Alert from the Government CISA:

The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to warn that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices, including:

Schneider Electric programmable logic controllers (PLCs),
OMRON Sysmac NEX PLCs, and
Open Platform Communications Unified Architecture (OPC UA) servers

Here is the entire alert: It has not yet been determined WHO is responsible for this, but the "general assumption" is it is Russia. If this in fact is happening, it is an act of war against the US.

APT Cyber Tools Targeting ICS/SCADA Devices | CISA (https://www.cisa.gov/uscert/ncas/alerts/aa22-103a)

Oh well. And life keeps on trucking. No one is going to anything about it, either way.

Just let me know the day when there's NOT and attempted cyber attack...

Just let me know the day when there's NOT and attempted cyber attack...

April 5th, 7th, 9th, 10th, 11th, and 14th. - so far this month. Sorry couldn't resist, since you love to hold me to account for "exaggerations".

If you read this alert, and all the others at CISA.gov, you will see this is particularly worrisome in the current world situation since it has been tested on a number of companies and they have reason to believe that others are being targeted.

The real significance is that if we end up at war with Russia, they have been running trails of their cyber warfare groups - attacking companies around the world, including the US. We are late to the game, but are ramping up our defense - part of CISA.

This was particularly interesting to me, since when I was working for APS (power company in AZ) I was a project manger in charge of the project to install redundant communications and controls for the companies sub-stations, which was mandated by Congress for all power companies following 9/11. We finished that project on time, but that was just one small part of the weakness. I know first hand how poorly prepared our power grid is to deal with a cyber attack.

April 5th, 7th, 9th, 10th, 11th, and 14th. - so far this month. Sorry couldn't resist, since you love to hold me to account for "exaggerations".

If you read this alert, and all the others at CISA.gov, you will see this is particularly worrisome in the current world situation since it has been tested on a number of companies and they have reason to believe that others are being targeted.

The real significance is that if we end up at war with Russia, they have been running trails of their cyber warfare groups - attacking companies around the world, including the US. We are late to the game, but are ramping up our defense - part of CISA.

This was particularly interesting to me, since when I was working for APS (power company in AZ) I was a project manger in charge of the project to install redundant communications and controls for the companies sub-stations, which was mandated by Congress for all power companies following 9/11. We finished that project on time, but that was just one small part of the weakness. I know first hand how poorly prepared our power grid is to deal with a cyber attack.

It's sad that you actually think that's true...

the Chinese and Russians have been trying to hack into anything and everything in the USA every day for quite a while....

they don't really produce anything else...it's what they do

It's sad that you actually think that's true...

Think what is true? I covered several things, you think NONE of what I said is true?

the Chinese and Russians have been trying to hack into anything and everything in the USA every day for quite a while....

they don't really produce anything else...it's what they do

Exactly true, for decades literally. But, again if you read this alert, this is a new attack using new code that we are not yet prepared to deal with.

April 5th, 7th, 9th, 10th, 11th, and 14th. - so far this month. Sorry couldn't resist, since you love to hold me to account for "exaggerations".

If you read this alert, and all the others at CISA.gov, you will see this is particularly worrisome in the current world situation since it has been tested on a number of companies and they have reason to believe that others are being targeted.

The real significance is that if we end up at war with Russia, they have been running trails of their cyber warfare groups - attacking companies around the world, including the US. We are late to the game, but are ramping up our defense - part of CISA.

This was particularly interesting to me, since when I was working for APS (power company in AZ) I was a project manger in charge of the project to install redundant communications and controls for the companies sub-stations, which was mandated by Congress for all power companies following 9/11. We finished that project on time, but that was just one small part of the weakness. I know first hand how poorly prepared our power grid is to deal with a cyber attack.

There are the people who understand a threat when there is one, and then there are the people who are oblivious, and like it that way. I think it is meritorious of you to try to do a public service announcement to give heads up to the people who give credence to the threat but who had not been aware of it.

The sky is falling, the sky is falling.

Think what is true? I covered several things, you think NONE of what I said is true?

That no one tried to hack anything on those specific days...

Exactly true, for decades literally. But, again if you read this alert, this is a new attack using new code that we are not yet prepared to deal with.

Except on the following days, right? "April 5th, 7th, 9th, 10th, 11th, and 14th. - so far this month. "

there are the people who understand a threat when there is one, and then there are the people who are oblivious, and like it that way. I think it is meritorious of you to try to do a public service announcement to give heads up to the people who give credence to the threat but who had not been aware of it.
paul revere would agree

Good news. The United States has comparable offensive and defensive cyber capabilities.

Chromebooks can't get a virus and update automatically.
I also converted a 10 Y/O Dell laptop to Linux Mint and I don't worry about getting hacked.

Alert from the Government CISA:

The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to warn that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices, including:

Schneider Electric programmable logic controllers (PLCs),
OMRON Sysmac NEX PLCs, and
Open Platform Communications Unified Architecture (OPC UA) servers

Here is the entire alert: It has not yet been determined WHO is responsible for this, but the "general assumption" is it is Russia. If this in fact is happening, it is an act of war against the US.

