Cyberattacks and ransomware

[gravitylover]

WTF. Talk about shitty people doing fucked up things. The last few that the media told us about were disturbing and now the pipeline that moves about 50% of the fuel to the East Coast is shut down. If it stays down another day supply levels will start to drop, if it's still down on Tuesday we've got problems. Compounded with a critical shortage of certified tanker truck drivers that has 25% of the (national) fleet off the road things could get really dicey when they have to start rationing which could happen by Wednesday afternoon.

What's next? What power grid or fresh water supply system gets knocked out...

[Core Shot]

I had my work server bricked. It sucks.

Didn’t lose much data since I had a cloud backup.

But it’s virtual rape. A complete violation. I still wonder how long it could have been running, uploading all the data for later mining and blackmail. Uggh.

The interesting thing about the gasoline pipeline is that now it’s common knowledge. An actual terrorist could blow it up in three locations and make a year long gas shortage in the east.

[prsboogie]

Good thing we shut down alternate supply line construction.

Sent from my SM-G975U using Tapatalk

[m2711c]

The interesting thing about the gasoline pipeline is that now it’s common knowledge. An actual terrorist could blow it up in three locations and make a year long gas shortage in the east.

It’s always been common knowledge. Buckeye pipeline runs right through the fucking state. Big old signs all over the place done sayin’ look out there’s a fucking pipeline right here. Definitely no secret.

[riser4]

Nation-state actors. Just the beginning. We built quite the house of cards.

[Skidog]

Nation-state actors. Just the beginning. We built quite the house of cards.

I see it as more of we got lazy and complacent. Power distribution and water distribution networks should be completely segregated from any other network in the building. No internet access of any kind. We decided to make it "easier" to manage "from anywhere".

Sent from my Pixel 4a (5G) using TGR Forums mobile app

[riser4]

I see it as more of we got lazy and complacent. Power distribution and water distribution networks should be completely segregated from any other network in the building. No internet access of any kind. We decided to make it "easier" to manage "from anywhere".

Sent from my Pixel 4a (5G) using TGR Forums mobile app

We're talking past each other.

[Bunion 2020]

Good thing we shut down alternate supply line construction.

Sent from my SM-G975U using Tapatalk

Cause those would somehow be immune? /S

[prsboogie]

Cause those would somehow be immune?

Just sarcasm

Sent from my SM-G975U using Tapatalk

[Bunion 2020]

Got it, thx

[GiBo]

I see it as more of we got lazy and complacent. Power distribution and water distribution networks should be completely segregated from any other network in the building. No internet access of any kind. We decided to make it "easier" to manage "from anywhere".

Sent from my Pixel 4a (5G) using TGR Forums mobile app

That's how we do it. You can still have remote SCADA access without compromising security. Business networks with hundreds of users and internet access is tough, but any OT network that gets hacked is purely a result of bad network administration.

[riser4]

That's how we do it. You can still have remote SCADA access without compromising security. Business networks with hundreds of users and internet access is tough, but any OT network that gets hacked is purely a result of bad network administration.

Not purely. Also a lack of proper regulation AND oversight.

[RShea]

Tested and working Backups, disaster planning, and better network design are part of the equation. Users not doing dumb stuff, multiple layers of network protection- firewalls, anti-virus, email filtering so phishing messages do not even make it into an inbox, and limited rights with only as needed access, are part of the other side also. Keeping up on firmware and patching vulnerabilities as revealed also needs to be a priority.

Just like say a Hospital or Healthcare ransomware attach that can affect the critical operations of emergency rooms, IT and security needs to be thought of differently in many businesses.

[riser4]

Tested and working Backups, disaster planning, and better network design are part of the equation. Users not doing dumb stuff, multiple layers of network protection- firewalls, anti-virus, email filtering so phishing messages do not even make it into an inbox, and limited rights with only as needed access, are part of the other side also. Keeping up on firmware and patching vulnerabilities as revealed also needs to be a priority.

Just like say a Hospital or Healthcare ransomware attach that can affect the critical operations of emergency rooms, IT and security needs to be thought of differently in many businesses.

Therefore we find ourselves living in the current house of cards.

[Skidog]

We're talking past each other.

I got ya, and totally understand your point.

[MontuckyFried]

I see it as more of we got lazy and complacent. Power distribution and water distribution networks should be completely segregated from any other network in the building. No internet access of any kind. We decided to make it "easier" to manage "from anywhere".

Bingo. There is zero reason that utterly critical infrastructure shouldn't be handled via isolated intranet systems. Maddening to see how the idiots in charge of these outfits allow some of these things to be so vulnerable to attack.

[old_newguy]

Bingo. There is zero reason that utterly critical infrastructure shouldn't be handled via isolated intranet systems. Maddening to see how the idiots in charge of these outfits allow some of these things to be so vulnerable to attack.

Its called capitalism. Same reason Texas went without power for a week this winter.

[Skidog]

Bingo. There is zero reason that utterly critical infrastructure shouldn't be handled via isolated intranet systems. Maddening to see how the idiots in charge of these outfits allow some of these things to be so vulnerable to attack.

the best part is a lot of the controllers that run this stuff are on older bacnet and modbus protocols, which arent super security based protocols. Any one I ever installed was never to touch the internet. You could not access building management systems anywhere but INSIDE the physical building. Access to the physical controllers was controlled. If you didn't need to touch it you would never touch it.

Just wait....water systems, sewage systems, power grids....all very outdated and for sure not secure.

[Timberridge]

the best part is a lot of the controllers that run this stuff are on older bacnet and modbus protocols, which arent super security based protocols. Any one I ever installed was never to touch the internet. You could not access building management systems anywhere but INSIDE the physical building. Access to the physical controllers was controlled. If you didn't need to touch it you would never touch it.

Just wait....water systems, sewage systems, power grids....all very outdated and for sure not secure.

I've asked this here before and got only lighthearted answers, but I'll try again. What protocols do we have on the TGR servers??? I have posted sensitive information here that in the wrong hands could be used against me.

[Deebased]

Bingo. There is zero reason that utterly critical infrastructure shouldn't be handled via isolated intranet systems. Maddening to see how the idiots in charge of these outfits allow some of these things to be so vulnerable to attack.

Oh you have no idea. We have major hydroelectric dams that are still susceptible to the ping of death.

[old goat]

At what point do we decide that a cyber attack on our infrastructure by a state actor is the same as a missile attack?
It seems unlikely that a state actor would do a ransomware attack, although the ransom demand could be a smoke screen.

[MontuckyFried]

What protocols do we have on the TGR servers???

I think this is about as advanced as it gets:

[Deebased]

Its called capitalism. Same reason Texas went without power for a week this winter.

Plenty of blame to spread around and capitalism might be the smallest percentage. Capitalism spends hundreds of billions annually on redundancy and business resilience solutions.

[Deebased]

At what point do we decide that a cyber attack on our infrastructure by a state actor is the same as a missile attack?
It seems unlikely that a state actor would do a ransomware attack, although the ransom demand could be a smoke screen.

When the stimulus popularity wanes.

[ötzi]

Apparently the hackers ignore any system where the language is set as Russian so all we have to do is set everything to Russian and we're all set. Easy peasy.