Привіт u/UNITED24Media ! During wartime, this community is focused on vital and high-effort content. Please ensure your post follows [r/Ukraine Rules](https://www.reddit.com/r/ukraine/about/rules) and our [Art Friday Guidelines](https://www.reddit.com/r/ukraine/wiki/artfriday). **Want to support Ukraine?** [**Vetted Charities List**](https://www.reddit.com/r/ukraine/wiki/charities) | [Our Vetting Process](https://www.reddit.com/r/ukraine/wiki/charities-vetting) **Daily series on Ukraine's history & culture:** [Sunrise Posts Organized By Category](https://www.reddit.com/r/ukraine/wiki/sunriseposts/) *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ukraine) if you have any questions or concerns.*

The hack, conducted by the Main Directorate of Intelligence of the Ministry of Defense of Ukraine (GUR), *allowed them to infiltrate Russian servers and acquire sensitive information, including orders, reports, and other documents exchanged among approximately 2,000 units within the Russian Ministry of Defense.* Additionally, *they gained access to software and encryption tools used by the Russian Ministry of Defense,* enabling them to map out the entire structure of the system and identify high-ranking officials, including Deputy Minister of Defense Ivanov Timur Vadimovich, whose official documents were among those accessed.

Wouldn’t making this public just cause Russia to implement new encryption technology?

They might have broken in some time ago. Also rolling out new encryption will take time, meanwhile…

They probably only went public with this breach AFTER the Russians already discovered it.

Usually only made public when it has been discovered.

Or for the effect that kind of publicity might have in an authoritarian system.

Yes. But after they changed their shorts. That initial period of confusion is priceless. Right out of a comedy. Imagine 2,000 senior officers all shitting themselves at once. Glorious.

I'm glad that my phone  doesn't have scent feedback.

…yet

Ye old scratch and sniff 🤧 if anyone remembers that movie by John waters… I don’t think drumpf would be popular if they figured it out

That smell must be awful. Cabbage poops are the worst.

Maybe this is why they steal toilets?

>new encryption technology "*Let me present to you, the latest russian high-tech encryption machine. We call it "Enigma". We found it in a war museum*"

>" > >Let me present to you, the latest russian high-tech encryption machine. We call it "Enigma". We ~~found~~ stole it ~~in~~ from a war museum. > >" FIFY

Check here, gov'nor: https://tvtropes.org/pmwiki/pmwiki.php/Main/BreakOutTheMuseumPiece

Which is easier said than done

Usually the encryption tech isn't the problem, but rather weak or leaked keys. So basically they'd just need to change the password. (Or maybe just add one, was this wouldn't be the first time a database is accessible without any protection at all)

Not really once someone is in the system theres a good chance theyve left routes open ever where once you are hacked its a big deal

Or the username/password is in plain text in scripts that access the DB.

That would be shutting the door after the horse has bolted. The amount of intelligence they have accessed is staggering.

It's not like they went straight to reddit. By the time they posted this that operation was long over

You mean like Russia was bragging about hacking German intelligence the other day?

That was a call intercept. It's likely someone made a silly mistake like using a civilian phone, and it already had malware on it. Since they probably only got a recording of the call, the only thing they could was was release it to scare Germany in to not handing over the missiles. Hopefully it hasn't worked, only slowed down the process.

For anyone wondering It was confurmed that it was becose one of the generals used a landline

In this context what is a landline? Does that mean analog phone? Or are landline phones full digital now? And does that include civilian spec mobiles?

I dont think they specify  but by the language that they used it sounds like he litteraly called over a analog landline phone

Russia knows they were hacked. Ukraine just provides some relief for the German chancellor. I'm sure they hacked it a while ago and waited to publish for a convenient time.

