Pay the Russians $5,000,000 in BitCoin for their ransomware attack (Poll)

[Jim H - VA USA]

I hate the thought of paying the 5M, but if I were the CEO calling the shots, I'd say pay it. 5 million is pocket change for Colonial Pipeline. I'm sure that the cost per day of having the pipeline shut off and of working around the ransomware quickly dwarfed 5 million.

Got to hate it when the bad guys win, but sometimes its best to pick your battles and cut your losses. This battle is loss, it was time to tap out and get back to business.

Having said that, a battle was loss, but the war is not over. Joe Biden needs to sick the CIA on Darkside as if they were Osama Bin Laden. They need to know that there is a target on their backs and the 5 million isn't worth it.

It's a practical approach for someone with deep pockets, but it encourages more illegal activity.

Kind of like the small business owners that would pay a mafia shakedown for "fire insurance" premiums.

The right approach is of course, to secure critical infrastructure from such attacks. While this is not foolproof, any large business should also have disaster plans in place, with full anf frequent backups of critical computer systems.

I read that although Colonial paid the ransom, the key they received did not work. So they probably did what they were supposed to do anyway, and restore their computers from backup.

If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.

>If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.

Yeah, I was surprised to read it. Poetic justice, if accurate. Here's one link...

Colonial Pipeline Reportedly Paid Hackers $5 Million for Decryption Key That Wasn't Very Useful

About a week ago, Colonial Pipeline paid the ransomware group DarkSide approximately $5 million in exchange for a data decryption key that didn’t really decrypt that much data.

gizmodo.com

So the key was not very useful. I'm not sure what that means. Was it somewhat useful?

>So the key was not very useful. I'm not sure what that means. Was it somewhat useful?

I had not seen the gizmodo link before. It says decryption was too slow, so the key technically worked, but was practically not very helpful.

 

[marvin martian]

FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.

Colonial Pipeline did pay ransom to hackers, sources now say

Colonial Pipeline paid the ransomware group that carried out a crippling cyberattack, two sources familiar with the matter told CNN on Thursday.

www.cnn.com

Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

It's only going to be 4.5M for the hackers after Red Joe (aka "the big guy") gets his usual 10%.

 

[NightFox]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

 

[kyzr]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently way too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

 

[Richard-H]

FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.

Colonial Pipeline did pay ransom to hackers, sources now say

Colonial Pipeline paid the ransomware group that carried out a crippling cyberattack, two sources familiar with the matter told CNN on Thursday.

www.cnn.com

Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

How quickly you blame Biden for the Putin's attack on American energy.

Donald Trump gutted the Cyber Security force to pay for his Wall. Trump also failed to do anything about the massive Russian hacking of government computers last year. Donald Trump spent 4 years giving the Russians unlimited access to hacking American computers, and then denied it was even happening.

Now that Trump's failures to protect the USA from Russian hackers has surfaced since he was voted out of office, the Putin propaganda machine and the Republicans are working hand in hand to use this to discredit Joe Biden.

Trump and Putin, working together, to destroy the USA, again.

1. Who was president when the Russians hit Colonial with ransomware, and PAID the $5m? ANS: JOE BIDEN
2. Stop lying about Trump, you TDS moron. The USSC said the wall funding was legal.

MSN

3. The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.

SolarWinds - Wikipedia

en.wikipedia.org

The "solar winds" hack showed the US how the Russian government could hack the US and the US didn't even know it. The Russian computer experts were just smarter than the US computer experts. That make me very concerned.
4. LOL!! Xiden is the president not Trump. Xiden is working with Putin, not Trump. Damn you're stupid.

Americans still lead the world in technical expertise - but when profit is their only motive, security loses out.

I just read the wiki version of the solar winds hack. My God, WTF are they doing in DC? You can't read that and come away with any thoughts other than the Russians are the NFL, and DC are the JV team (as BO used to say).

