About that "Russia hacked our power grid" thing

So a brand new ScaryRussia! came out today.
This time they hacked our power grid.

Russian hackers are conducting a broad assault on the U.S. electric grid, water processing plants, air transportation facilities and other targets in rolling attacks on some of the country’s most sensitive infrastructure, U.S. government officials said Thursday.
The announcement was the first official confirmation that Russian hackers have taken aim at facilities on which hundreds of millions of Americans depend for basic services. Bloomberg News reported in July that Russian hackers had breached more than a dozen power plants in seven states, an aggressive campaign that has since expanded to dozens of states, according to a person familiar with the investigation.
"Since at least March 2016, Russian government cyber actors" have targeted "government entities and multiple U.S. critical infrastructure sectors," including those of energy, nuclear, water and aviation, according to an alert issued Thursday by the Department of Homeland Security and Federal Bureau of Investigation.
Critical manufacturing sectors and commercial facilities also have been targeted by the ongoing "multi-stage intrusion campaign by Russian government cyber actors."

That is certainly scary sounding, and unlike last time, this one comes from respected sources.
However, much like the FBI report about the DNC hack, there is a lot less than meets the eye.

You see, I actually did something that they don't expect people to do - I looked at the report.

The first thing you'll notice from this report is the complete lack of any evidence that the Russian government, or even someone in Russia, had anything to do with this.
That doesn't mean that the evidence doesn't exist, but it does mean that we are supposed to trust them about this "sophisticated attack group".

And we all know that only a Putin Puppet wouldn't trust the FBI.

DHS analysis identified the threat actors accessing publicly available information hosted by organization-monitored networks during the reconnaissance phase. Based on forensic analysis, DHS assesses the threat actors sought information on network and organizational design and control system capabilities within organizations

Well that certainly sounds sophisticated.
What exactly is involved in this "Stage 1: Reconnaissance".

As an example, the threat actors downloaded a small photo from a publicly accessible human resources page. The image, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background

Oh, yes. Very sophisticated reconnaissance!
Who would have thought about looking at a public web site?

"Stage 2: Weaponization" is next. Sounds scary doesn't it?

Throughout the spear-phishing campaign, the threat actors used email attachments to leverage legitimate Microsoft Office functions for retrieving a document from a remote server using the Server Message Block (SMB) protocol.

Seriously! Spear-phishing again?
And not even recent spear-phishing! Hackers stopped using loaded word documents a decade ago because commercial anti-virus software usually picked it up.
And what moron falls for that anymore?

"Stage 3: Delivery" this overly dramatic theme is getting tiresome.

Email messages included references to common industrial control equipment and protocols. The emails used malicious Microsoft Word attachments that appeared to be legitimate résumés or curricula vitae (CVs) for industrial control systems personnel, and invitations and policy documents to entice the user to open the attachment.

The obvious problem here is a lack of anti-virus software on email servers, and an idiotic staff.

"Stage 4: Exploitation" I'm starting to see a pattern.

Emails contained successive redirects to http://bit[.]ly/2m0x8IH link, which redirected to http://tinyurl[.]com/h3sdqck link, which redirected to the ultimate destination of http://imageliners[.]com/nitel. The imageliner[.]com website contained input fields for an email address and password mimicking a login page for a website

All this report is, is a "How to spear-phish" guide.

Interestingly, the report even tells you what files and registry keys to modify, and even the commands to use.
It's "how to hack for beginners".
Was this a wise thing to post on the internet?

This script contained hard-coded values for the group name “administrator” in Spanish, Italian, German, French, and English.

You know what's missing from this list? Russian.

the threat actors dropped and executed open source and free tools such as Hydra, SecretsDump, and CrackMapExec. The naming convention and download locations suggest that these files were downloaded directly from publically available locations such as GitHub.

You know what that sounds like? Ordinary criminal hackers.
Literally everything about this hack is ordinary.

The only IP addresses listed in this report are:

91.183.104.150, and that's in Belgium.
62.8.193.206, which is in Germany.
5.153.58.45, in Netherlands.

Now I'm not saying that there wasn't a hack.
There most likely was.
What I am saying is a) there is absolutely no evidence given that this originated from Russia, and b) this is such an ordinary hack that teenagers could do it.

