Just wait until the hackers take over the Positive Train Control system. And have the ability to cause derailments and catastrophic incidents.
...or air traffic control
Posted on 05/14/2021 8:37:09 AM PDT by qaz123
A recent report from Wired reveals that a week after a ransomware attack shut down Colonial Pipeline halting fuel distribution on the East Coast, the company paid a reported $5 million dollar ransom to regain control of their systems and resume operations. The payoff may lead to future ransomware attacks, as one expert notes: “Unfortunately, it’ll help keep United States critical infrastructure providers in the crosshairs. If a sector proves to be profitable, they’ll keep on hitting it.”
(Excerpt) Read more at breitbart.com ...
The "hackers" shut down the company's ability to operate the pipeline?
A pipeline, that at one time, was more than likely operated manually, or at least could be operated manually in an emergency.
So, if there's an ability to operate the pipeline manually, to keep the gas flowing, how hard/expensive would it be to set up a new system?
Basically, tell the hackers to pound salt up their a$$, get some folks in the field to monitor and operate the pipeline and then replace the existing system.
It'll be interesting to see if other companies are spending some money for the appropriate safeguards, if there are any, or will just roll the dice to hope that it doesn't happen to the them.
I’m kinda shocked that they paid. If I ever got one of those attacks I’d just wipe everything and start over. I don’t keep anything that important on my internet connected computer. That would not be wise.
Exactly. And that is my question to the Tech Wizards on FR.
How easy/hard ... cheap/expensive ... practical/impractical ... it would be to do as you stated?
The payoff was probably $50M, not $5M. Should not have paid and the special forces should have covertly eliminated the root cause. This country is weak and laughed at by the world, its the citizens fault for allowing it to become this way.
I just put everything on an external Seagate drive through USB from time to time.
Indistry-wide, billions of dollars have been spent putting automatic control and monitoring systems into place.
Much of the ability to expand and control even larger systems and outlays, such as more customers and their lines, nodes back to main lines and systems, etc., have occurred because automation allows it. More manual systems might not be able to handle a modern workload—certainly not a larger one.
To now reverse all that could cost even more. Were would you get the trained manpower, since automation has been going on for 30-40 years now?
A case in point. I was at a local gas station talking to the young clerk. He mentioned that a tanker should be coming soon and he had to ensure no one parked by the tank hatches.
I asked how he figured out how to tell when his tanks were empty—where’s his stick? He had no idea what I was talking about.
I said, when I was in high school in the early 70s I worked part time pumping gas. We had to take an enormous measuring stick and had to measure how much gas was in the tank every evening, so the boss-man could order a delivery when we’re low.
He said they didn’t do that, the tanks all had sensors that let them computer know when the tanks were low, and would even schedule a delivery when that occurred. He only know when a delivery was coming because the computer would tell him.
I had caught wind that they were unable to regulate the pressure within the system and if that was the case it would make sense in a money way to regain control via extortion and totally reformat and go back to a manual override that can be put into place rather than being vulnerable from future attacks. I see computers as a source for information and any other application for something critical is always a risk....This is why I have two vehicles a Honda Odyssey (2005) and my workhorse 1971 IH pick up still running on points and condenser ....The KISS rule can never be improved upon when it comes to vital items. Amazing how advancements in technology actually makes humans more ignorant ....most have forgotten how to use a shovel/s
Basically, tell the hackers to pound salt up their a$$, get some folks in the field to monitor and operate the pipeline and then replace the existing system
Errrr! Nice try thanks for playing. The pipeline system is 100% on a computerized grid. The hacker compromised the passwords and changed them so they couldn’t do anything to get oil flowing because they shut down not only the primary but the secondary control of the valves. No real manual overide. They owned the pipeline. This can be 100% traced to corporate retards saving a buck for favoring computers over people doing the job. Now it cost them in the worst way.
This country is weak and laughed at by the world .... so sad and unfortunately very true. Amazing how far we’ve fallen in a little over 3 months.
What’s the meme?