Its not my field, but it seems that the CEOs are focusing on "firewalls", which reminds me of the Maginot Line.
1. My thoughts are to make a hack-proof OS, UNIX, LINUX, APPLE's, or a new one.
2. If an OS can't be made hack-proof the use "hard wired - unhackable" thumb-drive "keys" with passwords and strict limits on administer privileges.
3. If the US can't stop Russian hackers....not good.

Solarwinds, and just about all the companies involved are private companies. The federal government has not say in how they run their security.

For the most part private companies don't want to spend the money to make their systems secure proactively. They'd rather save money, then when it hits the fan they'll react....too late!

You really need to read the links I post before replying.
Solar Winds was a computer security company from Houston, like McAfee, who the Feds hired to protect the Federal computers from hacks, epic fail.
Read the wiki summary of solar winds.

What do you say when private companies and government entities spend the money and hire computer security "experts" and they still get hacked by smarter Russians?

Solarwinds is monitoring and alerting software. Not anti-malware or security software.

I don't need to read about it on wikipedia, I've been using Solarwinds Orion for almost 15 years.

The Russian hack of Solarwinds was done by embedding malware in the Solarwind's agent which gets installed on all PCs (usually servers) that are being monitored by the Solarwinds server.

It was the responsibility of Solarwinds, a private company, to insure that their agents were free of malware before distributing it to their customers.

Installing updated agents is a routine task that Solarwinds tells it's customers to do regularly. Fortunately, I lazy and didn't upgrade the agents in my company for a very long time, so I saved my company from the hack.

Stick to topics that you know...but then you wouldn't be posting much would you!

I'm a retired bridge engineer. None of my bridges fell down, so I did my job well.
The simple fact that Russians hack US systems frequently (Solarwinds AND Colonial most recently) shows that US computer security "experts" are inept.

This is a political forum, inept people can post here just like competent ones!

None of your bridges have fallen down...YET.

I used to work as an electrical engineer. I miss the days when all I needed to know was the laws of physics to do my job.

The computer industry is ever-changing technology, not like engineering at all (at least once you get above the silicon junction level). The closest things we have to any laws are industry standards - and they change too. Everything you know today becomes obsolete tomorrow - it's a bitch to keep up with - and no one makes their code available to their customers - so it's all a guessing game.

I miss my oscilloscope!!!!!

 

[Richard-H]

Tr

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Try disconnecting.

 

[TNHarley]

FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.

Colonial Pipeline did pay ransom to hackers, sources now say

Colonial Pipeline paid the ransomware group that carried out a crippling cyberattack, two sources familiar with the matter told CNN on Thursday.

www.cnn.com

Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

It payed, this time. If I were a criminal, had a scam that worked and was located somewhere, where I couldn't be touched, I'd run the same scam again. There's not much downside for the Russian scammers. Looks like they figured Colonial Pipeline company about right. $5,000,000 Dollars is a nice sale in anybody's book and the profit margin on the transaction was through the roof. Hey, $5 Million on a transaction here, $5 Million on a transaction there, sooner or later it adds up to real money.

5 million is real money lol

 

[Richard-H]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

There are systems where the OS is embedded in NVRAM - but they're good for one thing and that one thing only.

The more versatile and functional systems are, the more vulnerable they are to attacks. Since everyone wants their computers to do anything they can imagine, their systems will always be vulnerable.

What they need to do is to disconnect critical industrial control systems from any networks. Many of those systems used to be run by dedicated appliances or with the OS embedded in NVRAM.

You can always backup & restore data from people's office systems, but if a control system's OS get hacked you're screwed.

 

[Jim H - VA USA]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

Sadly, the hack reportedly exploited a known hole in an outdated version of MS Exchange software...

Colonial Pipeline using vulnerable, outdated version of Microsoft Exchange: report

Colonial Pipeline may have been using an outdated version of Microsoft Exchange when it was targeted by a ransomware attack late last week.

www.foxbusiness.com

 

[kyzr]

FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.