Share
up
0 users have voted.

Comments

I have a friend who does tech support for water utilities.
Those companies generally don't use Microsoft Windows as control equipment.
They use Unix and VMS, and they often aren't hooked up to the internet anyway.

So this hack was no danger.

up
0 users have voted.
CB's picture

proves that this was a Russian operation. They are doing this in an attempt to confuse the American untelligence community.

up
0 users have voted.

@CB

We obviously are going to have to tighten up our security.

up
0 users have voted.

@CB

up
0 users have voted.

chuck utzman

TULSI 2020

Alphalop's picture

@chuckutzman

Indeed.

I opened up my news feed this morning and every third story was a Russia! Article, all designed to inspire fear.

They really are trying their damndest to ramp up another cold war. (At least I hope their goal is a cold one)

I guess they realized Americans have largely become weary of all our hot ones but just don't want to let go of that juicy revenue that a fearful population will provide...

I suspect we are well and truly fucked if we don't get legalized corporate bribery out of our politics soon.

up
0 users have voted.

"I used to vote Republican & Democrat, I also used to shit my pants. Eventually I got smart enough to stop doing both things." -Me

Amanda Matthews's picture

@CB @CB @CB

That’s all you need to define the word oxymoron.

Accent on the ‘moron’

EDIT: typo
EDIT EDIT: untelligence/intelligence (I was probably closer to the truth with the typo.

up
0 users have voted.

I'm tired of this back-slapping "Isn't humanity neat?" bullshit. We're a virus with shoes, okay? That's all we are. - Bill Hicks

Politics is the entertainment branch of industry. - Frank Zappa

Meteor Man's picture

b) this is such an ordinary hack that teenagers could do it.

Trump's New and Improved CIA Director can hire some teenagers to run America's Elite Cyber Security Counterforce Task Force. Or if the CIA's budget was too tight she could cyber-torture the Non Russian Administrators.

up
0 users have voted.

"They'll say we're disturbing the peace, but there is no peace. What really bothers them is that we are disturbing the war." Howard Zinn

@Meteor Man Is an
expanded definition of "Russian"
So now Bernie bros are "Russians"

up
0 users have voted.
dervish's picture

@gjohnsit with Russia, is in fact Russian.

The world is now split into Russians and neocons.

up
0 users have voted.

"Obama promised transparency, but Assange is the one who brought it."

Amanda Matthews's picture

@Meteor Man

access to secret info taken away. And that Palestinian/Israeli thing peace thing hasn’t gone according to plan.

up
0 users have voted.

I'm tired of this back-slapping "Isn't humanity neat?" bullshit. We're a virus with shoes, okay? That's all we are. - Bill Hicks

Politics is the entertainment branch of industry. - Frank Zappa

edg's picture

@Amanda Matthews

Jared was probably making some progress. That's why Israel got his security clearance yanked. Can't have the Palestinians treated like human beings, now can we?

up
0 users have voted.

even if there are hundreds of thousands of Americans who can read this as you do and see that it is absurd and that it doesn't involve "the" Russians or any Russians, can it be shown to be enough for our ignorant homeland security personnel to launch a nuclear attack because it's a cyberattack? And as they describe it, cobbled together to involve crucial infrastructure, can they make the case that they made the mistake of seeing it as a major attack on our ability to survive and therefore worthy of a nuclear attack on Russia, even if the IP address was wrong?

Well intentioned but less informed than the teenagers you refer to, can they still claim they understood it to be a major cyberattack and launch? That's the question this raises for me. They don't have to be accurate, they don't have to be geniuses, they don't even have to be well-informed or even knowledgeable about what they are doing. They just have to be fired up and ready to kill.

up
0 users have voted.
CB's picture

@Linda Wood
believes a majority of Americans are as dumb as a sack of hammers and if they throw out enough nails, the stupid fucks will be willing to start hammering at them.

What really concerns me is that I think they are correct in their assessment.

up
0 users have voted.
CB's picture

up
0 users have voted.

