In February this year there was an attack against Vodafone Portugal that brought down their whole mobile networks, 4G, 5G, and fiber, taking them several days to bring everything back up [0]. It also very clearly was a state actor, no threats, no ransom, sophisticated.
Taking down pipelines, taking down comms, taking down transport infrastructure. All within a few months. Always on NATO targets, always localized, never claimed with any statements, always sophisticated enough that it would require knowledgeable state actors.
It all seems like a training ground to find out if they can do it and probably a message to NATO members to not assume they are safe.
Yeah but I would assume the same attack is not going to be successfully against the same target a second time. So they are essentially providing free pentesting. And creating a climate that allows governments to introduce much stronger security measures. Without creating much actual damage.
Also I wonder if it was a physical oder purely software attack? If it was a physical attack on a critical system, it could have been anybody, not just state actors.
The German security landscape in general is in a pretty bad shape, hence such pentesting isn't all that valuable. Patch one vector, dozens or hundreds left open, and there is neither a strong security mindset nor a realistic option to implement meaningful security in infrastructure that often as not is decades old, fully analog, built without any security considerations at all, and falling apart on its own. IT security is pretty catastrophic (German law makes it hard to do it properly, it's much stricter than e.g. the corresponding US law), but physical security often as not turns out to be a sturdy closet with a hardware store combination padlock, even for things that would be considered critical and protected much better in other places.
I think this is about sending a message (we're aware of that situation + able and willing to take advantage of it) and to do it in a way that can't be kept under wraps. I guess this won't make it any easier for Chancellor Scholz to send the tanks Ukraine requested.
> IT security is pretty catastrophic (German law makes it hard to do it properly, it's much stricter than e.g. the corresponding US law)
To chime in on this, if you're in Germany and report a security vulnerability to a vendor there's a very good chance you'll get a criminal investigation, house searched, computers/phones seized for a long time etc. in return. Often in combination with a cease and desist or civil charges.
It's not a good idea to approach vendors directly with findings in general, but in Germany doing that can seriously screw your life up.
I wouldn't do security research in Germany at all. If you have talents in the area, just go to the US.
> there is neither a strong security mindset nor a realistic option to implement meaningful security in infrastructure that often as not is decades
Honestly, there is the opposite of a strong security mindset over here. Just a year ago, a security expert found an app of a major party leaking data of thousands of private persons - it was basically a web application without authorization. She tried to disclose this responsibly and naturally got sued due to unauthorized access to computer systems. Lilith Wittman is the person if you want to look further into it.
That's the standard here for security topics.
And if you keep digging into prosecution of cyber criminality, or at least actions of the state to increase cyber security, or at least actions to increase competency in cyber topics, it just gets worse. For example, they are looking for cyber security experts to join the police and state departments, but because they'd be working in various kinds of police jobs... they have to go through the same fitness and endurance tests as all police officers. Casual things like 12 minute runs, obstacle courses under pressure. Things IT-Nerds are good at.
I might have been interested some time ago, but currently that's just a recipe for criminal charges and disappointment.
>Casual things like 12 minute runs, obstacle courses under pressure. Things IT-Nerds are good at.
I might be able to do that, but then again the pay isn't great either. You can't ask for the right candidate with some useless extra requirements, if you don't even pay enough to get the right candidate without these extras.
> The German security landscape in general is in a pretty bad shape
In some sense, they are doing pretty good. Much of German's companies and government organizations rely heavily on paper, telephone calls, tape recorders, physical meetings, and even fax. Many bridges (big, but also in rural areas) even have signs containing the max weight limits for various vehicle types including tanks. I sometimes wonder whether Germany's reliance on old-fashion methods are actually meant to be as reliable as possible in worst-case scenarios and to be difficult to hack. I mean, good luck hacking a tape recorder from thousands of miles away.
They can't cut two cables again? And Voda phone has now been made hack proof, I assume? Infrastructure is not secure, either digitally or physically. The only thing keeping them up is threats from the three letter agencies, like that hacking group that accidentally hit infrastructure and apologized for the international incident. https://www.theverge.com/2021/5/10/22428996/colonial-pipelin... there is literally nothing protecting any of these targets from state sponsored hacking or two guys with some bolt cutters and grenades. What's our success rate against Joe randoms with a rifle attacking domestic targets, much less actual trained operatives
That doesn't mean it wasn't a state actor, the act itself can be done by anyone but knowing which cables to cut for maximum effect does require knowledge.
