I’m not in IT and am by no means a security expert but this is my layman’s understanding. We pretty much know that a the majority of our infrastructure can be shutdown by cyber attacks. We have toassume that systems that are not physically separated from the internet are either vulnerable or already compromised. That means gas,water, oil, electricity, most anything you can think of.Originally Posted by Hieronymous
im strong, i can run faster than train
It’s reasons like this (and living in an earthquake prone zone) that I keep my tank 50% or better full all the time and keep 13.5 gals in cans.
Growing up in a snowy area taught me to always fill up when the gas gauge got near "1/2" indicated. That came in handy once on the Ohio Turnpike when I got to sit for three hours in sub-zero temps due to a tractor-trailer overturning. Being able to run the engine to generate some heat combined with a blanket and a good book made the time pass much more pleasantly.
Since my current AO is prone to tornados, I have kept up the habit. I even keep the cold weather gear in the trunk.
The best I can say is I know one very smart person who is fighting this war. He seems confident that he can protect the important stuff in his AO.
“There is no growth in the comfort zone.”--Jocko Willink
"You can never have too many knives." --Joe Ambercrombie
China and Russia have been investing in cyber warfare for decades. They know they cant match us with conventional military abilities and equipment (an nobody wants a nuclear war), so it makes total sense they would pursue asymmetrical cyber warfare with reckless abandon. We have never had an all out cyber war, and the damage it could cause is theoretical, however there have been many 'proof of concept' type exercises that make it clear that we have a real serious problem. Read up on STUXNET if you want an example of what has happened in the real world.
STUXNET spun the Iranian uranium enrichment centrifuges beyond their rated ability, causing small stress fractures that eventually caused them to disintegrate, all while reporting to the operators on their consoles that everything was running within operational parameters. They thought they were being sold defective equipment, until some Belarus cyber security company discovered the Windows component of the STUXNET malware. They didn't know what to make of it, so enlisted Symantec who were able to identify four "zero days" (flaws that the vendor and security community are unaware of) that allowed the malware to breach Windows security and establish itself on their PC's (which were "air gaped" from the rest of the network, no physical connection). There was another component that Symantec couldn't figure out called Siemans Step 7 programming. That's the interface that programs the Programmable Logic Units that actually control hardware, like valves or whatever. They enlisted a specialist named Ralph Langner, who specialized in SCADA security, and he was able to figure out what was up. Brilliant. It put the Iranians back years with their uranium enrichment program, without having to drop bombs.
That's a hardware example, the Solar Winds hack is a good example of software. The attackers were able to insert their malware code during compilation (translation human readable code to binary computer code) after the code was verified as unmolested. That was thought to be impossible, but it got done anyway.
I did network security as part of my Unix admin jobs over the years, which is why I know this stuff. Not an "expert", but I understand enough to know the potential of a cyber war.
What a tangled web we weave.
If we could find out who they are with certainly I wonder if the ransom would be any more than a contract with the Russian Mafia?
The policy question of "At what point does a cyber-incident warrant a kinetic response?" has been lingering in the US since the late-2000's. I wouldn't be the least bit surprised if that line has already been crossed and the public just never heard about the response.
Ukraine is the present case study for this. Two articles that might be worth mentioning, although the second is behind a paywall.
ETA: Some of the crew thought to be responsible for both the power grid attack and NotPetya were indicted last year.
Last edited by Chance; 05-10-2021 at 05:36 PM.
"Sapiens dicit: 'Ignoscere divinum est, sed noli pretium plenum pro pizza sero allata solvere.'" - Michelangelo
The wired article you linked is well worth the read.
This sort of resonates as very plausible in terms of Russia; hard to imagine they don’t have strong control over their hackers.“This had to be a well-funded, well-trained team. … [B]ut it didn’t have to be a nation-state,” he says. It could have started out with cybercriminals getting initial access to the network, then handing it off to nation-state attackers who did the rest.
What saved Ukrainians from a greater catastrophe was that they have manual backup, evidently, whereas we don’t typically have them anymore.
I read Lights Out by Ted Koppel a few years and it scared the crap out of me.
Basically a cyber attack on the power grid is well within the capabilities of most countries and would kill tens of thousands of people as food, water, medicine, etc all need power and could be out for months.
https://www.amazon.com/Lights-Out-Cy.../dp/0553419986
My significant other read that book upon release, and it changed her (and by extension, our) approach ever since.
Reply With Quote