@CB
he is a Russian bear. So I saw him as such. But then I looked him up, and it turns out he is a California black bear and from Yosemite California. No tourist. No tourist from Russia. Just a native Californian. So there.

up
0 users have voted.
CB's picture

@Linda Wood

Russian bears were originally brought from Russia in 1812 by Ivan Aleksandrovich Kuskov. When he settled in California he interbred the smart Russian bear with the common American black bear to produce a superior breed that is highly intelligent and capable of learning to hack the US power system.

up
0 users have voted.

@CB

Quick, check out your children's subversive and deceptively named Teddy bear! (Was an earlier American President really in on this fiendish plot?)

up
0 users have voted.

Psychopathy is not a political position, whether labeled 'conservatism', 'centrism' or 'left'.

A tin labeled 'coffee' may be a can of worms or pathology identified by a lack of empathy/willingness to harm others to achieve personal desires.

@Linda Wood You present a fact, and then an counter full of stuff that can neither be proved or is just gnash gallop--overwhelm with bullshit. Oh course CB is joshing but it would be something I would fully expect from the die hards.

I once asked on TOP how did the Russians know to target the Rust Belt. Answer: Putin has the best super computers in the world. Nothing more. I asked why would Putin kill a spy they leg go over eight years ago? Answer: maybe to see the tactics of the hazmat team. Just say any bullshit.

up
0 users have voted.

@CB

up
0 users have voted.
snoopydawg's picture

I mean if it's this serious, shouldn't the director of homeland security be giving a press conference on this?

Sheesh, how much longer until it's Putin has WMDs!?

Hey, maybe if they do say that then people would wake the Hell up!

up
0 users have voted.

Which AIPAC/MIC/pharma/bank bought politician are you going to vote for? Don’t be surprised when nothing changes.

SnappleBC's picture

@snoopydawg

The thing that all the #Russiagaters seem to have lost track of is that Russia Actually Has Weapons of Mass Destruction -- Lots and Lots of them.

up
0 users have voted.

A lot of wanderers in the U.S. political desert recognize that all the duopoly has to offer is a choice of mirages. Come, let us trudge towards empty expanse of sand #1, littered with the bleached bones of Deaniacs and Hope and Changers.
-- lotlizard

Yah, funny. You read the original. It is surprising how many people yelling conspiracy have never read the original quoted material. I think the logic sorta follows this

Hacking is nefarious.
Russians are nefarious.
Therefore, the Russians are hackers.

Russian owns anything nefarious. So something nefarious happened at some power plant, therefore it was the Russians.

up
0 users have voted.
CB's picture

@MrWebster

Consortiumnews has an informative article by Natylie Baldwin.

Acceptable Bigotry and Scapegoating of Russia
March 15, 2018

Over the last year and a half, Americans have been bombarded with the Gish Gallop claims of Russiagate. In that time, the most reckless comments have been made against the Russians in service of using that country as a scapegoat for problems in the United States that were coming to a head, which were the real reasons for Donald Trump’s upset victory in 2016. It has even gotten to the point where irrational hatred against Russia is becoming normalized, with the usual organizations that like to warn of the pernicious consequences of bigotry silent.

The first time I realized how low things would likely get was when Ruth Marcus, deputy editor of the Washington Post, sent out the following tweet in March of 2017, squealing with delight at the thought of a new Cold War with the world’s other nuclear superpower: “So excited to be watching The Americans, throwback to a simpler time when everyone considered Russia the enemy. Even the president.”

Not only did Marcus’s comment imply that it was great for the U.S. to have an enemy, but it specifically implied that there was something particularly great about that enemy being Russia.
...
A common theme in all this is that Russia is a bad country and Russians can’t help but be a bunch of good-for-nothings at best and dangerous deviants at worst. Indeed, according to media depictions, sometimes they manage to be both at the same time. But what they don’t manage to be is positive, constructive or even complicated. Sipher knows that the average American has been deluged with this anti-Russian prejudice, as reflected in his challenge at the end of his initial tweet about the largest country, geographically at least, in the world: Name something positive.