APT Cyber Tools Targeting ICS/SCADA Devices | CISA (https://www.cisa.gov/uscert/ncas/alerts/aa22-103a)

Cyber attacks? This has been going on since computers were invented. Thanks anyway

Alert from the Government CISA:

The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to warn that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices, including:

Schneider Electric programmable logic controllers (PLCs),
OMRON Sysmac NEX PLCs, and
Open Platform Communications Unified Architecture (OPC UA) servers

Here is the entire alert: It has not yet been determined WHO is responsible for this, but the "general assumption" is it is Russia. If this in fact is happening, it is an act of war against the US.

APT Cyber Tools Targeting ICS/SCADA Devices | CISA (https://www.cisa.gov/uscert/ncas/alerts/aa22-103a)

Why not? Our president gave them a list. Another one of his brilliant moves and he was soooo proud of it!! You can't make this stuff up!!:ohdear:

Chromebooks can't get a virus and update automatically.
I also converted a 10 Y/O Dell laptop to Linux Mint and I don't worry about getting hacked.

So how long will those be working for you without electricity to charge the batteries?

This is not new news. These hackers have been trying for years.

Why not? Our president gave them a list. Another one of his brilliant moves and he was soooo proud of it!! You can't make this stuff up!!:ohdear:

Careful, your going to get spanked from the mods making this political, but I do agree with you.

If hackers can mess with the power grid, they certainly can mess with your bullet proof computer. LOL

That no one tried to hack anything on those specific days...

Okay, I confess, that was a bit tongue in cheek. As I am sure you know those are the days with no alert.

There will be no war. We will use our "global partners" to make it look like we are getting tough and taking action.
Happy Easter Everyone!

Chromebooks can't get a virus and update automatically.
I also converted a 10 Y/O Dell laptop to Linux Mint and I don't worry about getting hacked.

The Chromebook is the safest personal "computer", but still has 55 vulnerabilities.

However, the alert has NOTHING to do with personal computers. It is about companies with process control computers, power generation plants etc. The intent of the attack is/would be to shut down our infrastructure - imagine if the water supply shut down for a week, etc.

Well, I posted the alert as a public service, since I doubt many here keep up with CISA and cyber warfare. I am amazed that even here, people feel the need to be snarky, attack, etc.

I am still hopeful we can avoid war with Russia, but, if war comes a key component will be cyberwar. And we have NEVER fought a cyberwar before. Putin has demonstrated he is not opposed to inflicting civilian casualties to gain his goals.

The information is available. I am not saying it is going to happen, simply making people aware.

Well, I posted the alert as a public service, since I doubt many here keep up with CISA and cyber warfare. I am amazed that even here, people feel the need to be snarky, attack, etc.

I am still hopeful we can avoid war with Russia, but, if war comes a key component will be cyberwar. And we have NEVER fought a cyberwar before. Putin has demonstrated he is not opposed to inflicting civilian casualties to gain his goals.

The information is available. I am not saying it is going to happen, simply making people aware.


Unfortunately there's very little any of us can do about it, since our state has not been pro-active in supporting alternate methods of energy and self-reliance. All those dialysis offices that provide life-saving service to kidney patients - rely on the grid to keep their machines running. No grid, no life.

Meanwhile, in communities that emphasize alternative energy sources, they are able to sustain themselves for a week or more, if the power were to be cut off from the outside.

most of the people on this thread can't be bothered to be informed unless it causes them some inconvience.

One big way, not the only way, to help yourself from a personal cyber attack is NEVER, EVER click on links that are sent or embedded in emails, texts and chat rooms like this... unless you know this person. You can always Google the subject. I even noticed in a forum that someone stating they had pics they took and wanted to share- said, “Here click on this link!” - I thought, Oh my, don’t!

If hackers can mess with the power grid, they certainly can mess with your bullet proof computer. LOL

Yes funny - LOLOLOL.

Glad you got a chuckle. I guess you didn't bother to read the alert. It has NOTHING to do with hacking YOUR computer. The ONLY reason a foreign national would attack your computer would be to add it to a bot farm for a DOS or other attacks on more important targets. In fact, if you run windows there is a good chance your c computer has already been owned and is simply waiting to be put into action.

The alert is by our CISA and it says they are seeing a new custom code being tested against companies that are critical to our infrastructure - manufacturing, electrical grid, hospitals, etc, etc, etc.

The alert is for THOSE industries, to let them know to take steps to verify they are not infected and to take steps to guard against becoming infected.

As I said, we are on the verge of going to war with Russia, unless things change soon. And this alert shows that Russia (and others) are preparing to launch a cyber ware against us. There has never been a full scale cyber war - ever. We have no idea what the results will be. I hope we are prepared.

But, one thing I am fairly certain of, is a cyber war will not be funny.

One big way, not the only way, to help yourself from a personal cyber attack is NEVER, EVER click on links that are sent or embedded in emails, texts and chat rooms like this... unless you know this person. You can always Google the subject. I even noticed in a forum that someone stating they had pics they took and wanted to share- said, “Here click on this link!” - I thought, Oh my, don’t!

Absolutely. That is even more important today, and with this alert. Since one of the tactics in a cyberwar, is to infect millions of personal computers silently. Place the virus and leave it dormant. Then when war is launched, the dormant virus is activated and your computer becomes an agent of the enemy.

So, you could say, it is every American's patriotic duty to practice safe computer usage - as you say, NEVER click on a link from anyone, even if it is from friends or family. Type the address of the link into your browser instead. Also, you should never open (read) emails from suspicious sources "From: wally_in_etheopia@myplace.com" or "Subject: You won a billion dollars". Hacking today is capable of planting a virus in your computer as a result of your simply reading a post or looking at a photo. And those emails from your children, might not be from your children (it is called spoofing, which means changing the From address to look like someone else) or it might be from your children but they might be infected.