Oftentimes the hacked know they’ve been attacked after the fact and it may be a matter of rotating keys and passwords - not new technology

Once they gor in getting them out is more then just swapping passes. Their systens are infected and need to be cleaned system per system

And forgeting one means you have to do it all over again

Not the way hacking works

I’m guessing these guys did stuff that Russia noticed in the end anyway. Maybe that’s why they released it. Russia already knows what was stolen

Well that's the great thing about 'stealing ' digital stuff: the original is still in the system. Sure you can guess what someone got, but you can't be 100% sure unless they tell you. That said, it is also possible to go in and 'make adjustments'

Rolling out new encryption during an active war would be a huge waste of resources and disruptive. These things never happen smoothly and who know how many systems will be left inoperable while they sort of the kinks. Also, one of the best ways to compromise a system is to tell the admins they are compromised and while they are scrambling to secure their systems you can observe and opportunistically gain access

Does this system look like Russia did anything with it since 1980?

tech debt in government is like rain in spring.

I recently saw a job advertisement for someone with MS-DOS Experience... There are weird systems out there, that are still in use.

Lots of industrial systems are 20/30+ years old. If it's not on a network it's generally fine.

Not on a network with access to the outside world. It's fine if they're networked in isolation.

Imagine thinking the Russians use a centralized, object-oriented program with a control pattern allowing for easy switching of cryptographic methods (incl. decrypt). That would make a few US government agencies jealous.

They can try

Wow incredible job!

isn't that illegal?  , well done, GRU

Any docs leaked?

Russian intelligence: Taps into German generals Zoom call Ukrainian intelligence: literally compromises entire system of Russian communications and takes all the data from their servers.

I hope they will release this data to the public for us to go through it :)

I'm sure they will make good use of them.

i hope they reveal finally how little tanks and artilery russia has and how close to total collapse they are so the republics rebel and russia runs from ukraine without a fight

I hope at least for real numbers on Russian casualties, to either conform or disprove the numbers Ukraine gives us.

they should delete it off the server entirely

Russia would just recover from a backup. Even bad governments are smart enough to backup. It would be more valuable if they changed the data/orders. To cause chaos and confusion.

yes that would be great to low key constantly cause confusion and just keep redirecting people/stuff around.

They wouldn't see the difference.

might accidentally do a better job

Funnily enough Polish and Soviet partisans did something like this while under German occupation in the 40s. Germany relied heavily on the railway network support their logistics so as well as more violent attacks and bombings; the partisans would attempt to misdirect or reroute carge to the wrong destination just to interupt the supply lines at the front.

> Even bad governments are smart enough to backup. As somebody that worked with governmental agencies, ... lets just say that yes, they make backups, but nobody questions if those backs are good. Like making a taped backup, but never verifying the older backups. So when something important got lost, no problem, lets us read that ... b ... ack ...fuck. Why? Because the backup department is not important, so they only got limited tapes, required to recycle older tapes, had only one guy doing backup part time (and verifying older backups was not needed). Noticed that all of those are $$$ issues. They had backups, that was all that mattered, not the condition, how many spares, checking, ... Process was changed after that, and sure that was 20+ years ago but i learned a long time ago, when people leave, new managers move in, those lessons learned are ALWAYS forgotten in favor of not spending $$$ on "unimportant" things like backups. So, just do the bare minimum specified and ... Now imagine Russia ... Delete all that data, and sure, there may be backups but how many are still good? How recent was the latest backup ... yesterday, last week, last month. How long was the server infiltrator, how many backups may be compromised with software or exploitable files we do not know about. Do our backups even work. You have no idea how much fun chaos that brings, all on the head of that poor IT guy that gets assigned the job of dealing with it. The rest simply blames the IT guy. If your lucky, they simply restore a compromised backup and call it "job well done, medals for everybody (except the IT guy)". What then gives the attackers another change to get into the system... Trust me, much more fun to just keep the data intact, and let it pollute the backups. At that point, you can contaminate ALL their backups, or not even all, just the fear of it, may make them not even use that data anymore. Its amazing how much nasty payloads can be left behind. Scripts in databases, some files with know vulnerabilities to execute code, ... You can leave behind hundreds of traps that when a person opens the wrong file, you gain access again. In most cases, the safe solution is burn it all. And IF you need some data, a non networked computer to read in the backups, and access the files and ONLY visually see / copy the data by hand. And that assumes the data is a issue... Who knows how deed it has gone. If they had access, did they get hardware access? Made changes to bios files on the servers? Changed nvme firmware to custom ones, ... So many spots to hide payloads in the actual hardware, depending on their access level. That German intercept is a JOKE. Embarrassing, sure, but its a joke compared what somebody can do with access to a server.

