Showing posts with label National Security. Show all posts
Showing posts with label National Security. Show all posts

Saturday 22 May 2021

FT Exposes the “Dirty Secrets” on Infrastructure Cybersecurity

By Day Keeps the Free Market Working
By Night Redeems Children's Teeth for Cash

In this weekend’s FT Myles McCormick and Hannah Murphy wrote: “Pipeline ransom attack exposes vulnerability of American infrastructure to cyber threats”

At first glance this seemed to be “Sun rises in the East, sets in the West” article as the vulnerability of American infrastructure to cyber threats has been repeatedly “exposed”.

The Colonial Pipeline incident is not the first cyberattack rodeo in the USA as the authors note:

Since 2019, US critical infrastructure targets have suffered about 700 ransomware attacks, including 100 this year, according to data from Temple University in Philadelphia.

As I read on, it seemed more properly that the article exposed two key reasons why incidents like these occur and, thus, why infrastructure is insecure. 

Key reasons outlined below in bold. Quotes from the article in the list below each “point”.

Woefully and Criminally Unprepared

  1. Just a quarter of companies in traditional infrastructure businesses, including oil and gas, utilities and healthcare, were properly braced for an attack, estimated Matias Katz, chief executive of the cyber security group Byos.

  2. The oil and gas sector has been criticised for lax cyber security regulation.

Governments have responsibility for being asleep at the switch on regulation. 

Though as Milton Friedman would tell you, if he could, there is no need for government regulation as the “Free” Market solves problems like this all on its own.

It’s all about the Benjamins.

  1. But reconfiguring traditional security systems to account for the ever-changing nature of cyber threats is costly.

  2. Pipeline infrastructure is largely operated by private capital, so there is often a drive to cut costs where possible.

Or, in small words, private companies avoid spending the money. 

As evidenced in the first point above, an estimated 75% of infrastructure operators. 

So it’s not the case of a few cases proving the rule about the magical prowess of the “Free” Market correct.  

But rather the overwhelming majority proving Dr. Friedman "dead" wrong.

Two further thoughts.

When the going gets tough, our national rough and tumble highly competitive private companies go running to Uncle Sugar for a handout.

  1. You know them. They’re the guys who complain about welfare and how $300 a week unemployment benefits “sap the willingness of the precariat to work”.

  2. While extolling how the “free” market delivers the best solutions to problems.

  3. Now I’m not adverse to giving aid to those who are truly struggling.

  4. Colonial Pipeline’s 2018 FYE audited report shows net profit of some US$ 470 million on total revenues of US $ 1,397 million (a very nice 33.7% net margin) and interim financials for 1Q2019 US$ 137 million in net profit (36% net margin).

  5. It’s not possible to calculate a return on equity as CP has negative equity. Perhaps, due in part to a generous dividend program coupled with an earlier decapitalization (Treasury stock purchases in prior years). CP paid US $670 million dividends in 2018!

  6. In light of those statistics, I think Uncle Sugar shouldn’t give them more than $299 a week lest we encourage them to slack off.

  7. As you’ll note from the dearth of public information on its financials after 1Q19, CP is pretty good with keeping their financial information secure. So it’s pretty clear where their security focus is.

As to the problem being “old operational technology systems, some of which predate the internet,” having “outdated security and being difficult to upgrade”.

  1. Old operational systems which predate the internet probably aren’t connected to the internet.

  2. Thus, it would seem less likely to be vulnerable to hacking and capture unless miscreants were on the premises to infiltrate PLCs.

  3. Analogy: If you only send snail mail, it’s unlikely that hackers are reading your correspondence.

  4. In some cases if your “internet” technology or programs are “old” enough, they may be extremely difficult to hack/capture.

This is not intended as a recommendation for a Luddite return to manual or outdated systems. But rather as a counter to the “old systems” defense.

It is to repeat myself “all about the Benjamins”. 

It is a "tried and true" method to motivate folks who focus on money by "threatening" them with large fines and loss of their license to conduct business.