Think of opening emails like having unprotected sex with a complete stranger that appears to be strung out on heroin...

Unfortunately there's very little any of us can do about it, since our state has not been pro-active in supporting alternate methods of energy and self-reliance. All those dialysis offices that provide life-saving service to kidney patients - rely on the grid to keep their machines running. No grid, no life.

Meanwhile, in communities that emphasize alternative energy sources, they are able to sustain themselves for a week or more, if the power were to be cut off from the outside.

Not just our state, but I agree with your point in general. The US has been very slow in preparing for cyberwar. CISA is our attempt to change that. But it will take time. This alert is NOT for the average Joe sitting at home in front of his computers, it is for companies and industry - a warning of a new variant that they need to take action to protect against. It is real, it is not a "might happen".

When I was working for APS, they were facing a large fine if they missed the deadline for getting the safe guards in place. Sadly, in the US profit rules everything - it is more important than human life or safety. So, for the most part, the only way to get them to spend anything to protect our infrastructure is for the government to force it by imposing fines.

Me. . .

Oddly. . .

Feeling nostalgia for Covid — in comparison to this.

Yep.

Why?

When Covid, and all it entailed, was raging in our faces every day, at least we had some measure of control over how we chose to handle the threat in our personal lives.

Now, as individuals — we got nuthin’.

My heart breaks for the people of Ukraine. My mind, if I let it, most certainly could wander to the potential spread of hell on earth.

But……..

all I can do is limit my own news exposure to a quick check-in each day and then go ahead with regular, everyday life……but now with greater appreciation of even the most mundane.

We are all well aware of the obvious threats to our world — our cyberworld included. But obsessing about it cannot help and could lead some to wallowing in paranoia.

I was instructed many years ago to hide under my desk at school, “Duck and Cover.” I wanted to ask my teacher how that was supposed to help, but in those days, I would never have dared to question my teacher. (Now, I realize she had to be thinking the same thing.)

Now, I have decided not to saturate my elder-boomer days “ducking and covering” because there is absolutely nothing we can do about this one. Therefore, looking at Covid in juxtaposition makes me nostalgic for only worrying about Covid — a worry over which we were offered some control. This one though…….we got nuthin’ — no control whatsoever……..except controlling our own choices about how we spend our days. Some will choose obsession. I will not.

Boomer

Me. . .

Oddly. . .

Feeling nostalgia for Covid — in comparison to this.

Yep.

Why?

When Covid, and all it entailed, was raging in our faces every day, at least we had some measure of control over how we chose to handle the threat in our personal lives.

Now, as individuals — we got nuthin’.

My heart breaks for the people of Ukraine. My mind, if I let it, most certainly could wander to the potential spread of hell on earth.

But……..

all I can do is limit my own news exposure to a quick check-in each day and then go ahead with regular, everyday life……but now with greater appreciation of even the most mundane.

We are all well aware of the obvious threats to our world — our cyberworld included. But obsessing about it cannot help and could lead some to wallowing in paranoia.

I was instructed many years ago to hide under my desk at school, “Duck and Cover.” I wanted to ask my teacher how that was supposed to help, but in those days, I would never have dared to question my teacher. (Now, I realize she had to be thinking the same thing.)

Now, I have decided not to saturate my elder-boomer days “ducking and covering” because there is absolutely nothing we can do about this one. Therefore, looking at Covid in juxtaposition makes me nostalgic for only worrying about Covid — a worry over which we were offered some control. This one though…….we got nuthin’ — no control whatsoever……..except controlling our own choices about how we spend our days. Some will choose obsession. I will not.

Boomer

Good post, I agree. I do think there is a lot of room between ignoring, being aware and being obsessed.

Nothing ever seems to get done anymore 😕

Nothing ever seems to get done anymore 😕

In reference to what?

I am constantly amazed at how much things are changing and improving.

The area we need to put more time into is getting along with each other. Agreeing to disagree. Finding common ground and working together for a better America.

Exactly true, for decades literally. But, again if you read this alert, this is a new attack using new code that we are not yet prepared to deal with.
Russia has attacked every free world country's elections and corporations for the last 15 years. They have designated troll farms to undermine Europe and US society. I wonder if those troll farms employ large numbers of young tech-savvy intellectuals? And how much were they paid? And how many have recently left Russia as part of a "brain drain" of intellectuals offended by the Ukraine war. Supposedly Russian oil production is DECREASING because of losing skilled oil field operators and maintenance people. 40% of the Russian economy is in the oil industry. Russia lacks economic diversity and they have had a Sovereign Debt default recently.
Recently Russia tried a cyber-attack against Finland and maybe Sweden because of their interest in joining NATO. Finland was probably prepared for it (better than the US) because since Finland and Russia share about an 800-mile long border - so Finland has to be prepared to resist Russia because it is strongly in their self-interest. Finland has the equivalent of an underground bomb shelter for its whole capital city. The US has hardened military sites, but not much for its civilians.

Why not? Our president gave them a list. Another one of his brilliant moves and he was soooo proud of it!! You can't make this stuff up!!:ohdear:
Sorry I have never heard of that. maybe because I don't go on the "dark sites"?

old news - been going on for several years

Well, I posted the alert as a public service, since I doubt many here keep up with CISA and cyber warfare. I am amazed that even here, people feel the need to be snarky, attack, etc.

