Slashdot Mirror
Russian Hackers Reach US Utility Control Rooms, Homeland Security Officials Say (wsj.com)
"Russian hackers [...] broke into supposedly secure, "air-gapped" or isolated networks owned by utilities (Warning: source may be paywalled; alternative source) with relative easy by first penetrating the networks of key vendors who had trusted relationships with the power companies," reports The Wall Street Journal, citing officials at the Department of Homeland Security. "They got to the point where they could have thrown switches" and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS. The hacking campaign started last year and likely is continuing. From the report: DHS has been warning utility executives with security clearances about the Russian group's threat to critical infrastructure since 2014. But the briefing on Monday was the first time that DHS has given out information in an unclassified setting with as much detail. It continues to withhold the names of victims but now says there were hundreds of victims, not a few dozen as had been said previously. It also said some companies still may not know they have been compromised, because the attacks used credentials of actual employees to get inside utility networks, potentially making the intrusions more difficult to detect.
The attackers began by using conventional tools -- spear-phishing emails and watering-hole attacks, which trick victims into entering their passwords on spoofed websites -- to compromise the corporate networks of suppliers, many of whom were smaller companies without big budgets for cybersecurity. Once inside the vendor networks, they pivoted to their real focus: the utilities. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks. Then they began stealing confidential information. For example, the hackers vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled. They also familiarized themselves with how the facilities were supposed to work, because attackers "have to learn how to take the normal and make it abnormal" to cause disruptions, said Mr. Homer. Their goal, he said: to disguise themselves as "the people who touch these systems on a daily basis."
The attackers began by using conventional tools -- spear-phishing emails and watering-hole attacks, which trick victims into entering their passwords on spoofed websites -- to compromise the corporate networks of suppliers, many of whom were smaller companies without big budgets for cybersecurity. Once inside the vendor networks, they pivoted to their real focus: the utilities. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks. Then they began stealing confidential information. For example, the hackers vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled. They also familiarized themselves with how the facilities were supposed to work, because attackers "have to learn how to take the normal and make it abnormal" to cause disruptions, said Mr. Homer. Their goal, he said: to disguise themselves as "the people who touch these systems on a daily basis."
I don't believe it. Deep state. Carter Page. Witch hunt.
It's probably best to just end all investigations towards anything related to Russia.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
You keep using that word. I don't think it means what you think it means.
Amazing. Every single word in those two sentences was wrong.
You are welcome on my lawn.
Maybe you should read the article.
2016.
https://motherboard.vice.com/e...
Here is some more background on Trump's "Where is the server?" lie:
https://www.politifact.com/tru...
You are welcome on my lawn.
Several years ago I was at an IT Security dinner/presentation and they laid out some of the details behind a cyberattack on an airline. The hackers didn't go after any airline networks directly. Rather, they compromised an airline parts supplier and injected malware into webpages (or documents, I forget) and eventually 'caught' an airline when someone inside the airline visited the compromised site and was themselves infected.
I've tried to explain this to people in my industry. They don't have to be even trying to get you, just someone in your industry.
This and the massive Target breach are why vendor, their networks, and their devices should not be trusted (from a security standpoint at least).
There's no really good evidence that the Russian government is involved with any of the hacking, except to say "That's something they would do". It's the fallacy of the reversed conditional,
I don't see any reason why it wouldn't be Russia.
Suppose Russia isn't constantly trying to hack the US.
We have daily news reports saying they are, that essentially they are fighting a cyber war against us and that's been going on for years, but we'll assume for a moment that is false.
Nobody is doing anything about it, of course. Obama nor Trump fired a barrage of missiles in a counter-attack, nor really made any big deal about it - they're still doimg trade deals, selling the Russians a significant portion of our Uranium, etc.
So Putin sees that nobody really cares about the reported attacks. Nobody seems all that bothered about it - not enough to demand any counter-attack.
Suppose you're Putin, or Russian intelligence, or head of Russia's cyberwarfare command. You see that constant statements that you're attacking the US don't lead to any significant response. You see that you COULD attack the US with impunity and they wouldn't do anything about it.
What would YOU do if you were Putin, or head of Russia's cybercommand, and you knew you could get away with attacking the US as much as you wanted?