Colonial Pipeline did pay ransom to hackers, sources now say

Colonial Pipeline paid the ransomware group that carried out a crippling cyberattack, two sources familiar with the matter told CNN on Thursday.

www.cnn.com

Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

How quickly you blame Biden for the Putin's attack on American energy.

Donald Trump gutted the Cyber Security force to pay for his Wall. Trump also failed to do anything about the massive Russian hacking of government computers last year. Donald Trump spent 4 years giving the Russians unlimited access to hacking American computers, and then denied it was even happening.

Now that Trump's failures to protect the USA from Russian hackers has surfaced since he was voted out of office, the Putin propaganda machine and the Republicans are working hand in hand to use this to discredit Joe Biden.

Trump and Putin, working together, to destroy the USA, again.

1. Who was president when the Russians hit Colonial with ransomware, and PAID the $5m? ANS: JOE BIDEN
2. Stop lying about Trump, you TDS moron. The USSC said the wall funding was legal.

MSN

3. The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.

SolarWinds - Wikipedia

en.wikipedia.org

The "solar winds" hack showed the US how the Russian government could hack the US and the US didn't even know it. The Russian computer experts were just smarter than the US computer experts. That make me very concerned.
4. LOL!! Xiden is the president not Trump. Xiden is working with Putin, not Trump. Damn you're stupid.

Americans still lead the world in technical expertise - but when profit is their only motive, security loses out.

I just read the wiki version of the solar winds hack. My God, WTF are they doing in DC? You can't read that and come away with any thoughts other than the Russians are the NFL, and DC are the JV team (as BO used to say).

Its not my field, but it seems that the CEOs are focusing on "firewalls", which reminds me of the Maginot Line.
1. My thoughts are to make a hack-proof OS, UNIX, LINUX, APPLE's, or a new one.
2. If an OS can't be made hack-proof the use "hard wired - unhackable" thumb-drive "keys" with passwords and strict limits on administer privileges.
3. If the US can't stop Russian hackers....not good.

Solarwinds, and just about all the companies involved are private companies. The federal government has not say in how they run their security.

For the most part private companies don't want to spend the money to make their systems secure proactively. They'd rather save money, then when it hits the fan they'll react....too late!

You really need to read the links I post before replying.
Solar Winds was a computer security company from Houston, like McAfee, who the Feds hired to protect the Federal computers from hacks, epic fail.
Read the wiki summary of solar winds.

What do you say when private companies and government entities spend the money and hire computer security "experts" and they still get hacked by smarter Russians?

Solarwinds is monitoring and alerting software. Not anti-malware or security software.

I don't need to read about it on wikipedia, I've been using Solarwinds Orion for almost 15 years.

The Russian hack of Solarwinds was done by embedding malware in the Solarwind's agent which gets installed on all PCs (usually servers) that are being monitored by the Solarwinds server.

It was the responsibility of Solarwinds, a private company, to insure that their agents were free of malware before distributing it to their customers.

Installing updated agents is a routine task that Solarwinds tells it's customers to do regularly. Fortunately, I lazy and didn't upgrade the agents in my company for a very long time, so I saved my company from the hack.

Stick to topics that you know...but then you wouldn't be posting much would you!

I'm a retired bridge engineer. None of my bridges fell down, so I did my job well.
The simple fact that Russians hack US systems frequently (Solarwinds AND Colonial most recently) shows that US computer security "experts" are inept.

This is a political forum, inept people can post here just like competent ones!

None of your bridges have fallen down...YET.

I used to work as an electrical engineer. I miss the days when all I needed to know was the laws of physics to do my job.

The computer industry is ever-changing technology, not like engineering at all (at least once you get above the silicon junction level). The closest things we have to any laws are industry standards - and they change too. Everything you know today becomes obsolete tomorrow - it's a bitch to keep up with - and no one makes their code available to their customers - so it's all a guessing game.

I miss my oscilloscope!!!!!

LOL!! Engineering is addictive! There is nothing like solving a tough technical problem, which is why I can't help throwing ideas out about the hacking problem.
I hope the STEM initiatives help get more young kids on a technical track.