I am still hopeful we can avoid war with Russia, but, if war comes a key component will be cyberwar. And we have NEVER fought a cyberwar before. Putin has demonstrated he is not opposed to inflicting civilian casualties to gain his goals.

The information is available. I am not saying it is going to happen, simply making people aware.
One expert retired military expert made the statement that we have already begun a 3rd world war. I am not saying that I agree with that, but I DO notice that many countries are having to pick one side or the other. Democracy or Dictatorship. Poland is a country that was balanced between the West and Russia. But, recent current events have FORCED Poland to choose - and they picked the West. Switzerland joined NATO and likely Finland and Sweden will follow soon.
I understand that Venezuela is lining up with Putin. India is supposedly a Democracy, but are they really? They trade a lot with Russia. And African nations may be deciding now whose side they will be on. It's like children picking up sides for a game only on a Global Scale! On a world population basis, people living under Dictatorships outnumber the free-world population.
The opening rounds of this global tug of war may include cyber-warfare, disinformation, and the creation of chaos and confusion.

Me. . .

Oddly. . .

Feeling nostalgia for Covid — in comparison to this.

Yep.

Why?

When Covid, and all it entailed, was raging in our faces every day, at least we had some measure of control over how we chose to handle the threat in our personal lives.

Now, as individuals — we got nuthin’.

My heart breaks for the people of Ukraine. My mind, if I let it, most certainly could wander to the potential spread of hell on earth.

But……..

all I can do is limit my own news exposure to a quick check-in each day and then go ahead with regular, everyday life……but now with greater appreciation of even the most mundane.

We are all well aware of the obvious threats to our world — our cyberworld included. But obsessing about it cannot help and could lead some to wallowing in paranoia.

I was instructed many years ago to hide under my desk at school, “Duck and Cover.” I wanted to ask my teacher how that was supposed to help, but in those days, I would never have dared to question my teacher. (Now, I realize she had to be thinking the same thing.)

Now, I have decided not to saturate my elder-boomer days “ducking and covering” because there is absolutely nothing we can do about this one. Therefore, looking at Covid in juxtaposition makes me nostalgic for only worrying about Covid — a worry over which we were offered some control. This one though…….we got nuthin’ — no control whatsoever……..except controlling our own choices about how we spend our days. Some will choose obsession. I will not.

Boomer
That was well written to the point of being poetic!

Not just our state, but I agree with your point in general. The US has been very slow in preparing for cyberwar. CISA is our attempt to change that. But it will take time. This alert is NOT for the average Joe sitting at home in front of his computers, it is for companies and industry - a warning of a new variant that they need to take action to protect against. It is real, it is not a "might happen".

When I was working for APS, they were facing a large fine if they missed the deadline for getting the safe guards in place. Sadly, in the US profit rules everything - it is more important than human life or safety. So, for the most part, the only way to get them to spend anything to protect our infrastructure is for the government to force it by imposing fines.
Sadly, as a general rule, most of the World's corporations only care about profits.... a "greed is good" philosophy. However, some of the most socially conscious and employee-friendly Corporations also have high profitability. There was even an ETF put together from these types of Corporations.

One expert retired military expert made the statement that we have already begun a 3rd world war. I am not saying that I agree with that, but I DO notice that many countries are having to pick one side or the other. Democracy or Dictatorship. Poland is a country that was balanced between the West and Russia. But, recent current events have FORCED Poland to choose - and they picked the West. Switzerland joined NATO and likely Finland and Sweden will follow soon.


Poland chose where its interests lay a long time ago, and has been a full member of Nato sinc 1999.
Switzerland has never been a member or applied to join NATO.

Careful, your going to get spanked from the mods making this political, but I do agree with you.

Irony is ironic...

Poland chose where its interests lay a long time ago, and has been a full member of Nato sinc 1999.
Switzerland has never been a member or applied to join NATO.
The way I understand it, Poland had been becoming/leaning authoritarian in the past year, but after Russia attacked the Ukraine, public sentiment in Poland and their President (or Prime Minister) made the shift quickly away from Russia towards the West. A lot of that has to do with the superior PR campaign and work put in by President Zelenskyy and the obvious videos about Russian atrocities - also there is a David vs Goliath concept here.
........That was MY point. I don't care who is OFFICIALLY in NATO. It is about the need for all countries around the world HAVING TO CHOOSE a side. Hungary for example is officially in NATO, but after the recent (tainted) election, Viktor Orban seems to be heading back to his Dictatorial roots and he will favor Russia. This will present a problem for NATO in the future. That was MY point about choosing!
.........I will have to check about Switzerland, but there has been something in the news about their applying for NATO membership. Stay tuned!

Sorry I have never heard of that. maybe because I don't go on the "dark sites"?

