, completely pulled out. I wonder if they absconded with any goodies from the military yards? Supposedly they were informed that Chechen fighters were coming to kick them out. Personally, I would have loved to have seen that fight. The Chechens are nasty, but honestly I don't know how good they are: as vaunted as they are, they suffered pretty high casualties in Ukraine. They're highly rated for committing atrocities on civilians, pretty much following Russian policy.

Russia also has some serious highway maintenance to do - they pulled out heavy earth-moving equipment and badly damaged the highway that lead to Moscow to make it harder for the Wagner forces to make their final push, which didn't happen.

Putin allegedly fled Moscow, according to tracking of the transponder on his private aircraft. Personally, I doubt he left, or if he did, that he left in that fashion. He also has seven armored and armed trains that he frequently uses to move around the country, they're almost indistinguishable from normal trains. He's been using those almost exclusively since the invasion began. I expect the plane was a decoy because he knows Wagner has aircraft and anti-air weapons. Putin was probably not far from his underground train platform, but I doubt he left Moscow, certainly not as early as his plane was reported leaving.

Wagner soldiers are being told that they can sign contracts with the Russian military. The big question, of course, is how many will do this. I doubt they're going to be too keen on fighting in the human wave style that the Russians have been practicing, and if they refuse to take orders, will it be the former Wagner soldiers shooting the Russian commanders - i.e. mutiny - or vice-versa?

There's also the issue of Wagner's operations in other countries. They have a large number of soldiers throughout Africa causing trouble on behalf of despots and despot-wannabees. Will this be a more or less formal declaration that Russia is involved in war in these countries? That's the convenient thing about mercenary armies, the Rodina can keep its hands apparently clean and say they are not involved. Well, things are going to get a bit more complicated. I think another likely scenario is some of the larger and better units just take their weapons, leave, and start up their own mercenary companies. Excuse me, Private Military Contractors.

Meanwhile, as I said previously, this is an excellent opportunity for the Ukrainian armed forces to press hard on the Russians and hopefully take back territory. They have just suffered both a loss of manpower and equipment with the Wagner forces leaving, and chaos/disruption with not only their leaving, but there will probably be a morale problem with some of those same forces coming back and being integrated into existing units.

IMO, if Prighozin stays in Belarus, he won't see the end of the year. One way or another he'll be dead. His best hope for survival is to get to an American embassy or military base and defect to the USA. And the Russians have apparently assassinated political enemies in the continental USA before, but I think that's his best odds.

Again, the regularly-updating BBC news feed on the situation:
https://www.bbc.com/news/live/world-europe-66006142

Guess what! They're developing severe radiation sickness and related problems!

This obviously comes as no surprise to a lot of people. Russet and I were discussing it. Chernobyl popped its top - literally! - THIRTY-SEVEN YEARS AGO! People under 30, meaning most of the people in the invading Russian Army and probably their direct commanders, weren't alive back then! And with Russian news suppression, it's probably not well-known among them. I can understand them not taking it seriously, whereas a 50 y/o might actually remember it happening and know that digging there is bad juju.

This is yet another major thing to be laid at the feet of Putin and his lackies. A lot of these people are going to die in pretty horrible ways, and it didn't need to happen.

https://www.independent.co.uk/news/world/europe/red-forest-chernobyl-radiation-sickness-b2330067.html

https://tech.slashdot.org/story/23/04/30/2153204/russian-forces-suffer-radiation-sickness-after-digging-trenches-and-fishing-in-chernobyl

It's an interesting attack. Once infected, the malware sits there. It contacts a control server and asks permission to attack. When permission is granted, it goes into the Windows Registry and makes changes to prevent Remote Desktop from contacting the computer, so remote administrators can't get into the PC and try to stop the attack. Pretty clever move, that. Then it stops database services so that databases are available. Normally database services lock their databases so those files can't be wiped, stopping the services make them vulnerable.

THEN the wiper launches! It poses as a ransomware attack, launching a pseudo-random number generator, overwriting the files with gibberish and giving them a .cry extension, thus it is now known as the Cry Wiper. The random gibberish makes it look like the file is encrypted, but analysis of the code reveals that it's a random number generator, meaning that even if you pay the demanded 0.5 Bitcoin ransom, you're never getting anything back.

It's common in ransomware attacks to change the extension of the file so people can recognize that they've been compromised and the files are no longer what they were.

Another clever thing about this is that it automatically excludes program and system files: com, exe, dll, etc., so the computer will continue to run perfectly normally, but no data will survive. The articles that I've read don't mention if this will crawl across network shares or seek elevated access privileges, but they weren't very deep articles.

A similar program struck Ukraine earlier this year, probably launched by Russian hacker group(s).

No attribution to this attack has been found. Since no ransomware can be collected, even though a Bitcoin digital wallet is provided, that's probably a dead trail.

https://arstechnica.com/information-technology/2022/12/never-before-seen-malware-is-nuking-data-in-russias-courts-and-mayors-offices/

https://it.slashdot.org/story/22/12/03/0044234/new-crywiper-data-wiper-targets-russian-courts-mayors-offices

"The opponents of the letter Z must understand that they will not be spared. Everything is serious here: concentration camps, re-education, sterilization!”
-- prominent filmmaker and television host Karen Shakhnazarov, speaking on Russian state TV

SolarWinds provides network security appliances to corporations. And governments. And universities. These organizations depend on companies like SolarWinds because security is VERY hard and it helps to get outside help. You can take my word for it to a degree - I worked in IT for over three decades, and while I did not specifically work in computer/network security, I had enough exposure to it to understand what a huge, tiresome, endless, and thankless job it was. It was truly neverending. You never had enough money or resources, and you were always outnumbered by the baddies.

Now what happens when a company like SolarWinds gets hacked?

I guess the first thing to talk about would be the nature of the hack. Let's suppose an update that SolarWinds pushes out to all of their customers was compromised. Now, ALL of your customers are vulnerable to being infiltrated by the people who compromised SolarWinds.

Perhaps it was a nation-state who did it.

Perhaps Russia.

Let's take a look at who makes up SolarWinds customer list. Here's a listing from SolarWinds' web site:



Notice any familiar names there?

I thought not.

So basically, Russian hackers, some of which are largely synonymous with the Russian government, compromised pretty much the entirety of the United States Government. And the U.S. Military. And effectively the entirety of the S&P 500.

Yeah, and our President has poo-poohed Russian election interference and sucked up to Putin for how long?

https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-depts-hacked-through-solarwinds-compromise/

https://www.schneier.com/blog/archives/2020/12/another-massive-russian-hack-of-us-government-networks.html