We never had a guy like Elon Musk. He is absolutely amazing. All we had was "Moore's Law".

Anyway, don't mean to throw rocks, but someone has to come up with a "brilliancy", calling Elon Musk!!!!

 

[kyzr]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

There are systems where the OS is embedded in NVRAM - but they're good for one thing and that one thing only.

The more versatile and functional systems are, the more vulnerable they are to attacks. Since everyone wants their computers to do anything they can imagine, their systems will always be vulnerable.

What they need to do is to disconnect critical industrial control systems from any networks. Many of those systems used to be run by dedicated appliances or with the OS embedded in NVRAM.

You can always backup & restore data from people's office systems, but if a control system's OS get hacked you're screwed.

Exactly. I worked at a big pharm plant for a few years and they had these fancy DCS systems running everything. I don't think it was connected to any network. So I'm surprised that Colonial didn't have an isolated DCS.
For data systems, like government systems, we need a stronger barrier to hackers.

 

[Richard-H]

Crypto currencies were created primarily so black markets transactions are hidden from governments.

This hack could only have profited the hackers because of crypto currency.

 

[kyzr]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

Sadly, the hack reportedly exploited a known hole in an outdated version of MS Exchange software...

Colonial Pipeline using vulnerable, outdated version of Microsoft Exchange: report

Colonial Pipeline may have been using an outdated version of Microsoft Exchange when it was targeted by a ransomware attack late last week.

www.foxbusiness.com

Thanks for that post! Microsoft Exchange!! Any product that begins with "Microsoft" is probably hackable.

 

[Richard-H]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

Sadly, the hack reportedly exploited a known hole in an outdated version of MS Exchange software...

Colonial Pipeline using vulnerable, outdated version of Microsoft Exchange: report

Colonial Pipeline may have been using an outdated version of Microsoft Exchange when it was targeted by a ransomware attack late last week.

www.foxbusiness.com

My company's OnPremise Exchange server got hit by a malware attack about a month ago. It didn't affect anything other than shutting down that server.

I doubt that this was done thru any Exchange server vulnerability...sounds like a whole lot of people are scramblin' to cover their asses!!!!

 

[White 6]

FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.

Colonial Pipeline did pay ransom to hackers, sources now say

Colonial Pipeline paid the ransomware group that carried out a crippling cyberattack, two sources familiar with the matter told CNN on Thursday.

www.cnn.com

Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

It payed, this time. If I were a criminal, had a scam that worked and was located somewhere, where I couldn't be touched, I'd run the same scam again. There's not much downside for the Russian scammers. Looks like they figured Colonial Pipeline company about right. $5,000,000 Dollars is a nice sale in anybody's book and the profit margin on the transaction was through the roof. Hey, $5 Million on a transaction here, $5 Million on a transaction there, sooner or later it adds up to real money.

5 million is real money lol

To me and you, yes, but not to somebody like Colonial Pipeline. Like I said, they will make it back by the end of the week. Pretty sure we will see more of this, since they laid down and rolled over like a cur dog to avoid getting it's nose slapped.

 

[Lesh]

crypto currency is going to change the way business is done- hopefully it'll put the federal reserve out of business- I won't hold my breath though- them jews (and their victimization role playing) is a hard nut to crack- especially when alleged christians in an alleged christian nation kiss their "chosen" asses at every opportunity-

You idiot. We get all sorts of perks by having the currency that is most used for trade.
You WANT to give that up?

 

[Lesh]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

Sadly, the hack reportedly exploited a known hole in an outdated version of MS Exchange software...

Colonial Pipeline using vulnerable, outdated version of Microsoft Exchange: report

Colonial Pipeline may have been using an outdated version of Microsoft Exchange when it was targeted by a ransomware attack late last week.

www.foxbusiness.com

My company's OnPremise Exchange server got hit by a malware attack about a month ago. It didn't affect anything other than shutting down that server.

I doubt that this was done thru any Exchange server vulnerability...sounds like a whole lot of people are scramblin' to cover their asses!!!!