Biden gave Putin list of 16 critical infrastructure 'entities' that must be off-limits to cyberattacks (https://www.yahoo.com/video/biden-gave-putin-list-16-175500657.html)

The way I understand it, Poland had been becoming/leaning authoritarian in the past year, but after Russia attacked the Ukraine, public sentiment in Poland and their President (or Prime Minister) made the shift quickly away from Russia towards the West. A lot of that has to do with the superior PR campaign and work put in by President Zelenskyy and the obvious videos about Russian atrocities - also there is a David vs Goliath concept here.
........That was MY point. I don't care who is OFFICIALLY in NATO. It is about the need for all countries around the world HAVING TO CHOOSE a side. Hungary for example is officially in NATO, but after the recent (tainted) election, Viktor Orban seems to be heading back to his Dictatorial roots and he will favor Russia. This will present a problem for NATO in the future. That was MY point about choosing!
.........I will have to check about Switzerland, but there has been something in the news about their applying for NATO membership. Stay tuned!
Ireland and Austria are definitely looking into NATO membership. Switzerland wants to remain OFFICIALLY neutral, but has many and many increasing military involvements with NATO. Like I said.......the Ukrainian war is causing/forcing many changes.....causing many countries to pick one side or another. As of right now the US has picked and is ALL IN for the Ukraine.

1. That list dates back to June of last year.
2. The list is of the types of infrastructure that Russia needed to consider "off limits" with regards to cybersecurity.
3. Seems some folks here have forgotten that one time back in band camp, when cybercriminals attacked the country by shutting down one of the existing pipelines, causing gas shortages and creating panic-buying all along the coast.
4. Other cyberattacks were aimed at the Ukranian power grid and a Saudi petrochemical plant.

It's a thing. It's a problem, and it absolutely warrants our President telling Russia not to do that. And sure - even spelling it out in a list of "what not to do" to make sure there's no misunderstanding.

1. That list dates back to June of last year.
2. The list is of the types of infrastructure that Russia needed to consider "off limits" with regards to cybersecurity.
3. Seems some folks here have forgotten that one time back in band camp, when cybercriminals attacked the country by shutting down one of the existing pipelines, causing gas shortages and creating panic-buying all along the coast.
4. Other cyberattacks were aimed at the Ukranian power grid and a Saudi petrochemical plant.

It's a thing. It's a problem, and it absolutely warrants our President telling Russia not to do that. And sure - even spelling it out in a list of "what not to do" to make sure there's no misunderstanding.

OR....

It was an instruction guide of what they should do to screw with us... Potato, Po-tah-to...

1. That list dates back to June of last year.
2. The list is of the types of infrastructure that Russia needed to consider "off limits" with regards to cybersecurity.
3. Seems some folks here have forgotten that one time back in band camp, when cybercriminals attacked the country by shutting down one of the existing pipelines, causing gas shortages and creating panic-buying all along the coast.
4. Other cyberattacks were aimed at the Ukranian power grid and a Saudi petrochemical plant.

It's a thing. It's a problem, and it absolutely warrants our President telling Russia not to do that. And sure - even spelling it out in a list of "what not to do" to make sure there's no misunderstanding.
Misunderstandings and bad luck have started wars in the past. There was that incident where Gorbachov's generals were misinterpreting their own radar problems as a preemptive launch of missiles by the US. They advised Gorby to launch their Russian missiles for revenge and a 3rd world war. Fortunately, Gorby kept a cool head and a 3rd world war was averted. But, historically, that was a close call !
........Today, we are on a knife's edge.....again.....depending on some KGB strongman to not lose his mind.

Misunderstandings and bad luck have started wars in the past. There was that incident where Gorbachov's generals were misinterpreting their own radar problems as a preemptive launch of missiles by the US. They advised Gorby to launch their Russian missiles for revenge and a 3rd world war. Fortunately, Gorby kept a cool head and a 3rd world war was averted. But, historically, that was a close call !
........Today, we are on a knife's edge.....again.....depending on some KGB strongman to not lose his mind.

It does feel the world is ramping up. I guess the question is, just how crazy is Putin, and will one of his own decide to take him out before he does something really stupid.

And the old saying goes, "I don't know how WWIII will be fought, but WW IV will be fought with stick and stones."

Maybe it is just another fear-porn psyop broadcasted on the mass psychosis box.
War propaganda is almost comical. When will Putin bomb a baby milk factory?

The way I understand it, Poland had been becoming/leaning authoritarian in the past year, but after Russia attacked the Ukraine, public sentiment in Poland and their President (or Prime Minister) made the shift quickly away from Russia towards the West. A lot of that has to do with the superior PR campaign and work put in by President Zelenskyy and the obvious videos about Russian atrocities - also there is a David vs Goliath concept here.
........That was MY point. I don't care who is OFFICIALLY in NATO. It is about the need for all countries around the world HAVING TO CHOOSE a side. Hungary for example is officially in NATO, but after the recent (tainted) election, Viktor Orban seems to be heading back to his Dictatorial roots and he will favor Russia. This will present a problem for NATO in the future. That was MY point about choosing!
.........I will have to check about Switzerland, but there has been something in the news about their applying for NATO membership. Stay tuned!

I wasn't arguing about your 'MY point' or disputing your opinion.
Just replying that both your previous statements regarding Poland and Switzerland were wrong.
That was 'MY point in posting.

Ever heard of M.A.D. or Mutually Assured Destruction? The annihilation of millions of Americans (and innocent Russians) would be the result of a war with Russia. Total collapse of both countries (if not the entire world). What a great idea; lets go to war with Russia for trying to hack our systems even though we have been doing the same to them. Go back to your bunker Chicken Little!

The real significance is ...., including the US. We are late to the game.