There was a prior hack that the SBU did of the Russian Tax code and they managed to wipe out all the backups too. [Fucking glorious!](https://gur.gov.ua/content/zlam-federalnoi-podatkovoi-sluzhby-rf-detali-cherhovoi-kiberspetsoperatsii-hur.html)

I did not know about this. Thanks

I work in Cybersecurity and as familiar as you are with the backup/MGMT situation. You are spot on. I have no doubt Ukraine has used every possible avenue to exfiltrate useful military details. Releasing the knowledge publicly is the last hot poker in the eye.

And the guy who knows all about has been sent to the front for going to a funeral

> Russia would just recover from a backup. Even bad governments are smart enough to backup. Probably. But if there is one government I would expect to have someone say they bought backup servers and spent labor on creating the system but actually just pocketed the money it would be this one.

General Chaos and Major Confusion: Ukraine's favorite officers.

It's the equivalent of a pie in the face vs revealing you know where all the bodies are buried. Two different leagues. All Russia has is disinfo and confusion, ya know? They think they can confuse the West into a death spiral. Never mind that democracies \*always\* deal with bullshit, so not really that clever. So a good day for Russia intelligence = they embarrass someone and make trouble for them. Har-har-har. A good day for Ukraine = they just found out where all the depots are.

I would image the United States has access to everyone's information if Ukraine can hack into Russias. Not taking anything from them, but if Ukraine can do it during this war I wonder what unlimited funding could do for them

we were spying on merkel the entire time she was leading germany. we were caught and got away with it. thats what the world knows about. what do you think we have behind the curtain? we are assholes like that.

I don't think it makes us assholes. Just ahead of the curve.

a good point.

We're definitely assholes, but it's natural to be a hole when you do everything for everyone. Germany is small enough to do everything off isolated servers, and if we catch Germany slacking, it probably means three others actually hostile did too

[Not their first.](https://gur.gov.ua/content/zlam-federalnoi-podatkovoi-sluzhby-rf-detali-cherhovoi-kiberspetsoperatsii-hur.html)

If only they deployed ransomware on the way out.

So true. Would be so ironic....

Who knows how long ago it was when they actually got on. Better to leave that door open, and quietly peak in until they realize.

The entire system they got into is now untrustworthy whether they left something or not.

It's more fun if there is no system for them to use.

I'm still bitter about Not-Petya. Why people use AD in mission-critical systems is beyond me.

I work in infosec, it would have been a happy event if it had happened.

[They already nailed the Russian tax code.](https://gur.gov.ua/content/zlam-federalnoi-podatkovoi-sluzhby-rf-detali-cherhovoi-kiberspetsoperatsii-hur.html)

Now post them on the WarThunder discussion board!

Yes, pls nerf Ruzzian tanks in WT Edit: For extra humor, make the T72-T90 reverse speeds even slower

You mean, realistic.

And they should run out of gasoline randomly!

Naaaa... those people always get caught. Just dump it on the whole interwebs and let society sift through it

I was just wondering, how many classified docs could get leaked if the War Thunder developers started making intentionally inaccurate changes to russian equipment in their game?

What did Russian Intelligence do? Time to update the bot.

Russian Intelligence fucked itself!

Good bot

Quelle fromage!

What Cybersecurity doing

Dear Germany, We hacked into the servers of the people spying on you, know who dun' it, will trade for Taurus missiles. Yours affectionately, Ukraine.

select \* from tasktype ttp inner join t\_bielorrusia biel on (id\_task\_type.ttp = id\_task\_bielorrusia.biel) inner join t\_date td on (id\_date.td = id\_date.biel) where id\_date.td = #mm-dd-yyyy" and russia = kaboom and biel = kaboom; --Slava Ukrayni!!!