Considering it was two cables I wonder if they were part of the same fibre ring. Usually with those if the cable gets cut the traffic can route the other way around the loop. This is why they use rings instead of simple links.
It's because fibre cables are easy to cut by mistake, a digging machine will cut through it without knowing. Unlike the old backbone cables of old that were thick as a sewer pipe and carried thousands of cable pairs and heavy armour.
The tinfoiler would think it's an inside (NATO) job. That these things are being done to maintain the fear, to increase the military budgets (i.e., money that could be spent on social programs), to increase the us v them unity, etc. Like 1984?
But perhaps The MIC qualifies as a state actor? As it's said...follow the money.
There are so many entities that benefit from such things it's difficult to say. Was it X? Was it Y making it look like X? Unless there's indisputable evidence then it's always hard to say. Easy to assume. But hard to say.
From your side of the fence, I'd imagine that's true.
On the other hand, as I understand it, the other side some years ago expressed concerns about encouragement on their borders*. In fact, I've heard it said there was an agreement that wouldn't happen...then it did. But that depth is lost? How convenient.
Once you accept (?) the lies about the WMDs then it becomes clear that there are actors that have no bounds. Believe what you must, but chance are good it's based on one side of the story (as it so often is).
* Very similar to UBL saying get out of our neighborhood, or else. But we don't want to talk about that as it dilutes the strength of the propaganda.
Meh. All I'm saying is that when real bullets are flying, you'll find you have a much (much) harder time selling people on conspiracy theories. Trying to convince people that it's really western illuminati at fault works poorly when it was the other side that rolled the tanks.
Exactly. So there's incentive for shenanigans because it's so easily dismissed.
History, especially recent history*, is clear...don't underestimate the nefarious, especially when their reputations aren't properly understood. Especially when they're so adept at controlling the narrative of their story.
> I'm explaining why regular people looking at real wars don't see things your way.
I'm explaining the same thing, the difference is my interpretation is based on actual historic events. That is, ultimately, what regular people believe isn't an accident.
I’m feeling that way, too, but I’m also aware of confirmation bias (or maybe it’s a different bias?), similar things might happen normally, but we don’t remember them because they are unrelated events in other years, yet now we make connections where none are.
> always sophisticated enough that it would require knowledgeable state actors.
Maybe I’m missing something, but that doesn’t seem to be the case here?
Regarding the pipelines, it seems odd to call them a NATO target when they’re largely owned by Russia. Likewise, Russia had more to gain from just holding the gas supply hostage by stopping it, but offering to return the supply were Europe to give in to demands after a cold winter or two.
Meanwhile, did you watch the video of Biden threatening to take them out from this past February?
Here in north-east Poland we're quite used to it. The most frequent are GPS spoofing and lte jamming.
Its not like they even try to hide their location or anything.
If I was to put my tinfoil hat on I would say those current attacks concentrate on Germany because due to long standing influence of Russians on German politics German's political class is a de-facto ally of Russia (against the will of its own population). Those attack's purpose is to scare ordinary Germans into letting their politicians continue pretend they help while they continue doing all in their power to help Putin's regime(or its equivalent under a different name).
I don't buy that theory. First of all: outside of the party "Die Linke" and the left wing of the SPD, there's little ideological friendship to Russia in German politics, it's either regular corruption (Gerhard Schröder) or industrial politics ("you give us cheap energy, we keep our eyes closed and don't mention the smell"). If anything, actions like these will make Germans more willing to spend extra money on defense, suffer during the shift to different energy providers, and support Ukraine.
As it's usually the case with these events, it's easy to find motives if you discount the possibility of being caught. The US might do it for the reasons I mentioned. The German govt might do it to make the population more willing to follow orders. Some anti-capitalist group might do it because ... idk, trains are evil (they've been sabotaging mostly local trains in/around Berlin in the past decade or so, but they typically claim their actions, so we'll see). The DB might be behind it to get more money to upgrade & secure their infrastructure.
I'm pretty sure it wasn't me, but everyone else has a motive.