Maybe, but i also think that this an eggageration as I currently work at a multiple product utility, electric (generation, transmission and distribution) and gas (transmission and distribution) and stating we are late to the game would imply that there have been multiple outages due to cyber attacks, and I have yet to read about many cyber outages in the CNI (critical national infrastructure). There is actually more risk in physical attacks now than cyber attacks. . .

This was particularly interesting to me, ..... I know first hand how poorly prepared our power grid is to deal with a cyber attack.

There are several grids in the US, if you are retired for more than 5-10 years, am thinking that you have missed a lot of continued improvements and upgrades, etc. I know that the PG&E sucked with their use of rate tariffs to adequately cover their physical risks, but most companies are continuously upgrading their cyber defenses. We have tripled our budgets in the last 5 years, and are constantly reducing risk entries. The Columbia gas pipeline explosions were due to failed reactions to over pressurization alerts, and they lost their license to operation in MA. But not a cyber attack.

So i am thinking that you are suffering from retirement memories of the old days, since being out of touch with the current working world advances, which are continuous and hidden from everyday retirement life. Oh I so wish I could be retired to get rid of all this working crap. . and forget about my now irrelevant operational finance career.

So yes, when the increased attacks happen, which have been on going since the beginning of March, internally non cni we have occasional connectivity issues, and slow latency, but nothing has been threatening the CNI any more than any other day.

still working IT guy,
though going back to finance / database dba / regulatory reporting support guy at work

It does feel the world is ramping up. I guess the question is, just how crazy is Putin, and will one of his own decide to take him out before he does something really stupid.

And the old saying goes, "I don't know how WWIII will be fought, but WW IV will be fought with stick and stones."
I think that US PEOPLE and Russian PEOPLE could exist nicely together as long as both countries could be free of a Dictator or autocratic tendencies......and I do mean both countries!

Maybe it is just another fear-porn psyop broadcasted on the mass psychosis box.
War propaganda is almost comical. When will Putin bomb a baby milk factory?
I fail to understand the point of such statements. There are VAGUE allusions to some.........whatever???? is the main point of the paragraph/series of statements?

Ever heard of M.A.D. or Mutually Assured Destruction? The annihilation of millions of Americans (and innocent Russians) would be the result of a war with Russia. Total collapse of both countries (if not the entire world). What a great idea; lets go to war with Russia for trying to hack our systems even though we have been doing the same to them. Go back to your bunker Chicken Little!

Excuse me, how did we get from the government sending out alerts to companies to check for this particular type or hacking, to declaring war on Russia?

If Russia attacks the US what is your recommendation? Learn Russian?

I wasn't arguing about your 'MY point' or disputing your opinion.
Just replying that both your previous statements regarding Poland and Switzerland were wrong.
That was 'MY point in posting.
To me, it did NOT seem like a clarifying reply. It seemed more like an attack and a delighted finding of fault with another person's post. In addition to a non-comment or opinion on the main point of MY post.
.......When anyone writes a reply of more than 5 or 6 sentences. There is always someone that will "pull out" a small detail and declare that a small detail of near-zero IMPORTANCE somehow nullifies the main argument of a post. Maybe it is human nature.....a dark human nature.

I think that US PEOPLE and Russian PEOPLE could exist nicely together as long as both countries could be free of a Dictator or autocratic tendencies......and I do mean both countries!

I am not a history person, but (there is always a but) it seems to me that all wars are wars of rich powerful people that the young, poor and powerless are sent to fight and die in so that the rich and powerful person can become more rich and powerful. I will go a step further and say the rich and powerful person is typically a sociopath, which has no emotional connection to other people, and so looks at loss of life in war as a "cost of doing business" and is only considered for how it impacts their personal wealth or power.

The first step in most wars is for "the people" to be convinced the other side are evil demons out to destroy "the people", and so "the people" must defend themselves (and their children) by taking action.

Remember when WE invaded Iraq, all the fear mongering and the online campaign to make Hussain out to be evil incarnate. They forgot to mention WE trained him, WE funded his rise to power, WE supplied him with the weapons he needed. WE stoked the fire, and then had to go to war with him because he got out of control. And who paid the price, hundreds of thousands of civilians in Iraq and Afghanistan, and many American soldiers. And the rich and powerful (corporations) made over $3 Trillion supplying the war machine, while our infrastructure feel apart.

Putin, in my not so humble opinion is a sociopath. He is following the same script, "He has to purge the NAZIs threatening mother Russia!" Most autocrats are sociopaths - approximately 5% of the worlds population are sociopath - 15 million Americans or 1 out of every 20 of your neighbors are.

It is more likely for a sociopath to gain positions of power and wealth because they do not play by rules, since rules do not apply to them. However, most powerful sociopaths are rich and powerful because they are very good at manipulating people. They are often surrounded by a cult following. I AM NOT TALKING ABOUT ANY PARTICULAR LEADER. I am talking about Jones, Putin, Hitler, Mussolini, etc. etc. etc.

To the point of your post. I firmly believe that "people" all would more or less get along fine without the sociopaths pushing misinformation. Most people want to raise their families. Make the world a better place for their kids. Keep their kids healthy and safe. Most people don't REALLY care what form of government they live under, as long as it leaves them alone to do what they want. It is the leaders that have to stir the pot, get people mad at other people.

When anyone writes a reply of more than 5 or 6 sentences. There is always someone that will "pull out" a small detail and declare that a small detail of near-zero IMPORTANCE somehow nullifies the main argument of a post. Maybe it is human nature.....a dark human nature.

