Skip to comments.
Power Grid Attacks – Q Anon / Great Awakening Banned From Reddit – Hurricane Florence Update
IWB ^
| Ruby Henley
Posted on 09/13/2018 11:39:30 AM PDT by davikkm
Last December, the Ukraine power grid was attacked, and Russia is the suspect. A quarter of a million people lost power in the Ivano-Frankivsk region of Ukraine.
Vasyl Pemchuk is the electric control center manager. Remembering the nightmare when hackers took over their computers, he said all his workers could do was film it with their cell phones.
It was illogical and chaotic, he said. It seemed like something in a Hollywood movie.
This is, also, my fear, and as Hurricane Florence makes its way into the Carolinas my mind is fixated on weeks without power. But the truth is we do not have to wait for a hurricane for this to occur, an foreign Country will most likely do that for us in the near future.
How easy an operation was it for allegedly Russia to put parts of Ukraine in the dark? It was as easy as a click.
The alleged hackers sent emails with infected attachments to power company employees and went on to use their login credentials. The fact is it was not difficult to do ultimately they took control of the grids systems to cut the circuit breakers at nearly 60 substations.
The suspected motive for the attack is the war in eastern Ukraine, where Russian-backed separatists were fighting against Ukrainian government forces.
(Excerpt) Read more at investmentwatchblog.com ...
TOPICS: Government; Politics
KEYWORDS: aaablogpimp; aaablogtrash; fireyour12yodaughter; nuttery; pimpdaddy; qanon; qisfake; rubyhenleyisanidiot; rubynuttery; rubysucks; tomfoolery
1
posted on
09/13/2018 11:39:30 AM PDT
by
davikkm
To: davikkm
The real question why is our power grid accessible from the Internet? If it needs to be networked, it needs to be on a private network independent of anything to do with the "real" Internet, completely unconnected. It should be partitioned, with each partition on its own private network too. We had a functioning power grid before the Internet, perhaps it's time to revisit it.
2
posted on
09/13/2018 11:45:11 AM PDT
by
Governor Dinwiddie
("Nature, Mr. Allnut, is what we are put in this world to rise above.")
To: davikkm
Computers and devices that control public utilities and infrastructure should never be permanently networked and should only communicate in isolation with other devices and computers that operate within the framework of it’s purpose.
Redundancy is a good thing, but also only in isolation to it’s functions.
Remote telemetry and control is way overrated and a massive liability. Engineers who specify or permit it should be fired.
3
posted on
09/13/2018 11:49:22 AM PDT
by
z3n
To: davikkm
There is some damn fine analog equipment out there.
Can’t be hacked.
Just a little more manpower intensive.
But why would you take a chance????
4
posted on
09/13/2018 11:56:10 AM PDT
by
2banana
(My common ground with terrorists - they want to die for islam and we want to kill them)
To: Governor Dinwiddie
It’s not.
Why do people believe everything they read on crap sites?
5
posted on
09/13/2018 12:31:02 PM PDT
by
bigbob
(Trust Sessions. Trust the Plan.)
To: bigbob; All
Are you an Industrial Control Systems SCAD A vulnerability expert?
Power control systems are not completely “air gap” isolated from internet access.
System control vendor administration accounts have been successfully accessed via exploiting unsecure system maintenance service accounts that system vendors have negligently left open via non-encrypted FTP, rlogin, telnet protocols, for instance.
Go to SANS, Dark Reading, Krebs on Security, Blackhat, and FBI Infragard to read up on the topic.
Many legacy power plant ICS SCADA control systems and old (20-30 yrs+) non/weak-encrypted wireless peripheral control units such as remote valves, sensors, pumps, electrical switches, still remain vulnerable to hacking from power station parking lots.
Upgrading old legacy components used in power plants can be technically difficult, expensive and disruptive to system availability.
6
posted on
09/13/2018 1:12:04 PM PDT
by
MarchonDC09122009
(When is our next march on DC? When have we had enough?)
