Cyber attack shuts down U.S. fuel pipeline ‘jugular,’ Biden briefed

BugI02

Grandmaster
Rating - 0%
0   0   0
Jul 4, 2013
22,117
149
Columbus, OH
I had read that the pipeline company had taken systems offline as a precaution, not that any systems were directly damaged by the attack (at least not hardware systems), so I dug around a bit more

I thought it could be something like this. Big difference between ransomware attack and Stuxnet


 

thompal

Master
Rating - 0%
0   0   0
Sep 27, 2008
2,915
63
Beech Grove
I'm very curious about why vital parts of infrastructure are on the internet with public IP addresses. Do they honestly believe that Russia and China really need the ability to hack our infrastructure?
 

rooster

Expert
Rating - 100%
10   0   0
Mar 4, 2010
1,681
113
Indianapolis
I'm very curious about why vital parts of infrastructure are on the internet with public IP addresses. Do they honestly believe that Russia and China really need the ability to hack our infrastructure?
Because the challenges involved with air gapping these systems would cost the company more money.

To make matters worse what little infrastructure there is that is air gapped is quickly being “modernized” to be brought on the internet. Useful for remote startup of equipment, monitoring systems and laying off operations staff. Not useful for security.
 

NHT3

Master
Rating - 100%
33   0   0
Apr 12, 2009
3,975
149
Bargerswood
CCP Joe's Depends are completely dry unless he pissed his pants in glee.. Note the article stated that the hackers "avoid targets in post Soviet states". Reason for that being the hackers know the Soviets would find them and remove their heads, literally.
All we do is "brief" SloJoe, change his diaper and put him to bed. I have a feeling DJT would have handled the situation a little differently but I digress.
By the way a shoutout and thanks to Joe and all that voted for him, hope you're happy now that gas has passed $3 again, at this rate we'll be back up to $4 by Independence day:happybday:. :ranton:
 

schmart

Marksman
Rating - 100%
2   0   0
Nov 10, 2014
332
12
Lafayette
I'm very curious about why vital parts of infrastructure are on the internet with public IP addresses. Do they honestly believe that Russia and China really need the ability to hack our infrastructure?
The equipment itself doesn't necessarily need (or have) public IP addresses. However, if it is to be remotely operated and monitored, it needs to be on a network. That network needs to be accessible via a system that is available from a public space, even if that is simply a "jump box" with dual network cards. If you can legitimately tunnel down to the equipment to control it, the same path can be used to hack the equipment.

Since this was a ransomware attack, not a controls attack, the equipment itself may very well be untouched, but they want to be certain that the overall controlling server is clean before resuming operations to ensure they don't end up with an environmental disaster due to an over pressure, etc. They did say "we proactively took certain systems offline to contain the threat".
--Rick
 

eric001

Vaguely well-known member
Site Supporter
Rating - 100%
8   0   0
Apr 3, 2011
1,581
84
Indianapolis
CCP Joe's Depends are completely dry unless he pissed his pants in glee.. Note the article stated that the hackers "avoid targets in post Soviet states". Reason for that being the hackers know the Soviets would find them and remove their heads, literally.
All we do is "brief" SloJoe, change his diaper and put him to bed. I have a feeling DJT would have handled the situation a little differently but I digress.
By the way a shoutout and thanks to Joe and all that voted for him, hope you're happy now that gas has passed $3 again, at this rate we'll be back up to $4 by Independence day:happybday:. :ranton:

Ya know, you may just be on to something there... When's the last time you heard of terrorists pulling shenanigans in Israel...twice?? Kind of like some of those "ex"-Soviet states, their approach is rather drastic and brutal, but works like a charm.
Pity that we as a country are so beholden to the bleeding hearts that we no longer have the will to make the hard choices and do what needs to be done to prevent repeat attacks. Turning the other cheek just guarantees getting blindsided again. And whining/bemoaning the attacks without serving up real consequences just encourages the terrorists.
 

JTScribe

Chicago Typewriter
Site Supporter
Rating - 100%
10   0   0
Dec 24, 2012
3,278
113
Bartholomew County
The equipment itself doesn't necessarily need (or have) public IP addresses. However, if it is to be remotely operated and monitored, it needs to be on a network. That network needs to be accessible via a system that is available from a public space, even if that is simply a "jump box" with dual network cards. If you can legitimately tunnel down to the equipment to control it, the same path can be used to hack the equipment.

Since this was a ransomware attack, not a controls attack, the equipment itself may very well be untouched, but they want to be certain that the overall controlling server is clean before resuming operations to ensure they don't end up with an environmental disaster due to an over pressure, etc. They did say "we proactively took certain systems offline to contain the threat".
--Rick
Yeah, ideally they NAT’d the public IP into a DMZ’d system and just have to restore that interface to bring the system back up. But ideal costs money and time, and sometimes execs don’t understood or approve that.
 
Top Bottom