Tell me about it - LOL! I tend to ramble on and on. And boy do people like finding some little detail (typo even) to pull out and rant over. Oh well, there are a few that want to actually discuss things and not just shout their dog whistles. I just need to learn to better control my "temper" and ignore those.

Maybe, but i also think that this an eggageration as I currently work at a multiple product utility, electric (generation, transmission and distribution) and gas (transmission and distribution) and stating we are late to the game would imply that there have been multiple outages due to cyber attacks, and I have yet to read about many cyber outages in the CNI (critical national infrastructure). There is actually more risk in physical attacks now than cyber attacks. . .



There are several grids in the US, if you are retired for more than 5-10 years, am thinking that you have missed a lot of continued improvements and upgrades, etc. I know that the PG&E sucked with their use of rate tariffs to adequately cover their physical risks, but most companies are continuously upgrading their cyber defenses. We have tripled our budgets in the last 5 years, and are constantly reducing risk entries. The Columbia gas pipeline explosions were due to failed reactions to over pressurization alerts, and they lost their license to operation in MA. But not a cyber attack.

So i am thinking that you are suffering from retirement memories of the old days, since being out of touch with the current working world advances, which are continuous and hidden from everyday retirement life. Oh I so wish I could be retired to get rid of all this working crap. . and forget about my now irrelevant operational finance career.

So yes, when the increased attacks happen, which have been on going since the beginning of March, internally non cni we have occasional connectivity issues, and slow latency, but nothing has been threatening the CNI any more than any other day.

still working IT guy,
though going back to finance / database dba / regulatory reporting support guy at work
An interesting post. Thought-provoking. KUDOS!

I fail to understand the point of such statements. There are VAGUE allusions to some.........whatever???? is the main point of the paragraph/series of statements?

Why does the phrase "Pot, meet Kettle" come to mind?

To me, it did NOT seem like a clarifying reply. It seemed more like an attack and a delighted finding of fault with another person's post. In addition to a non-comment or opinion on the main point of MY post.
.......When anyone writes a reply of more than 5 or 6 sentences. There is always someone that will "pull out" a small detail and declare that a small detail of near-zero IMPORTANCE somehow nullifies the main argument of a post. Maybe it is human nature.....a dark human nature.

You made a post, the main content of which was wrong, and to have that fact pointed out is an attack?
How precious are you?

Alert from the Government CISA:

The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to warn that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices, including:

Schneider Electric programmable logic controllers (PLCs),
OMRON Sysmac NEX PLCs, and
Open Platform Communications Unified Architecture (OPC UA) servers

Here is the entire alert: It has not yet been determined WHO is responsible for this, but the "general assumption" is it is Russia. If this in fact is happening, it is an act of war against the US.

APT Cyber Tools Targeting ICS/SCADA Devices | CISA (https://www.cisa.gov/uscert/ncas/alerts/aa22-103a)

"Dr. Strangelove or: How I Learned to Stop Worrying and Love the Bomb". - 1964 Directed by Stanley Kubrick

Sterling Hayden as Brig. Gen. Jack D. Ripper has to be you all over! Check it out! Lets bomb those Russkies back to the stone age!

the "so what" people on this thread need to watch 60 Minutes tonight.

the "so what" people on this thread need to watch 60 Minutes tonight.

If they are able to watch 60 minutes tonight then either the attack is not underway or it has not been very successful.

The advisory says there is evidence of tools being developed and/or tested and provides steps that affected industry partners need to take. For those partners, action needs to be taken. Bad things could happen but I'll bet our side will be prepared.

Maybe, but i also think that this an eggageration as I currently work at a multiple product utility, electric (generation, transmission and distribution) and gas (transmission and distribution) and stating we are late to the game would imply that there have been multiple outages due to cyber attacks, and I have yet to read about many cyber outages in the CNI (critical national infrastructure). There is actually more risk in physical attacks now than cyber attacks. . .



There are several grids in the US, if you are retired for more than 5-10 years, am thinking that you have missed a lot of continued improvements and upgrades, etc. I know that the PG&E sucked with their use of rate tariffs to adequately cover their physical risks, but most companies are continuously upgrading their cyber defenses. We have tripled our budgets in the last 5 years, and are constantly reducing risk entries. The Columbia gas pipeline explosions were due to failed reactions to over pressurization alerts, and they lost their license to operation in MA. But not a cyber attack.

So i am thinking that you are suffering from retirement memories of the old days, since being out of touch with the current working world advances, which are continuous and hidden from everyday retirement life. Oh I so wish I could be retired to get rid of all this working crap. . and forget about my now irrelevant operational finance career.

So yes, when the increased attacks happen, which have been on going since the beginning of March, internally non cni we have occasional connectivity issues, and slow latency, but nothing has been threatening the CNI any more than any other day.

still working IT guy,
though going back to finance / database dba / regulatory reporting support guy at work

Thank you very much. That was very informative. I did not retire from APS, I was a consultant with them for a while. I was working for them when 911 happened. I worked on several infrastructure related projects including some database projects for Palo Verde. One of the projects I was assigned was a project to upgrade substation communications to have redundant communications paths. This was to protect against potential physical attacks, and my understanding was they were doing it as a result of Congressional mandate to all electrical producers. I can't really say much more about it, since I was a contractor with confidentiality requirements.