>don't buy that theory. First of all: outside of the party "Die Linke" and the left wing of the SPD, there's little ideological friendship to Russia in German politics, it's either regular corruption (Gerhard Schröder) or industrial politics ("you give us cheap energy, we keep our eyes closed and don't mention the smell").
You don't buy what? Why does there have to be "ideological friendship" for two groups of criminals to cooperate and root for each other? It has been obvious to anyone looking at actual actions made rather than words and political theater.
Right wing AfD also seems to sympathize with Russia. Unclear how much because they like Putin's "traditionalist" policies and how much because they are Russian controlled shit stirrers.
Ah, yes, you're right. I didn't even consider them, because they're pretty much irrelevant, at least for now. I also believe it could be both + there's probably a bit of "the enemy of my enemy is my friend" as well (the "enemy" of them being the current center-left government), and a good splash of insanity. Add tribal behavior where you're moving with the group you're a part of and I guess this is what you get.
You both are right.
Don't forget that "Die Linke", "SPD" and other marxist invested parties serve the same role today as they did during the first cold war.
Their ideology works towards a class struggle by uncivil means, destabilising their democracy. The same goes for their economic policy, it would drive the country into the ground.
Or the "greens" using terror and fear campaigning against nuclear energy in the past; it got us where we are today.
Point being: There is no need for ideological friendship/alignment for actors to be on the Russian side. Many people are simply controlled without realising it.
> Many people are simply controlled without realising it.
I'm sure that's true in general, and you'll never know whether you did someone else's bidding without realizing it, unless they tell you (but would you believe them?) or you uncover some huge conspiracy (but then who says that's not fake to make you do something else?). I vaguely remember an interview that Adam Curtis made with some British economist for one of his movies concerning stagflation and the general direction of the economy and wages at that time, and he said something like "when I can't sleep, I sometimes wonder whether what we did was exactly what someone wanted and they knew what would happen".
As for Die Linke, (the far-left wing of the) SPD and the Greens, I don't believe they're malicious. I believe they mean well, even though I probably disagree with them on most of their core issues.
This was reported to be caused by severed cables in two different places. And I read some speculation/claims that this cut the primary and the backup systems simultaneously, which would explain why this lead to a complete outage in a system that should have quite some redundancy.
Of course we don't really have enough reliable information right now, but it looks a bit like this would require quite a bit of detailed internal knowledge to know which two cables you need to cut to shut this down entirely. Which would suggest more sophisticated actors might be responsible for this.
While the GSM-R system belongs to the rail system which is dubbed critical infrastructure much of it is either publicly documented and/or shared between a rather large number of operators. So far I didn't read anything that would indicate that this disruption required more than somewhat specialized domain knowledge and a bit of experience in the industry.
If they were cut simultaneously or close enough AND they weren’t routed together (I’ve seen cases where the main fiber and backup fiber were in the same trench for a distance, backhoe magnet) then it’s pretty good guess it’s intentional sabotage.
However if one line had been cut at some point earlier and they were ON the backup line when that got cut, it could be sabots or it could just be generic construction mistakes/idiocy.
I'm sitting on a train in northern Germany right now. We're invited to a wedding, we were supposed to take a train at 8:45, it is 14:45 now and we're not even halfway there. The whole thing is crazy chaotic because the delayed trains now compete for space on the same train tracks. Too many people are trying to enter the trains so that the trains wait in the individual train stations until the police comes and forces people out. I think this will continue to derail the whole system for the whole weekend.
In case anyone things this has anything to do with the current Russia situation, it most likely has not.
Stuff like that happens every few years on larger scale and sometimes multiple times a year on smaller scale (e.g. part of Berlin local trains not going because of it).
A lot of this sabotage comes from people trying to steal cables, but then also sometimes giving up in the process.
Then there a climate crazed people which in a twisted way blame the trains for partially causing the climate crisis because they are too expensive...
There are also two or three other radicalized movements which in twisted and less twisted ways use the DB as a representative for the "evil state/system" and then jump from there to sabotaging the train service, not limited to the DB (sounds stupid? it is, but happens anyway).
The only thing special in this case is how many lines had been affected, not that it happened.
I doubt the involvement of any well-known climate activist groups: They tend to claim responsibility for their actions, as the point is to generate publicity and political pressure.
Not really. It's not hard to pull off you just need around 4 people, maybe 2 would work, too.