Hospitals and schools have been getting hit like this for years

This however was state sanctioned most likely and there needs to be a price paid

 

[TNHarley]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

That's a complete mischaracterization of the situation which is far more complex than one might believe looking on the surface.

Just to begin with, we're (the good guys) are in a situation where we have to defend against constantly evolving threats coming at us 24x7x365 from all over the globe where the bad guys only need to get lucky once to breach and they can attack many targets at once for little to no cost, while the good guys have to spend tremendous amounts of time, effort and capital to defend.

Leading US Companies specializing in cybersecurity solutions are (for the most part) solid companies (as are many foreign companies in the space), it's just that they're in a space where the battlefield is never the same from day to day and the enemies are coming from all sides and getting more sophisticated every day.

Totally agree with every word in your post. "Firewalls" are apparently wat too porous.

That said, the "battlefield" is NOT in our favor, so we need to pull a stratagem out of our hat.
My recommendation would be a new "bulletproof" OS.
Failing that, a good OS with a "bullet-proof" keyed administrator tool, not just a PW, but a physical thumb-drive key that can't be duplicated so no one but the admin can do hackable things.
Just like driving a car, we need some new physical device to keep remote hackers out.

Sadly, the hack reportedly exploited a known hole in an outdated version of MS Exchange software...

Colonial Pipeline using vulnerable, outdated version of Microsoft Exchange: report

Colonial Pipeline may have been using an outdated version of Microsoft Exchange when it was targeted by a ransomware attack late last week.

www.foxbusiness.com

My company's OnPremise Exchange server got hit by a malware attack about a month ago. It didn't affect anything other than shutting down that server.

I doubt that this was done thru any Exchange server vulnerability...sounds like a whole lot of people are scramblin' to cover their asses!!!!

Hospitals and schools have been getting hit like this for years

This however was state sanctioned most likely and there needs to be a price paid

Good lord, you dems are such warmongers. Blows my fucking mind.

 

[hadit]

I

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Remote monitoring. Connected to the internet, any executive anywhere can get up to the second status reports, etc. The bottom line is this, though. We don't really have a good way to actually fight off a ransomware attack short of making sure to have good backups of unencrypted data and proven restore procedures.

You mean 'Disaster Recovery' plans?

Everyone has them on paper, but nobody wants to foot the bill for a realistic disaster recovery capability.

I've been in dozens of disaster recovery tests...they're a joke.

Yup. I've done them too, and quickly realized they were not full, complete tests. IOW, they might kick over to the DR site and run some tests, but they didn't literally run the process through from start to finish and make sure the entire environment worked properly. No one could tell an executive how long it would actually take to be at full functionality after a disaster.

Talking about DR testing, when I worked for Circuit City, we were putting in automated dialers for their ESP call center. During production testing with live calls, suddenly a rep from the company that made the dialers rushed into the room proclaiming loudly, "I didn't do it, I didn't do it". Behind him ambled a Circuit City tech with a smile on his face. He had unilaterally decided to test the recoverability of the dialers (OS/2 servers, BTW) by unplugging one from power while it was running.

All the DR tests I've been part of have been disasters in and of themselves. The facility's equipment is always in decrepit condition - I've spent most of the DR tests troubleshooting the equipment - then arguing with the techs to get it replaced.

My company always only wants to pay for what would be the minimum required to get the company operational - but you can bet that in a real DR they'd be screaming for all the other systems.

I've always wanted my company to set up the VMWare DR system - it looks great and would provide nearly instantaneous recovery....but alas! It's too expensive.

It's expensive to set up a true DR, but is it more expensive than a lengthy outage? That's the question that a lot of business people never seriously consider. With cloud offerings today, duplicate systems are much more easily created and maintained.

 

[hadit]

How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.

To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Distributed control system - Wikipedia

en.wikipedia.org

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....

That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.

FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen

Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.

Sounds like an already hot career just got hotter. It would be a good idea to jump into cyber security if you want a solid career.