Monday, October 3, 2016

Investigation Into the Downing of Malaysian MH17 and Potential Cyber Connections

Newly published findings by the Joint Investigative Team (JIT: includes members from Australia, Belgium, Malaysia, the Netherlands and Ukraine) shows that Russian BUK SAM shot down Malaysian MH17 in 2014.

The investigation found that the BUK-TELAR crew travelled to the territory in Eastern Ukraine controlled by pro-Russian forces, shot down the passenger liner, and travelled back to Russia.

The JIT identified approximately 100 people who can be linked to the downing of MH17 or the transport of the BUK-TELAR. As of this writing, the individuals have not been publicly identified.

The Cyber connections?
  • Russian APT28 (Fancy Bear) was trying to hack researchers investigating the MH17 catastrophe. Bellingcat, another group of researchers sourcing JIT, was compromised and defaced by CyberBerkut hackers also likely tied to Russia.

  • Future cyber activity is also likely: the JIT found the Russian military directly involved in the shooting down of the passenger plane. This will likely lead to new personalized, and possibly broader, sanctions which may, in turn, lead to retaliatory cyberattacks from Russia. While this case directly doesn't involve the US, the instability caused by cyberattacks in Europe and Australia will likely affect the US to some extent.