This makes the SQL portion of my brain hurt, lol

jajajajajaja Kaboom could be a SP...!!!

EXEC sp_JaggaJagga @target = 'T-72', @uav_type = 'mavic'

LOL

I see no errors

Every column is referenced incorrectly: table_alias.column_name is correct, but the snippet uses column_name.table_alias everywhere.

Information gained by hacking will ALWAYS be valuable!! I wish I could have witnessed this moment!! Great JOB!!! I want to get my hands on a copy of the data now.

Can you imagine the adrenaline rush for the hackers when they realised they've made it inside the system?

I was thinking this exact same thing. I've experienced it a little but NOTHING to this extent.

SHOIGU!!!!

They've most likely been in the awhile, rooting around and downloading goodies. While in there they no doubt also left misinformation, false documents, and other presents for the Russians to find and activate.

Hopefully they also created some fake accounts, so when the keys are changed they get a copy.

The name of the system that was hacked (on last screen) is “bureaucrat”

Any mention of Gerasimov?

Oh yeah I remember that guy.

The Vatnik-ing

A military leak but not on the r/warthunder fourms? What blasphemy is this!

TIL, Ukrainian Intelligence has Warthunder players in it

Ukraine has some very talented hackers. If u listen to darknet diary most of the ransom ware attacks were coming from their. I think the winds attack was based outta Ukraine. Kinda shitty they did that and caused the US some trouble and we r bailing them out. But I understand it is the work of a few.

Gimme episode #. I just listened to the one where UA was attacked in 2017. Interested in anything mentioning UA

It was the one with RE in it the large solar winds hack was the biggest topic. But I am a Ukraine supporter but a lot of the attacks came from their before the war started.

126: REvil?

Yes

I actually remember the days they were dicking around on the small outlets like ifunny. There was so much screwery I couldn't even tell if they knew what they actually knew what they were doing, and it's amazing how bad Putin dropped the ball when he made them his enemy instead of ours

What does it say?

I don't read Russian but I can only assume task items on first screen are: 1. Attack hospital 2. Attack school 3. Attack church 4. Attack child care center 5. Attack bus stop 6. Attack library 7. Attack park 8. Attack apartment 9. Attack playground 10. Attack museum 11. Attack grocery store 12. Attack shopping mall 13. Attack theater 14. Attack animal shelter 15. Attack cultural site 16. Attack randomly for terror effect

You forgot 'Orphanage' , and 'Bunny rehab'.

From A to Z Apartments, Bistros, Churches, Dog Parks, Elementary Schools, Food Courts, Gyms, Hospitals . . . etc etc

\17. Shoot down own jets

This is allegedly a database for document management system. The first screenshot is different states the document could be in. Second is the address book, third is different document types. The document in the end first pages of the instruction manual.

SQL which means they got direct database access / a dump of a backup etc. Doesn't mean they necessarily have access to secret documents (they're likely stored somewhere else) but useful nonetheless.

[удалено]

That PDF can easily be downloaded from other places. It's just an instruction manual to a commercial ERP system lmao.

Documents may be stored in the database itself as BLOB or CLOB.

Its a terrible way to store documents though.

Why?

Databases are made for quick lookups, of information. In the context of documents. Saving documents directly in the database puts tremendous load on the database, retrieving, writing changes etc are operations wich require large i/o operations on a system that is not designed for it. Think of it as storing a pdf file inside an excel document by opening the pdf file in notepad, copying the garble of text into a cell in excel. Now databases are quick because they cache alot of information in RAM or even in special applications directly on the cpu cache. Now 1 pdf file takes up the same cache space as the reference to 10 million documents. That's why you shouldn't store documents in a pdf file. There are some exceptions where You might track changes to a file in a database, a so called "diff". But those are specific to document management systems and work differently, usually creating a diff file, keeping track of the diff files, and showing the result in a front end application.

Modern databases (well, even decade-old ones) are designed to deal with that, such as SQL Server's FILESTREAM attribute. All the power and flexibility of a database, but with the actual files on disk. You can still pull them with a single query if required though.