Countering the Negative

Most people know, at least in the abstract, that few individuals or groups are purely good or bad. Most are a complex combination of both. But many – including those who normally consider themselves to be open-minded liberals – have allowed their lizard brains to be triggered by the constant demonization of Russia in the hopes of taking down Trump whom they deem to be a disproportionate threat to everything they hold dear. So as a counterweight to all the negative constantly pumped out about Russia and to take Sipher up on his challenge, I will list some positive things about Russia and the contribution of the country and its people to the world.
...
The 2016 election showed that the Democrats faced a sleeping giant that had been awakened – one that the Democratic Party had helped to create for decades by enabling lower living standards, outsourcing of good-paying jobs, the proliferation of low-wage jobs, unaffordable education, lack of health care coverage, public health problems, and decrepit infrastructure.

Consequently, there was a demand for meaningful policies that would help average Americans, policies that polls show they want. But mainstream Democrats will not deliver on such policies, like $15/hour minimum wage, Medicare for All, and pulling out of our wars and investing the money saved in jobs and infrastructure. They won’t deliver on these things for the same reason that Republicans won’t deliver on them: because their donors don’t want them to. But they are not going to admit that to the American people who were going to keep demanding, so they needed a scapegoat and a diversion.

It’s a cheap trick that the political elite is using to appeal to the basest instincts of their fellow Americans while shoring up support for their most reckless tendencies in the area of foreign policy.

up
0 users have voted.
snoopydawg's picture

@MrWebster

I thought I saw a comment from you on a Russia Russia diary.

up
0 users have voted.

Which AIPAC/MIC/pharma/bank bought politician are you going to vote for? Don’t be surprised when nothing changes.

@snoopydawg I am being threatened now with flagging and banning. I proposed an alternate theory that the gas attack was a false flag probably by Ukrainians. I noted that the nerve agent was made in Uzbekistan and that Americans were helping the Uzbeks in cleaning out their nerve gas storage. And that during Soviet times, chemical weapons of all sorts were stored in various republics and in Warsaw Pact countries. Lots of non-Russians could have gotten their hands on the stuff. It was "CT" which is not allowed. My long winded build up was to a point of irony of a site that traffics in the most ridiculous CT about the Russians goes ape when an alternative is proposed.

I should just stop going to the site other than a quick look at the diaries to get a sense what the democratic establishment is pushing. I have noted that the "front pagers" are basically Russia or "Isn't Trump Bad".

up
0 users have voted.
CB's picture

at DKos if you stray too far from the party line.

It used to be a good site for lively discussion before Moosetits took up sheep farming. Last time I visited it looked just like this:

[video:https://www.youtube.com/watch?v=QcE5aDTszrY]

@MrWebster

up
0 users have voted.

@CB I was there on and off before the 2016 primaries, but man, during that period and after, it really became daily_pravda. Bernie dems and progressives have been effectively driven off the site or just turned into lurkers.

up
0 users have voted.
Anja Geitz's picture

@CB

In the video are kind of endearing. At TOP, not so much.

P.S. I love that video!

up
0 users have voted.

There is always Music amongst the trees in the Garden, but our hearts must be very quiet to hear it. ~ Minnie Aumonier

snoopydawg's picture

@MrWebster

a few others who post here have been trying to put some sanity in the diaries, but they are getting nowhere with it.

I noted that the nerve agent was made in Uzbekistan and that Americans were helping the Uzbeks in cleaning out their nerve gas storage

Not only this, but the chemical weapons organization submitted a report that Russia had given up all of its chemical weapons and the US signed off on the report. So it Russia gave up its chemical weapons decades ago and there has been no clear cut evidence of both the poison that was used and that Putin himself did the deed, then how can any person with a thinking brain buy this snark?

BTW, another ex Russian who had laundered over a hundred million dollars and was an expat in UK was murdered over the weekend. ToP is saying that Putin is getting to big for his britches and someone needs to take him down and, and, and ......

No proof of anything is needed over there for them to blame Putin for what happens. It's like night of the living zombies over there anymore and it is really disgusting that an evidenced based website doesn't require it anymore.

up
0 users have voted.

Which AIPAC/MIC/pharma/bank bought politician are you going to vote for? Don’t be surprised when nothing changes.

Anja Geitz's picture

@snoopydawg

For fellow c99 posters, but what a precious waste of time.

a few others who post here have been trying to put some sanity in the diaries, but they are getting nowhere with it.

It's like the proverbial 7 black drops of ink in a can of white paint. Invisible Man indeed.

up
0 users have voted.

There is always Music amongst the trees in the Garden, but our hearts must be very quiet to hear it. ~ Minnie Aumonier

snoopydawg's picture

@Anja Geitz

Trying to talk some sanity to people who have lost theirs is worth trying. A few of the others that tried this had a few rec's and one person said "finally some sense here which seems to have fled this place."

It's always a good idea to not just let the next WMDs run unabated.

up
0 users have voted.

Which AIPAC/MIC/pharma/bank bought politician are you going to vote for? Don’t be surprised when nothing changes.

Anja Geitz's picture

@snoopydawg

I personally avoid engaging in a place that seeks to destroy reason and takes malicious pleasure in penalizing you for doing so.

How efficacious it is for the unarmed few who chose to swim against that tidal wave of virulent flesh eating bacteria remains to be seen.

up
0 users have voted.

There is always Music amongst the trees in the Garden, but our hearts must be very quiet to hear it. ~ Minnie Aumonier

@snoopydawg You may have seen this and video.

https://medium.com/@caityjohnstone/what-happens-when-a-russiagate-skepti...

Aron Mate of Real News interviews Luke Harding about this book on Russian meddling, etc. When Mate asks for proof of some assertion, Harding replies basically "my proof is that Putin is bad". Mate says sure okay Putin is bad, but what proof do you have. Harding had no proof other than asserting all the accusations must be true because Putin is a bad person.

up
0 users have voted.

@MrWebster

What a wonderful interview of Harding by Aaron Mate. Thank you for linking it.

One of the things about Harding's style of speaking is his constant use of the words, "kind of," which are recognized as qualifiers (in tentative speech) in order to weaken one's message. In other words, if you say Putin owns Trump, that's different from saying, Putin kind of owns Trump. But if you use it constantly, as Harding does in this interview, you are saying, "nothing I am saying in this interview is actually based on facts or evidence."

In Harding's case, he is speaking to defend his book which is entitled, "Collusion," but he doesn't take advantage of the opportunity to provide evidence, and the constant refrain, "kind of," only makes his assertions, such that everybody knows or that if you were in Russia you would know, less meaningful. Here is a part that Caitlin Johnstone provided in text:

https://medium.com/@caityjohnstone/what-happens-when-a-russiagate-skepti...

Harding: Look, I’m a journalist. I’m a storyteller. I’m not a kind of head of the CIA or the NSA. But what I can tell you is that there have been similar operations in France, most recently when President Macron was elected — 

Maté: Well actually Luke that’s not true. That’s straight up not true. After that election the French cyber-intelligence agency came out and said it could have been virtually anybody.

Harding: Yeah. But, if you’ll let me finish, there’ve been attacks on the German parliament — 

Maté: Okay, but wait Luke, do you concede that the France hack that you just claimed didn’t happen?

Harding: [pause] What — that it didn’t happen? Sorry?

Maté: Do you concede that the Russian hacking of the French election that you just claimed actually is not true?

Harding: [pause] Well, I mean… that it’s not true? I mean, the French report was inconclusive, but you have to look at this kind of contextually. We’ve seen attacks on other European states as well from Russia, they have very kind of advanced cyber capabilities.

Maté: Where else?

Harding: Well, Estonia. Have you heard of Estonia? It’s a state in the Baltics which was crippled by a massive cyber attack in 2008, which certainly all kind of western European and former eastern European states think was carried out by Moscow. I mean I was in Moscow at the time, when relations between the two countries were extremely bad. This is a kind of ongoing thing. Now you might say, quite legitimately, well the US does the same thing, the UK does the same thing, and I think to a certain extent that is certainly right. I think what was different last year was the attempt to kind of dump this stuff out into kind of US public space and try and influence public opinion there. That’s unusual. And of course that’s a matter of congressional inquiry and something Mueller is looking at too.

Maté: Right. But again, my problem here is that the examples that are frequently presented to substantiate claims of this massive Russian hacking operation around the world prove out to be false. So France as I mentioned; you also mentioned Germany. There was a lot of worry about Russian hacking of the German elections, but it turned out — and there’s plenty of articles since then that have acknowledged this — that actually there was no Russian hack in Germany.

up
0 users have voted.
snoopydawg's picture

@MrWebster

on just about everything he wrote. This type of information should be posted on ToP and if someone gets banned for it then it's against site rules. Not that it would stop them, but maybe it'd open some minds there.

Thanks for posting it.

up
0 users have voted.

Which AIPAC/MIC/pharma/bank bought politician are you going to vote for? Don’t be surprised when nothing changes.

Anja Geitz's picture

@MrWebster

My favorite part of the interview was at the end:

Maté: I don’t think I’ve countered anything you’ve said about the state of Vladimir Putin’s Russia. The issue under discussion today has been whether there was collusion, the topic of your book.

Harding: Yeah, but you’re clearly a kind of collusion rejectionist, so I’m not sure what sort of evidence short of Trump and Putin in a sauna together would convince you. Clearly nothing would convince you. But anyway it’s been a pleasure.

After that Harding just logged off and left Mate to wrap up the interview by himself.

Caitlin Johnstone also made a good point about how Gish gallop works when she pointed out the way in which Harding asserted that elections in France and Germany were also hacked:

In the above exchange [see excerpt of that exchange up thread], Maté derailed Harding’s Gish gallop, and Harding actually admonished him for doing so, telling him “let me finish” and attempting to go on listing more flimsy examples to bolster his case as though he hadn’t just begun his Gish gallop with a completely false example.

I agree with Johnstone, I'd be shocked if we see another interview between those who are pushing Russia-Gate narrative and someone with the credentials of Mate who asks the most obvious Journalism 101 question: Where's the evidence?

up
0 users have voted.

There is always Music amongst the trees in the Garden, but our hearts must be very quiet to hear it. ~ Minnie Aumonier

Raggedy Ann's picture

prisoners without bars.

up
0 users have voted.

"The “jumpers” reminded us that one day we will all face only one choice and that is how we will die, not how we will live." Chris Hedges on 9/11

mimi's picture

and write stuff I can't understand. Don't think all your funny stuff will deceive me in believing you are the good guys? Nah, nah.

Besides did you know that Putin's children went to the German school in Moscow and that Merkel recently said she got some real good beer and smoked fish when she last time had a Kaffeeklatsch with Putin? Yummy.

So, isn't there a German-Russian conspiracy to just blow off your brains once and for all?

I think some folks in the MIT labs are successfully developing humans with no brains. That's a great counter-intelligence tactic (or strategy), so there is nothing to hack anymore left over for them German-Russian conspiracy love-dolls. See, brainless is the way to be victorious.

You won, I am hacked.

up
0 users have voted.

their homework. Unlike 99.9% of the MSM. Would love to see this posted over at TOP. Better yet, would love to see it get in front of Rachel Maddow's face.

up
0 users have voted.

"Without the right to offend, freedom of speech does not exist." Taslima Nasrin

edg's picture

@Fishtroller 02

It would quickly be deleted and the author banned. They don't like dissenting thinkers who use common sense and logic to disprove their pet theories.

up
0 users have voted.
snoopydawg's picture

@edg

I read it the other night and it was a damn fine diary with you know, evidence to back him up, yet the rubes there refused to bother to read the diary and links provided or believe it what he wrote. Even the ones who agreed with him got taken down.

Truth doesn't matter there anymore if it gets in the way of their thought processes.

up
0 users have voted.

Which AIPAC/MIC/pharma/bank bought politician are you going to vote for? Don’t be surprised when nothing changes.

Anja Geitz's picture

@snoopydawg

I thought it was mostly like eating Cheetos for the brain.

up
0 users have voted.

There is always Music amongst the trees in the Garden, but our hearts must be very quiet to hear it. ~ Minnie Aumonier

Steven D's picture

What Evil Russia Committed Against the Free World is next up.

These people have no shame.

up
0 users have voted.

"You can't just leave those who created the problem in charge of the solution."---Tyree Scott