Tough times create tough men .... Tough men create easy times ... Easy times create weak men .... Weak men create tough times. or something like that, IIRC.
There was a meme floating around yesterday....Hamas is using Twitter as a call to arms and to promote violence against Israelis. But President Trump isn’t banned.
No mean tweets though.
Indistry-wide, billions of dollars have been spent putting automatic control and monitoring systems into place.
Just wait until the hackers take over the Positive Train Control system. And have the ability to cause derailments and catastrophic incidents.
The major problem is that most major pipelines in this country are remotely controlled from a centralized location using a process known as SCADA.
The flow of product is controlled by these systems. It is not as simple as sending someone out to those control valves and operating them manually. First they wouldn’t have enough people skilled enough to do so. Secondly the probably wouldn’t have enough laptops to handout to connect into those locations physically.
The remote sensors are hooked to to wide area networks and routed to the control center via those networks. It is expensive and sometimes not physically possible to build a private network that only the energy company data traffic is sent on.
I’m betting the hackers got onto the servers that controlled the pipeline thru a phishing attack or something similar. So Colonial had to restore their servers from their backups, check to make sure they weren’t affected, test all of the remote connections to make sure they were fed national. Not a simple task and time consuming.
I worked in that industry so I speak from a position of knowledge and experience. Our infrastructure structure is more vulnerable than anyone realizes.
They can waste 5 million on ransomware but didn’t want to invest in a reliable backup/recovery system?
I would fire the entire IT staff responsible for backups. ALL OF THEM.
Think of a future time when the goal is NOT to test our systems, or make a few quick millions... BUT TO DESTROY THE COUNTRY WITHOUT HAVING TO DROP ONE BOMB...
What will we do then?
Just wait until the hackers take over the Positive Train Control system. And have the ability to cause derailments and catastrophic incidents.
...or air traffic control
Your explanation makes sense, but the inability to override what is basically manual system because of a computer network makes no sense to me.
This was a gas pipeline.
I’ve done security on oil pipelines in Iowa after the issues that occurred during the Dakota pipline fiasco. Pipeline ran under corn fields for miles, popped up at certain intervals at a valve and then went back underground for a few miles to another valve station.
Each station was “secured”, had a small shack with sensors and monitors to keep track of things.
This can be 100% traced to corporate retards saving a buck for favoring computers over people doing the job.....this can be traced to corporate retards that believe the young, liberal MBAs that promise them insane returns on investments and ignore everything you wrote about, who have no skin in the game and when things go to sh*t they just move onto the next job.
Got it. Thanks
Go back to a time before all the conveniences we all enjoy and take for granted. While doing so, the cities will eat themselves and the folks out in the country will eventually overcome some of it.
I’m hoping and praying that these companies are using this as a wake up call, but I doubt it.
As Usawatcher stated ...... Our infrastructure structure is more vulnerable than anyone realizes.
And you cannot take just anyone and have them work d o t pipeline. There are borderline punitive training requirements ... It would take at least a month to qualify people to do it manually... Nevermind that nothing has been done with only man in attendance since Fisher made the first control valve / regulator.
So the problem of going manual is this....not enough bodies to send to all of the control points along a pipeline. Some of those locations might be in terrain that’s tough to get too. Second problems is have enough laptops with the right software and necessary connection hardware to get into those control power nets on the pipeline. Somebody has to know what an RTU is and how to connect to it....and that’s not knowledge that everyone has.
Automation is very widespread in the energy sector and it’s only going to become more pervasive. If I can sit in a control center in Houston and control thousands of miles of pipeline and not have a body turning valves At all times of the day or night that saves money for the company. Most large energy companies have such control centers and the folks working in them are very skilled and knowledgeable. I know....I worked with them
There is no easy solution to combatting hacker attacks. And the feds don’t have the greatest it infrastructure. Some of their stuff is still running legacy software from the 60’s and 70’s. And the private sector pays way more than the feds for experienced cyber security people.
Joe Biden probably had the US government pay the off the hackers. He just fires up his money printing presses. Millions, trillions....it doesn’t matter.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.