Here we see ravenous people in Siberian wolves’ clothing, chasing our most sensitive institutions riding in, ironically, Russian troikas.
Meanwhile, ‘Homeland Security’ is busy listening in on all our calls. Much more interesting, and easier than going after hackers.
Steverino fails to show the Russian solution to Russian wolves: throwing the baby out to distract the wolves and give themselves time to get away. Don’t worry, it’ll occur to them.
Why in the world is any utility control room attached to the internet? At power generation facilities there are people at the monitors 24/7. Same with pipelines and grid operators. If they need to communicate outside control rooms use phone or fax. Hard to hack and impossible to alter operations. Just because you can do something (Internet integration of controls) does not mean you should.
Some things to consider – the danger comes from the Russian government, not the Russian people (with one very notable exception especially) and Breen failed to include references to other governments (and again, not their citizens). Focus on where the dangers are coming from and not the entire forest instead of some of the trees, but remember it’s not only a single source. It’s almost never a single source but making entire nations (especially more than one nation and all of those people) hate you is worse than missing the few really trying to do you harm. Know your threat. Know your target(s).
Umm.. lets not forget that it’s not only Russia that plants bugs to take over operational systems.. Was there not an issue some time ago where some centrifuges mysteriously blew up.. And, just a guess but likely other funny things happen world wide that do not make the headlines. It’s a dog eat dog world out there with lots of players.
Seems odd we hire hackers to prevent hackers getting in . . . .
I have recently seen an increase in my router logs, certain IP numbers from Chinese and Russian assignments trying to connect to my security cameras. I had to make changes to to my router block this. It is only going to get worse so beware.
U.S. Fuel Suppliers Work to Avert Shortages From Pipeline Attack
Colonial Pipeline halted all operations on its system late Friday after suffering a cyberattack that affected some of its IT systems. The company has said it’s working to restore operations but has given no timeline for a restart.
The Colonial pipeline is a critical source of gasoline, diesel and jet fuel to the East Coast from the nation’s refining belt along the U.S. Gulf Coast. It has the capacity to send about 2.5 million barrels a day on its system from Houston as far as North Carolina, and another 900,000 barrels a day to New York.
The attack appeared to use a ransomware group called DarkSide, according to Allan Liska, senior threat analyst at cybersecurity firm Recorded Future. The cybersecurity firm FireEye Inc. said its Mandiant incident response division was assisting with the investigation.
Ransomware cases involve hackers seeding networks with malicious software that encrypts the data and leaves the machines locked until the victims pay the extortion fee. This would be the biggest attack of its kind on a U.S. fuel pipeline.
Dishonest people make it necessary.
It is POSSIBLE to set up systems that are effectively unhackable. What is clearly NOT possible outside the military (if even there) is to train humans to use such systems without making them easier to use, i.e. hackable. And of course standard OSs were DESIGNED to be easy to use… and therefore moderately easy to hack.
How to do this? Every file has individual permissions, all the critical system files have permissions for an “operator” who can only log in from a physically secure location (and those permissions can only be changed when the system is rebooted in “safe” mode. All communication to or from the system is done without using the internet… or if you really MUST use the internet, it’s done only by sending, not receiving… and if you MUST receive, then only via in-house VPN. Nobody can put their own config files into their account or anywhere else: The only way to create files is via very well tested applications that communicate only with the processes they monitor.
One corollary of all this is that most users cannot do their work on a system that is so well hardened: No email, no editable documents, etc, so you have to have a less-well hardened system in parallel. Which is GOING to be hacked from time to time, so you have to figure how to deal with that, too.
Now consider the $COST of such hardening for a system, and realize that it is only now starting to become clear to management that such hardening might, maybe be less expensive than dealing with the hack attacks.