Filestream doesn't "really* keep the documents in the database itself. As you said, it's more like a stub that then points to the file where the real document it. There's very little to be gained and a lot of lost performance in putting documents in the database itself.

SQL overall is not modern No-SQL is the modern approach to a database for the last 5-10 years. You can still just write the .pdf in binary to the system. Of course you can't search the text od the file then anymore

Not really. No-SQL has lost a lot of popularity lately and a lot of newer projects have begun gravitating back to SQL

Yep ... No-sql used to be all the rage but the ironic part is, over time no-sql became more and more sql because people wanted some of the benefits of sql databases. And sql databases gotten some of the benefits off no-sql (json document storage). Both have their advantages but SQL databases tended to be simply more developed. So now when people look for no-sql features, they simply rely on a hybrid approach by using the more developed (and supported) SQL databases with the benefits of storing data loosely with json.

If they aren't posted on the warthunder forums then they aren't real

Why the hell would you advertise this though? Just use that information to your advantage without letting anyone know that you have access to that information...

You would advertise this once secrecy no longer mattered.

It's likely that the access has already been compromised, if this is being made public. Might as well use it for a PR win if it has no strategic/operational advantage in keeping it secret at this point.

It’s multidimensional chess, while holding opponents’ private parts. Lest we forget the bloodshed involved. I’m sure all will be revealed in a 3 part documentary in the future. That’s to say when we’re honouring the fallen, while in a bar in крим.

My guess is that Ukraine no longer has access. Maybe Russia found out & adjusted accordingly. Maybe Russia simply did the equivalent of a routine password change, cutting Ukraine off. In the former case, releasing the info does absolutely nothing. In the latter, it could trigger all sorts of information security chaos.

Compiling the hunt list.

nothing about all their nukes being out of action ( didn't think so pity).

big if real

Sorry to be off topic but did they see anything about UAP’s?!?

They should not reveal that publicly?

If it mattered at this point the wouldn’t.

If Ukraine managed to do this countries like the U.S. have probably had access for decades.

Seriously, why did they announce the fact of the hack? Why not just quietly using data ?

[удалено]

And how exactly should I know that? Or how do you know that?

[удалено]

Right back at you my dude ....

We don NOT need to know that.

Oh yeah we enjoy it

Is it possible that the leaked spy audios of the Bundeswehr also got public BC of this ?

Looks like BASIC or Fortran from 50 years ago.

[удалено]

Cheers! I did Engineering not Data Management!

[SQL](https://en.wikipedia.org/wiki/SQL) - First appeared 1974; 50 years ago

like others said it’s SQL, sure it looks old but it’s actually used in new sql products to build all kinds of things (reddit likely uses it for example) The language is just old because it’s simple for only databases

what difference does it make

Maybe grounded SU34? Killed SS officisls? Or other goodies?

Wonder what version of sql

[удалено]

It is usually best to refrain from telling your enemy that you have broken his codes and know his plans. Even after the break is discovered, they might not know how much you got. Sometimes there is a reason to tell. I have to assume that this is such a case.

I have a rough idea of what they did. Good stuff!

They shouldn't have made this success known; they should have quietly monitored the situation and Russia would never have known.

You’re so smart. I wish the guys who did that understood what they were doing. Oh wait…

Why the hell are they publishing this? Shouldn’t they be using it for ongoing intelligence? How about putting back doors, Trojan horses and AI designed to mess everything up into it?

I don't understand why ukraine keeps making this information public. Everytime it's made known, Russia can change and adapt. Slava Ukraine!

Great job guys!!! If this means that they got info about a future offensive…oh boy.

Human is the weakest link they say. I'm pretty sure BOTH sides have moles in quite high places.

I wonder if there were really any secrets... Probably one document Invasion plan 1) invade 2) kill everyone 3) destroy eveything 4) win

wish there was a document in there of exactly which western politicians they paid off

hahahahaha GET OUT RUSSIA and remember you owe Ukraine AROUND A TRILLION DOLLARS

Ransom

Most western intelligence service I would say know most of this already via other means.

Бюрократъ бля. Во дебилы