Alyssa Miller 🛩️ 
We've known and talked pretty openly in mainstream media about how trivial an attack like this would be. Seriously can't get away from the gut feeling that this may be the tip of an iceberg here.
Zeb Palmer@alyssam_infosec was just staring out the window thinking the same thing.
@zebpalmer I remember having conversations with folks at National Grid back in 2012. The things they told me back then were scary AF, this story now has me wondering how much if any of that they and others like them have been able to address in the last 10 years.
@alyssam_infosec I was a fed employee in late 90s/early 2000s working in telecom infra & incident communications/management. Those conversations were already going on back then.
I don't have a warm fuzzy feeling about progress 😒
Alex@rtnVFRmedia Suffolk UKsame vulnerabilities also exist here
in Britain and rest of Northern Europe and there are already disgruntled elements of the population (particularly in suburban semi rural areas) who might choose to attack such infrastructure - maybe even more so, as guns and ammo are controlled here making it harder to shoot at large groups of people whereas substations are mostly only protected against metal theft rather than sabotage..
NosirrahSec 🏴☠️ guillotine enthusiastFriends with linemen and other assorted infrastructure support types.
They've addressed fucking nothing.
The Doctor@alyssam_infosec @zebpalmer I remember when this happened in 2014, and folks just sort of forgot about it a day later.
ShayRSF@alyssam_infosec this is sobering and I believe you are bang on about it. 😕
Kevin Thomas ✅@alyssam_infosec this is so significant. ICS security is something we really need to tighten up. Thank you for sharing this!
Mark Shane Hayden@kevinthomas @alyssam_infosec it is a very slow process especially when there is sometimes active resistance by SCADA operations and maintenance people to implementing sensible security measures until there is an incident.
@msh @alyssam_infosec so well said Mark I could not agree more but we must deal with this.
@kevinthomas @alyssam_infosec yup...that is literally more than half of my job.
In some parts of the ICS/SCADA world there is a strongly reactionary culture. Once it is "working" don't touch it! Leave those MODBUS and VNC servers open on public IPs don't worry we used different ports to hide them! Ugh what is this VPN thing and these keys they are so annoying change it back! 
That combined with infosec kinda failing at usability makes it quite a challenge.
@msh @kevinthomas @alyssam_infosec
My pet peeves:
1. People whining about minor inconveniences that endanger the infrastructure.
@NosirrahSec @msh @alyssam_infosec agree! Inconveniences if necessary can prevent this entire rabbit hole.
@kevinthomas @msh @alyssam_infosec
I guarantee that the incident will always outweigh the inconvenience. 100% of the time.
Trevor@alyssam_infosec We’ve know it was a possibility but have been fortunate that others know this is a line that you do not cross without repercussions. These people are either very brazen or stupid and if LE can find them need to hit them with every local, state, and federal charge possible to set a very prominent example that there are certain things you do not do.
Itakenaps@alyssam_infosec it’s crazy. It would be so easy to attack the grid in this way. A few well placed attacks and whole cities could lose power. I used to live near a substation and there was never anyone around and I never saw cameras anywhere.
JDN6 ⓋIf I were investigating this, the first pool of people I would look at are the civilians associated with Tobin Sage exercises in the immediate area.
- Just a gut feeling
Mrs Mouse at workNot surprised, given the regional demographics
@alyssam_infosec Shades of the Metcalf substation incident in San Jose nine years ago.
Brianna@alyssam_infosec this should be the tipping point where normies recognize what we've been saying.
But I've felt that before
But I've felt that before
@alyssam_infosec
This affected people I know, people I spend sunday with. It's hard to see this in a detached way when this is really an attack on people.
This affected people I know, people I spend sunday with. It's hard to see this in a detached way when this is really an attack on people.
AMS@alyssam_infosec That and the attack in CA a few years back where someone shot the coolant out of a transformer.
Walker Boh🛡@alyssam_infosec proof of concept feels like to me... Which is not good.
joy larkin 🌺✨@alyssam_infosec The other part about is that these dumbasses did this right outside of Ft. Bragg/Pope AFB where active duty and retired mil personnel live.
HTTP 1.1/418 Teapot@alyssam_infosec Yeah. I’ve seen domestic communication lines cut (shot, actually) but that was small-scale - plausibly strikers or just normal vandals rather than political terrorism.
Sterling@alyssam_infosec
This is the quintessential security challenge. You can prepare for hundreds of complicated scenarios then some yahoo drives his truck through the front door...or shoots up a power station... or "some stupid with a flare gun"
https://www.youtube.com/watch?v=YbMbs0LDbFA
This is the quintessential security challenge. You can prepare for hundreds of complicated scenarios then some yahoo drives his truck through the front door...or shoots up a power station... or "some stupid with a flare gun"
https://www.youtube.com/watch?v=YbMbs0LDbFA
Smoke on the Water (HQ)
@alyssam_infosec
Ancient history, but a true story behind the song.
https://www.npr.org/sections/parallels/2015/03/08/391246315/a-swiss-town-a-casino-fire-and-smoke-on-the-water
Ancient history, but a true story behind the song.
https://www.npr.org/sections/parallels/2015/03/08/391246315/a-swiss-town-a-casino-fire-and-smoke-on-the-water
@AG100pct oh I'm very familiar :)
@alyssam_infosec
I'm surprised that shooting a substation is enough to disable it.
And the motive? To shut down power to a drag show? Fascists really are hard to understand.