Friday 21 May 2021

Profoundly Disturbing FT Article on Bitcoin and the Environment

Asleep at the Switch

 

Katie Martin and Billy Nauman had an extremely scary article in the FT on Friday 21 May.

While the main point of the article was about the amount of energy used to mine Bitcoin and its impact on the environment, it was this quote that sent the real chill down my spine. 

Tesla chief executive Elon Musk has highlighted the environmental impact of cryptocurrencies. Amid calls from climate activists for tighter rules, governments and central banks are starting to take notice.

So what the FT seem to be saying is that absent the Technoking’s statement and that of “climate activists” –who by the way have been ignored for years--, governments and central banks would still not have “taken notice”.

Thus, our fate apparently depends on the random tweets of celebrity businessmen, including one who actually thinks cryptocurrencies are investable assets and whose statements have a volatility mirroring that of Bitcoin

Did I mention that he has an (indirect) economic interest in a portfolio of some US $1.5 billion (cost) in Bitcoin?

Just the sort of chap one would go to for wise counsel.

What a damning statement on several levels about the official entities whose remit is, as we are told, to look out for us!

Unclear as to whether we should ascribe this sorry state to attitude or aptitude.

Or perhaps more likely to both.

This is not the only example of such behavior.

We’ve seen another just this week.

After the ransomware attack on Colonial Pipeline, the US House of Representatives “sprang” into action. Given the prior somnolence, it must have been quite a “leap”. Olympic at least.

The House Homeland Security Committee—as aptly and ironically named as the House Select Committee on Intelligence—apparently just discovered that cyberattacks and hacking pose a national security threat. 

It has in the words of the Committee’s Chairman brought a “new urgency to our work”.

Given repeated past cyberattack incidents and a manifest failure to act, it may be appropriate to remove the word “new” from the Chairman’s statement.

Otherwise, the unwary reader might be tempted to think that there was some urgency in the past.

Having made this criticism, if you’re the faithful reader of this blog, you know that I try to be fair.

I should, therefore, acknowledge Congress’s achievement in reducing pollution through the prevention of the burning of the USA flag. Achieved without a constitutional amendment or even legislation!

And I think we can be almost certain they will “stand tall” to prevent plant-based substitutes for the hamburger and beer.

So, perhaps, all is not lost.

Just most.

Sunday 2 April 2017

Securing the Homeland -- Extreme Vetting Part 3


On a Winning Streak with Another Great Pick

Consistency in performance is what distinguishes a great businessman or a great political leader from mediocre ones. 

Here we are in part 3 of extreme vetting and the pattern is consistent.  You be the judge of performance.

28 March AP reported.
This week, the AP revealed Manafort's secret work for a Russian billionaire to advance the interests of Russian President Vladimir Putin a decade ago. Manafort did not dispute working for Oleg Deripaska but said he had represented him only in personal and business matters. He called the focus on him a "smear campaign," and said he was ready to defend his work if investigators wish to learn more about it.
The White House said Trump had not been aware of Manafort's work on behalf of Deripaska, a close Putin ally with whom Manafort, who is 67, eventually signed a $10 million annual contract beginning in 2006. "The president was not aware of Paul's clients from the last decade," said spokesman Sean Spicer. "What else don't we know? I mean, where he went to school, what grades he got, who he played with in the sandbox?"
AA's head is spinning as promised by Candidate Trump. 


Does this mean that extreme vetting is extreme only in the past five years?  Or is it a shorter period?  And I suppose there's was no  reason to ask Paul about his work in the electoral campaign of the pro-Russian candidate for President of Ukraine Viktor Yanukovych.  Nor about the allegations raised by the current Kiev government against Mr.Manafort.  A curious lack of curiosity.


Extreme Vetting 24/7

 Sleep well, citizens, the Homeland is secure.

Saturday 1 April 2017

Securing the Homeland: Extreme Vetting Part 2

Welcoming Mr. Giuliani to Team Trump

President Trump has correctly noted the importance of extreme vetting to protect the Homeland.