Getting illegal short term access to the cables around there long runs isn't hard. Like at all.
Finding which cable need to be cut is a bit harder but not too hard either. (It's not a state secret or anything, there are quite a bunch of people which know stuff like that. Worse just by following news in recent years about what interruptions cable theft caused is probably enough to find out where you need to cut cables.) Sure it involves a bit of planing and research etc. But nothing which is beyond what a small handful of misguided but not very stupid people can archive. And in my experience people in the group I mentioned are not stupid at all, misguided sure, but not stupid.
also the reason I use "climate crazed" instead of idk. climate activists is because I do not mean climate activists. I also _do not_ mean climate activists which use more extreme measurements and are sometimes portrayed as crazy by the media.
But there are people which have gone beyond any form of logical reasoning in all kinds of movements. This including climate related movements but also pretty much any other bigger movement asking for a lot of change. And there had already been cases of people attacking German train infrastructure "because trains are to expensive and as such partially at fault of climate change". And just because this people are beyond reasoning wrt. their ideological believes doesn't mean they are stupid or incompetent.
Through it wasn't the bast choice of an example. Thinking about it it was a very terrible choice for an example.
EDIT: Also using crazed was a bad word choice, too.
I went from south to north and back a few days ago. Both times the train was almost an hour late. News should report when German trains are on time for a change.
What's peculiar is that the railway itself used the word "sabotage". Interruptions happen all the time and the description is usually just a specific thing that happened - damage to the grid, snow, suicide... In comparison, sabotage has very strong implications, as if they want people to assume something.
Nah, train delay "explanations" are typically quite vague. Consider the famous "Verzögerung wegen Verzögerung im Betriebsablauf" (delay due to delays in operations). Also, they never mention suicides, in the same way that suicides are not reported on by media in general. I believe it gets coded as "emergency medical services" (well, "Notarzteinsatz"), which can of course have non-suicide causes as well.
Coincidentally there are very big demonstrations scheduled for today in Berlin. Trains not running to Berlin is definitely reducing the amount of participants joining these events. Just saying.
The public transport outage is an opportunity for propaganda for the AfD and plays into their hands more than additional people coming to Berlin: they can exaggerate the numbers of their supporters and claim both victim-hood and relevancy. Many of their followers are in echo-chambers of group identity, inflated self-worth and conspiracy theories: stories of the government damaging civilian infrastructure in some black ops to harm their group plays right into their believes and gives them a feeling of being relevant. Their media channels are probably buzzing with such claims. just saying
Everyone is talking about AfD instead of the original point of this thread. Every time there are big demonstrations in Berlin, trains stop running, highways are closed. You are talking about AfD as if they are the culprit.
I wish you personally an AfD-free country. You will then first hand experience the totalitarian state structures, who needs an opposition anyway? Away with it!!
Why would they care about demonstrations? It is much easier to allow them and then ignore them than it would be if someone admitted to sabotaging a railway line to reduce numbers.
As if they were the only organizing events. There’s so many more „right“ events happening today organized by people who want nothing more than freedom and a common sense and truth loving government. Citing „AfD“ doesn’t do favor to all the other events today who don’t need vicinity to „AfD“. Today anyone who opposes the official perspectives is automatically „right“, isn’t he?
the berlin event was organized by the AfD, an ethno-nationalist party, under the motto "germany first". They are fishing in the social-liberal circles claiming to be in favor of freedom and truth, but they run a well oiled propaganda machine and would rule with an iron fist should they ever take power.
The key demand by the speakers on stage at the demonstration in Berlin is about stopping the sanctions against russia and buying cheap gas from the russian siloviki, who are the epitome of a totalitarian government.
Germans, stop buying gas from Russia, you Germans deserve politically correct gas! Buy correct American gas at ten times the price, shipped ecological friendly by Diesel ships from the US! Wait, that’s also not clean enough for you? Great, then wear 3 pullovers in your apartment, stop showering, stop sauna! No single German should support dirty gas! Turn off your heaters! And don’t go to these AfD-led demonstrations! Germans, do what’s best for you and the entire world. You Germans will save us all from the evil in this world. Yes, you can!
10 years ago I was commuting by train to work in Germany and there were fiber cables alongside the train tracks visible just hanging there. One could easily just cut them.