If it were me, seeing that nobody cares whether Russia attacks us or not, I'd go right ahead and attack. We're getting blamed for it anyway.
So either Putin and his commanders are stupid, and not taking advantage of the situation, or you're mistaken.
As it happens, I'm a career security professional. Knowing about hacks is my job. I work at a company founded by Misha Govshteyn. Guess where Misha is from. Mr. Govshteyn and I will tell you, Russia is hacking the hell out of the US all day long. Only China sends more attacks.
Newbie Russian hacker, he thought voltage machine was the same as voting machine.
we are saying sorry
do not worry, we will have it all good by November , yes.
Please give out best to the Donald
That's a remarkable bit of denial, an excellent exemplar of why I have decreasing faith that this will end well. There is plenty of evidence that the Russians were involved in all sorts of various hacking and active measures and whatnot, but if you simply refuse to believe that evidence, then you can just deny everything and believe whatever you want to believe or whatever you are told to believe. That is one of the end goals of the concerted campaign of propaganda that the Russians been running since the Soviet era: true information no longer matters anymore and the ability to assess facts and adjust beliefs in response to facts is utterly withered.
To the particular point, the prior indictments against the Russian nationals are far more detailed than standard indictments, they are so called "speaking indictments." The most recent one this month against the GRU hackers detailed the particular methods they used and quite a bit of the timing of the attacks. And it sounds like western intelligence had high end source in the Russian government that Trump was told about prior to the inauguration confirming that the top levels of the Russian government, including Putin, were orchestrating the attacks. But again, if you can simply deny that information out of hand, and call it "fake news", then what point is there in providing any more information? What will be believed short of reality providing a swift kick to the groin?
The FBI is not the "Intel Community". They're law enforcement, no less than your local cops. They have about the same record of integrity, too, which is saying, "so-so". But they take the whole, "national security" thing pretty seriously. And that includes all the Trump appointments, and his director of national intelligence and his attorney general. And while you're being Inspector Gadget finally trying to get the dirt on Hillary Clinton, there is a legal noose tightening around Trump's neck. Indictments, convictions, guys in jail.
And yes, there are at least three copies of the forensically-imaged DNC server in the FBI's possession. We know this because the Trump Justice Department has told us so.
So, the question you have to ask yourself is if you believe Donald Trump or people appointed by Republicans to be FBI director, attorney general, FISA judges, etc etc. You can either trust people that have actually earned trust or a guy who changes his story about what he actually said on live fucking camera four times between Monday and Thursday.
Not you, ArchMike. It's too late for you. The question is for other people reading this. You're already too far gone down the 4chan hole looking for pizza and crisis actors. The question is for the grown folks.
You are welcome on my lawn.
Of course they would. The FBI uses contractors all the time. Especially for what the president calls "the cyber".
https://www.reuters.com/articl...
You are welcome on my lawn.
That the way Trump wishes to do it is indistinguishable from someone who is compromised and being used. That's the scary part.
Seems quite specific to me.
The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure, âoeair-gappedâ or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies, said officials at the Department of Homeland Security.
We have who, where, how and by what method. Interestingly it's similar to the technique used by the US to sabotage Iranian enrichment facilities.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
and maybe trolling but Trump's poll numbers didn't budge an inch even after that downright terrifying display in Helsinki.
That's because he is down to more or less just his psycho base supporters. An alarmingly large group but they support him no matter how crazy he gets. He could start a nuclear war and they would cheer him on the whole way and probably try to find some way to blame Obama or Clinton for it.
What I find especially odd is most of his supporters are old enough to have been cold warrior types.
His supporters are not that old as a general proposition. He has too many of them for that to be the case though certainly a fair number of them are older. Heck I'm old enough to have been around during the later decades of the cold war and the people that really lived through the middle of it are drawing social security now. Trumps supporters are more diverse than just old people.
What are you so afraid of?
If you have to ask that question then you know fuck-all about US/Russia relations over the last 80 years.
What is so terrifying about the US and Russia improving relations and bringing a little more piece to the world?
What's terrifying is HOW Trump is trying to do it. Peaceful cooperation with Russia is a reasonable goal but not at any cost or by abandoning countries that actually are friendly to the US. Russia is NOT a friend to the US and pretending that the interests of those two countries have somehow magically aligned because Trump is in the White House is absurd.