To: bigbob; All
Educational opportunity 4 u: https://www.infosec-city.com/sg18-ctf-ics-scada ICS/SCADA Capture-the-Flag (CTF) Sponsored By: Registration The ICS/SCADA CTF competition is open to all conference ticketholders to play, enjoy and compete.Participants simply have to register at the NSHC booth located in the Exhibition Foyer.GameplayThere are altogether 6 scenarios, each with its own set of challenges and scores. The scenarios and challenges are based on real ICS/SCADA simulation using real ICS/SCADA components. There are more than 50 challenges Providing an enjoyable and unforgettable experience for both Beginners and Experts. ScenariosScenario 1: Malware/Forensics An Operator's Workstation Windows System Email Attachment Scenario 2: IoT/Web Vulnerability/Forensics Wireless LAN (WLAN)No Access ControlScenario 3: Bypass Airgap/Network/CryptosystemWindows System Default Installation No Internet AccessScenario 4: Bypass Airgap/HMI Windows SystemPLC Developer's WorkstationUSB BlockOnly Mouse & KeyboardScenario 5: ICS Vulnerability in PLCPLC Software/Firmware0-day Scenario 6: ICS Infrastructure/Real-WorldSimulation RailwaySmart Grid Challenge CategoriesEach challenge may span across various challenge categories. Category 1: Bypass AirgapIndustrial WiFi Hacking Industrial BluetoothRadio Frequency (RF) HackingUSB-based Microcontroller Default Network-based Attack Category 2: ICS ProtocolIEC 60870-5-101 or 104, IEC 61850, DNP3ModbusIncident Response for Security Operations Centre (SOC) Category 3: PLC & HMIWell-known vulnerabilitiesPassword Cracking0-day Vulnerabilities (Discovered by NSHC Red Alert Team)Control PLC, HMI Category 4: ForensicsNetworking Industrial Network CaptureDocuments Category 5: Misc.Shodan & IoT ManipulationZoomeye Search for SCADA EquipmentOSINT for Critical Infrastructure
7
posted on
09/13/2018 1:42:54 PM PDT
by
MarchonDC09122009
(When is our next march on DC? When have we had enough?)
To: MarchonDC09122009
Aw, heck, I can’t even remember Spectra 70 Assembly language! (Anybody still use RCA mainframes?)
To: Pete from Shawnee Mission
Many power stations still use DEC PDP/11’s.
It’s the ones that use legacy Microsoft XP, 95, 98 and 2000 that are very worrisome.
9
posted on
09/13/2018 6:41:50 PM PDT
by
MarchonDC09122009
(When is our next march on DC? When have we had enough?)
To: MarchonDC09122009
Digital Equiptment Corp? 1960s? Wow, although not quite the dawn of digital. Amazing to think that Power plants still use MS XP.
To: Pete from Shawnee Mission
I worked for GE in the 1990’s, as a generator and excitation specialist. I routinely worked on equipment that had been installed in the 1950s. I was at a paper mill once and a lot of the equipment the was war surplus, you could tell because it had”war emergency” nameplate values. The oldest unit I worked on was installed in the 20s. The generator controls were patented during the first world war.
To: Whenifhow; null and void; aragorn; EnigmaticAnomaly; kalee; Kale; 2ndDivisionVet; azishot; ...
12
posted on
09/13/2018 9:49:48 PM PDT
by
bitt
(We know not what course others may take, but as for me, Give me Liberty, or Give me Death!)
To: davikkm
Hey, think it’d work on Silicon Valley? /sarc>
13
posted on
09/13/2018 9:51:49 PM PDT
by
grey_whiskers
(The opinions are solely those of the author and are subject to change without notice.)
To: Pete from Shawnee Mission
DEC lasted into the mid-late 80s or early 90s, before workstations ate their lunch.
And then PCs ate the workstations' lunch.
Then mobile devices ate the PCs' lunch.
14
posted on
09/13/2018 9:53:14 PM PDT
by
grey_whiskers
(The opinions are solely those of the author and are subject to change without notice.)
To: Fellow Traveler
Analog controls? Sycros & Servos?
Important stuff, but outside my training.
To: grey_whiskers
Grey! The smaller ones keep eating the bigger ones! Moore’s fish!
To: Pete from Shawnee Mission
“Moore’s fish” — cool! never heard that one before! :-)
17
posted on
09/17/2018 9:14:02 PM PDT
by
grey_whiskers
(The opinions are solely those of the author and are subject to change without notice.)
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson