Why does the oil pipeline even connect to the internet? I don't get it... seriously, why can't it be a LAN based setup?

[R-T-B]

gray-hat

Frankly, they are blackhat, period. Just because they supposedly have groups they will not target does not mean they are not still trying to exert hacking as a manipulative, threatening force. There is nothing "grey-hat" about that.

 

[ShiBDiB]

A lot of these systems are remotely monitored. That is why they are connected through the internet.

This is the likely answer. Although requiring a secure company VPN would definitely help with this situation (but would still be vulnerable if someones credentials were cracked, can be mitigated further with 2fa like requiring a physical card and password).

Can't say for sure what the case was as the company isn't even sharing with CISA let alone the public.

 

[MentalAcetylide]

Frankly, they are blackhat, period. Just because they supposedly have groups they will not target does not mean they are not still trying to exert hacking as a manipulative, threatening force. There is nothing "grey-hat" about that.

Yeah, that was my point, hence I put it in quotations. I think "ass-hat" would be more fitting.

 

[R-T-B]

Yeah, that was my point, hence I put it in quotations. I think "ass-hat" would be more fitting.

"Hactivism" does indeed deserve to die in a dumpsterfire.

 

[Shrek]

I imagine each country has its own group of hackers building weapons for use in case of conflict, this attack is a blessing in disguise; better to harden the systems now than later.

 

[phill]

It might NOT connect to the internet at all. Someone could've brought this malware in on thumb drive. It happens a lot on high value air gapped systems (earliest instance was the Iranian centrefuge worm, IIRC), as cryptolocker malware like this only needs to be installed. It does not need the internet to actually function.

Bit late to the party but didn't they have to physically be at the property in like Die Hard 4 to hack these places??

Film I know but......

I worry about someone spoofing an OS update and bringing down a large number of computers.

I thought Microsoft did that fairly well and regularly with what's called Windows 10 updates.... ??

 

[MentalAcetylide]

"Hactivism" does indeed deserve to die in a dumpsterfire.

I have something more fitting in mind.
1st offense: cut off their hands.
2nd offense: cut off their feet.
3rd offense: cut off their head. Seeing as how they like to repeatedly create havoc that could cause people to lose their head, it would be fitting. Three strikes with a keyboard and they're dead. They don't want to give it up, then they can give up the ghost.

 

[damric]

The pipelines probably upgraded the old analog relays to PLCs we see in modern mills and production facilities. The last steel mill I worked at had everything interconnected on the local network but you could easily remote in from home to check on things or tweak some settings. Even the overhead cranes were in the network. Often the login/password was "admin/password" which was just nuts. What was interesting is that every PLC and machine was cooled by refrigerated water, which created even more maintenance issues. A disgruntled somewhat knowledgeable employee could seriously do some damage.

 

[R-T-B]

I have something more fitting in mind.
1st offense: cut off their hands.
2nd offense: cut off their feet.
3rd offense: cut off their head. Seeing as how they like to repeatedly create havoc that could cause people to lose their head, it would be fitting. Three strikes with a keyboard and they're dead. They don't want to give it up, then they can give up the ghost.

I'm a fan of reeducation more, but acknowledge some people never learn. For that, my preference would be life in prison but I'm a known bleeding heart.

 

[dragontamer5788]

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security

krebsonsecurity.com

“A few hours ago, we lost access to the public part of our infrastructure,” the message continues, explaining the outage affected its victim shaming blog where stolen data is published from victims who refuse to pay a ransom. The outage also took down its payment server and those that supply its distributed denial-of-service feature, which is used to turn up the heat on victims who balk at paying

Well, RIP Darkside. They messed with the wrong group. They should have stuck to RansomWare-as-a-Service vs Hospitals, and not move in vs oil pipelines.

EDIT: It could very well be an inside-threat though. If Darkside-group felt like this latest hack got them too much attention, maybe one of the hackers just took the money (from their own group) and ran. Hard to tell without much more context, but either way, Darkside-group is gone. Whether or not they come back in a new form will remain to be seen in the near future.

 

[AliJa]

hello. an interesting question. most likely, it is easier for the owners of the oil pipeline just like that. They have offices not only near the oil pipeline itself. They are scattered all over the country. And the company is simply easier when they can somehow interact with the oil pipeline from anywhere in America. As a person who worked at a Mexican oil well, I can say with confidence that the biggest problem in this matter is the speed of the Internet. I hope that artificial intelligence will be introduced soon, which will fix these problems. I became interested in artificial intelligence when I read about it in an article: https://www.techtimes.com/articles/...cial-intelligence-in-our-day-to-day-lives.htm

 

[the54thvoid]

Always good to remember, these groups mostly operate out of Russia. And they operate with absolute impunity and state indifference (if not support).