My guess would be that it's sabotage from the left wing since there's a right wing protest today in Berlin that is done mostly by non-Berliners. (There's also a lot of busses bringing in protesters.)
There was a similar (co-)incident a few years ago.
We’ve had cases of workers intentionally sabotaging a system to get a day off.
Not saying it’s that, but everyone jumping to “Putin activated his sleeper cell in Germany to … delay trains THREE hours” seems kind of silly. Unless a 3 hour delay in Germany is like a seven day shut down elsewhere.
It's not, especially on the weekend. The freight delays might be somewhat of an issue over the next few days but on the passenger side it's a mild inconvenience at best. It disrupted the rail network country-wide to some degree but the public rail infrastructure in Germany isn't really known for it's reliability anyway.
German rail not known for its reliability... really?! Perhaps not in Germany. But in most other countries, German rail is perceived to be very reliable. And compared to rail in most other countries, German rail is very reliable!
Compared to e.g. Japan and some other countries long distance trains in Germany are _very_ unreliable.
Compared to some other countries it is extremely reliable.
Local train service reliability differs quite a bit depending on region and sometimes in region which exact train you take.
And perception of reliability can differ from reality, e.g. Berlin people always complain about how unreliable their public transportation is, but due to high frequency of the transportation and a tight nitted 3-4 layer transportation net it is in effect really not that bad. Sure there are a few places where you e.g. reliable miss a follow up connection. But you can calculate that in and with delay times included it is still better then what you find in many other places in the word. So uh, perception is it's a catastrophe, but practice is it's far behind Tokio but not that bad at all in general (for most connections).
Amusingly a transit system has to be pretty decent to be bad - if it is actually horribly bad people don’t treat it at all reliable so they don’t really notice late trains, because getting a train at all is a miracle.
That's basically the case here in Australia (I live in Sydney, I believe the standard is about the same in other cities). My train line has been completely closed for the past week, for "routine trackwork" (and it's not even Christmas / summer holidays). Every weekend one or more lines are closed for trackwork. Throughout this year, trains have been delayed or cancelled, often with little notice, due to workers going on strike. And I've lived in Sydney for most of my life, and it's always been like this. Can't rely on public transport.
The non-YouTube authoritative copy of the recording includes the other audio track(s) and sub(s), typically (for at least most main track talks of 33c3/34c3/35c3/36c3) including the live English/German dub (whichever the speaker doesn't use) courtesy of a volunteer at the event.
Why do I feel like the 'sabotage' was small woodland creatures and coincidences?
We just had a major outage in prod at our ISP last month because squirrels and rats took out nearly 800 feet of fiber, requiring a full replacement of the section in lieu of splicing individual strands back together.
The point is - how can such a neuralgic facility not be secured? Deutsche Bahn is part of the critical infrastructure - and no one has carried out a vulnerability analysis? No one has thought about how this critical infrastructure can be attacked?
According to the newspaper WELT AM SONNTAG, a team of forensic experts is now at work. So it must be a place that can be entered, manipulated and left without being secured and without causing a stir?
Every $5 VPS server is obviously better secured than this facility.
And I still say: this is unparalleled infantility.
How exactly did your brain turn "cable that runs along the train track" into a "neuralgic facility"?
Your seem to think this a problem of uncontrolled physical access, when it is about redundancy and why cutting so few cables can create a service outage in large parts of north-western germany. Did you know that, by cutting just a few cables, overland lines that are easily accessible, large parts of the USA would have electricity blackouts? That we would need cameras and fences and motion detectors and security checkpoints along thousands of kilometers of cables to secure physical access? Even if we bury them instead of running them overland? As if digging is hard. The problem is not about access to some facility, it is about a lack of redundancy in what should be a network.
In February this year there was an attack against Vodafone Portugal that brought down their whole mobile networks, 4G, 5G, and fiber, taking them several days to bring everything back up [0]. It also very clearly was a state actor, no threats, no ransom, sophisticated.
Taking down pipelines, taking down comms, taking down transport infrastructure. All within a few months. Always on NATO targets, always localized, never claimed with any statements, always sophisticated enough that it would require knowledgeable state actors.
It all seems like a training ground to find out if they can do it and probably a message to NATO members to not assume they are safe.
[0] https://arstechnica.com/information-technology/2022/02/vodaf...