One needs to make sure that those who enter the Homeland or who serve it are not dangerous individuals or those who do not have the best interest of the United States at heart.


On March 27, the NY Times carried a disturbing report on Reza Zarrab which just goes to prove the wisdom of President Trump's statement about extreme vetting.  Zarrab has been charged with facilitating millions of dollars in illicit transactions on behalf of Iran and other sanctioned entities through the use of front companies and false documentation.  He's currently facing trial in the United States. 

Reza Zarrab, a prominent Turkish gold trader who has been jailed in New York on charges of violating the United States sanctions on Iran, has added Rudolph W. Giuliani, the former New York mayor, to his legal team, adding intrigue to a case that has been steeped in international politicking between Turkey and the United States.
Just last month, Mr. Giuliani and another prominent lawyer, Michael B. Mukasey, traveled to meet with the Turkish president, Recep Tayyip Erdogan, as part of their efforts on behalf of Mr. Zarrab, according to a person briefed on the meeting who spoke on the condition of anonymity because of the sensitivity of the trip.
With vetting like this, the nation is clearly in good hands.  I suppose


Friday 10 March 2017

Practical Application of Extreme Vetting to Secure the Homeland

Case in "Point"
As you no doubt recall Candidate Trump called for "extreme, extreme vetting" of immigrants to secure the Homeland.  While this call was focused on immigrants from certain Muslim majority countries, it would seem logical to expect that similar vetting would be applied to those in senior positions in the incoming Administration.  Like staffers with top secret security clearances allowing them access to intelligence reports, meetings of the National Security Council, etc.


greatagain.gov website  18 November 2016
“I am pleased that Lieutenant General Michael Flynn will be by my side as we work to defeat radical Islamic terrorism, navigate geopolitical challenges and keep Americans safe at home and abroad,” said President-elect Trump. “General Flynn is one of the country’s foremost experts on military and intelligence matters and he will be an invaluable asset to me and my administration.”

Washington Post  14 February 2017
Michael Flynn, the national security adviser to President Trump, resigned late Monday over revelations about his potentially illegal contacts with the Russian ambassador to the United States, and his misleading statements about the matter to senior Trump administration officials.

Business Insider   10 March 2017

President Donald Trump was not aware that his former national security adviser, Michael Flynn, was being paid to lobby for Turkish interests in the months leading up the US election, White House press secretary Sean Spicer said Thursday.
But Rep. Elijah Cummings, Ranking Member of the House Committee on Oversight and Government Reform, sent Pence a letter on November 18 requesting more information about the potential conflicts of interest posed by Flynn's lobbying work.
Cummings sent the letter four days after both the Daily Caller and Politico reported that Flynn's consulting firm, Flynn Intel Group, Inc., had been hired to lobby for Turkish interests.
rightscoop website 18 November. 

But Flynn was compensated by the Flynn Intel Group, where he serves as a principal and which has registered as a lobbying firm for a Dutch company owned by a Turkish businessman with close ties to Turkey’s President Recep Tayyip Erdogan. The relationship is more than professional, apparently. Flynn has called for the extradition to Turkey of the cleric Fethullah Gülen, whom he called a “shady Islamic mullah” who lives in exile in the Poconos and on whom Erdogan has blamed a failed July coup attempt (among a host of other sins).

Like The Daily Caller, RS is considered a "conservative" forum.  So both right and left and those in between called this back in November.

Right out in the open. 

Yet, the WH missed it  That's "extreme vetting" with both a capital "E" and "V"!

Thursday 16 February 2017

Help Find Urgently Needed But Apparently Missing US Congressman


Have You Seen This Congressman?


Pictured above is Representative Darryl Issa, (R) California 49th District, Senior Member of the House Foreign Affairs Committee, dogged investigator on national security. 

Apparently missing.

He's urgently needed to conduct at least one and perhaps three investigations on matters of national security.