Even back then there were multiple grids - yes - but, are you saying there are redundant national grids now? Because that was discussed when I was there, but was thought to be too expensive to be practical? The proposal that was gaining favor was distributed generation. But, the technology for that was not practical at the time.

And yes, I am certain there have been a LOT of improvement since then - that was 20 years ago, a few things have changed - LOL!

I am glad to hear we are taking it more seriously now compared to then.

I assume you read the CISA alert I linked to, and understand it was sent out to companies to alert them to a new cyber attack software that has been detected and to give them information on how to identify if they had been attacked and how to deal with it. It does not say we have been attacked, it says the software has been identified as having been "tested" against several locations.

Anyway, thank you again for bringing us more up to date than my out dated experience.

If they are able to watch 60 minutes tonight then either the attack is not underway or it has not been very successful.

The advisory says there is evidence of tools being developed and/or tested and provides steps that affected industry partners need to take. For those partners, action needs to be taken. Bad things could happen but I'll bet our side will be prepared.

I completely agree, those partners need to take action, and I am sure they will. And yes, bad things happen in wars. And I also think we will be prepared.

My point, as I have said, was not to fear monger, or say the world is ending, just to let people be aware of things that are going on - most people are never aware of the world of Cyberwarfare. I find it interesting, having been involve in some of it tangentially. I thought people here might like to know what is happening and how our government is protecting us.

"Dr. Strangelove or: How I Learned to Stop Worrying and Love the Bomb". - 1964 Directed by Stanley Kubrick

Sterling Hayden as Brig. Gen. Jack D. Ripper has to be you all over! Check it out! Lets bomb those Russkies back to the stone age!

I have no idea what you are going on about, but have a nice day.

If they are able to watch 60 minutes tonight then either the attack is not underway or it has not been very successful.

The advisory says there is evidence of tools being developed and/or tested and provides steps that affected industry partners need to take. For those partners, action needs to be taken. Bad things could happen but I'll bet our side will be prepared.

So did you actually watch the 60 Minutes piece? Your first sentence leads me to believe you did not.

So did you actually watch the 60 Minutes piece? Your first sentence leads me to believe you did not.

My first sentence, referring to the show that would air later in the day, led you to believe that I had not watched the show that had not aired yet?

But no, I do not watch network television. What insights did the piece have?

EDIT: Even more confused by your remark now. I read what seems to be the transcript for the program (https://www.cbsnews.com/news/russia-cyberattacks-60-minutes-2022-04-17/). The transcript talks about indications and warning and planning but no attack against the US yet. That seems to support my first sentence that, "If they are able to watch 60 minutes tonight then either the attack is not underway or it has not been very successful." What am I missing?

Just to give everyone comfort as to training at utilities, we actually see demos of actual software used in phishing attacks against us, as well as study other attack vectors from actual attacks. . .


A practical training course has been developed to show what a cyber attack could look like on the electricity transmission network.

Understanding the signs to look out for will help differentiate between potential attacks and operational faults on our Operational Technology (OT).

To achieve this, we have delivered a representative protection and control system within Eakring training centre which the delegates will be able to use in the training.

This training follows on from the Cyber Security Foundation module, launched last year, which was designed to increase awareness of the threats we face, and how we can mitigate the risks. The Cyber Security Skilled training module offers additional knowledge of cyber security tools and techniques and a more comprehensive understanding such as:

What the Ukraine power system attack looks like for real
Understand how an attacker thinks to compromise systems
Demonstration of what a compromise of a substation would look like and the signs to look out for
We have collaborated with colleagues from across the business to ensure we make it as relevant as possible to ET.

The training (Cyber Security Skilled Training ET107) is now fully developed and we have completed a walkthrough and pilot with colleagues over the last few weeks to gain feedback. The training is a three day classroom based module which will be held in ###, on successful completion delegates will receive a qualification (Level 2 Award in Cyber Security Awareness for Critical National Infrastructure). The criteria for this training is staff that are actively working on, or frequently setting people to work on OT.

Cyber training pathways have been developed with the quarterly mandatory security training as generic training, the foundation and skilled as role based training. This will be reviewed on an annual basis to ensure it is always relevant and up to date.

The cyber threat to OT in the external environment is increasing and, as we use more data and become a more digital business, our risk profile increases therefore its essential we ensure the ET business has the required awareness and capabilities to combat the increasing cyber threat to OT.


it guy wanting to leave it

Just to give everyone comfort as to training at utilities, we actually see demos of actual software used in phishing attacks against us, as well as study other attack vectors from actual attacks. . .




it guy wanting to leave it

Sounds good, glad to hear it seems to be taken seriously. I expect it is not a question of IF we will be attacked, but when. With sufficient training and preparation I have no doubt we will survive it. Sounds like you have some interesting experience, I am a bit sad I am a bit over the hill for Cyberwarfare work, it would intrigue me.

I keep a sandboxed system on my desk setup as a honey pot and occasionally catch something interesting. But, I don't have the time to mess with it much anymore.

Martin,

enjoy retirement, I realize that workaholics like myself want to continue to feel relevant in today's world, but in reality, time is better served enjoying what TV and the rest of our lives have to offer,

and don't click on any links which you don't know, and don't answer random phone calls which are not on your contacts lists. . . and use linux mint if instead of windows O/S to minimize the potential viruses and other attacks. .

I am converting over as soon as I have the time.

laptop safety officer