Threat Intel
OPSEC is hard! Doing things that are covert is expensive and time consuming. Being invisible in today’s digital age is very hard. Operating covertly in plain sight it also hard.
Everything about this “stuff” is hard, except sometimes maybe it’s just viewed as “it’s hard and expensive” so why even bother, or conversely… maybe the objective can be “we want people to know it was us.”
Either way there’s some interesting reading if we look at “cyber” and “opsec”. For the minute I’ve just started to collect a list of links to articles which show some of the ways opsec failures have occurred in the past in relation to the GRU.
https://en.wikipedia.org/wiki/GRU
Visual guide: how Dutch intelligence thwarted a Russian hacking operation | Russia | The Guardian
(Cyber) GRU (XII): OPSEC (lab52.io)
Hackers-Are-Humans-Too-Partial-Redacted.pdf.pdf (christopher-parsons.com)
Guccifer 2.0’s Slip-Up Shows That Even Elite Hackers Make Mistakes | WIRED
Why Russia’s GRU military intelligence service is so feared – BBC News
305 Car Registrations May Point to Massive GRU Security Breach – bellingcat
After many opsec fails, Russia seeks to ban soldier social media spoilers | Ars Technica
The GRU’s MH17 Disinformation Operations Part 1: The Bonanza Media Project – bellingcat
Elite Russian Sandworm Hackers’ Epic OPSEC Problem (bankinfosecurity.com)
Skripal Suspects Confirmed as GRU Operatives: Prior European Operations Disclosed – bellingcat
As we can see there’s a mixture of areas here from espisionage, electronic warfare, information operations, computer network exploitation (CNE) and computer network attacks (CNA).
Summary
Ok so this is really just a collection of examples for people to look at, it’s not just the GRU who have opsec challenges. Every countries military, intelligence services and defence contractors do, because opsec is hard, and data is like oil, it gets everywhere, is messy and is hard to clean up! And as mentioned above, there might be reasons why someone wants something to be attributable to them.
