
Cyberattacks Put Russian Fingers on the Switch at Power Plants, U.S. Says - eorge_g
https://mobile.nytimes.com/2018/03/15/us/politics/russia-cyberattacks.html
======
jessaustin
I'm no expert, but rather than watching attacks for three years and then
issuing some ineffectual reports and sanctions, wouldn't it have been better
to just lock down the damn power plants? If you're smart enough to notice all
this nefarious activity and correctly attribute it to somebody on the other
side of the globe even though we know that other parties use all the same
tools they use, why aren't you smart enough to just fix the vulnerabilities
they're using? Curious!

~~~
diafygi
In order to integrate more renewables onto the grid (which are non-
dispatchable generation), we need to add more generation and load flexibility
on the grid.

This means you need more communications between all the various parts running
the grid. So it's not just the switch that opens the valve at the gas turbine
power plant that you have to worry about (which I agree is easy to be air-
gapped and interlocked). You also have to worry about manipulation of the
communication ecosystem that let all the various grid actors coordinate so
everything stays in sync.

EDIT: Also, remember that power engineers are extremely good at running the
grid and keeping the lights on. They are NOT experienced at protecting it from
cyber attacks. Unfortunately, neither the intelligence community or tech
sector that is actually good at cyber defense (Google, Apple, Facebook, etc.)
has not offered to help add cyber defenses and these physical infrastructures.
So, the only parties who have been doing the grid cyberdefense work have been
security theater companies ("enterprise" security).

~~~
mkempe
Ah, if only the country had a three-letter agency with a responsibility to
identify weaknesses in cyber infrastructure _and_ work with relevant
manufacturers to fix these bugs...

~~~
maliker
I know this isn’t what you’re referring to, but DOE is pushing for a reorg
that creates a large cybersecurity department.

~~~
mkempe
I'm happy with the NSA having and keeping sole responsibility for it, _iff_
they do the job.

------
akeck
See the pilot of the 2004 Battle Star Galactica.

------
abvdasker
This combined with the election meddling and recent assassination in the UK
feels like a clear reignition of the cold war.

------
neo4sure
The more I see it the more it looks like these guys are getting ready for a
war. The 2016 election hacks seem to have been a decade-long plan. I hope it
never comes to this. At a time when the country is divided, we may have
trouble responding.

~~~
jimnotgym
If you add that to the nerve gas assassination attempts in the UK this week it
is time to look hard at how Russia has infiltrated the west.

~~~
hunta2097
It wasn't a gas, it was a powder (most likely).

Russia's activities are probably more inward looking than outward. On March
18th Russian citizens will vote for their next president. Reaction (however
warranted) by the Western powers will play well at home for Putin.

"LOOK! The world hates us, let me protect you."

------
vondur
Well, if we'd stop meddling in Russia, maybe they'd do the same. I'm pretty
sure we are trying to hack into their systems.

~~~
cwkoss
Not many people know that Hillary Clinton 'meddled' in the 2011 Russian
election...

[http://time.com/4422723/putin-russia-hillary-
clinton/](http://time.com/4422723/putin-russia-hillary-clinton/)

I feel like all American black ops are well intentioned, but often end up
coming back to bite us.

~~~
jessaustin
That's pretty thin. The fact that Putin said she did, doesn't mean she did.
We're on much more solid ground saying that Americans got Yeltsin elected in
1996. Of course that result ended up being very good for Putin...

~~~
throwaway84742
It’s not all that much thinner than “$100k in FB ads spent _after the
election_ altered the results of the election”.

~~~
jessaustin
Sure, but I don't believe that fairy tale either.

