Colonial pipeline hack

[Ward Smith + 6,615]

On 6/11/2021 at 3:44 PM, Eric Gagen said:

Gas waste is a huge problem.

The lab always had to have liquid argon in stock, but as you know the dewars have pressure release vents, so some is always lost in transit and storage. 

Occasionally they would ship a container that had lost almost all in transit or had a faulty vent valve and would leak almost constantly. They were really good about refunding your losses - if you actually told them about it.

 

Good old @Enthalpic always outing himself. Not quoting you Eric, just an artifact of this website software. I point out that @-trance was yet another Enthalpic sock puppet account and be denies it, and has other sock puppets deny it, then just happens to have the same job history as Enthalpic. Lol

Meanwhile, you're dreaming @Eric Gagenif you're expecting any great precision from a pipeline. They don't build one pipeline for naphtha, another for gasoline and two more for diesel and jet fuel. They use the same pipeline, and put "slugs" of product in the line as spacers to separate product. These aren't "ounces" of product. Glad you found your missing product, but notice that it was effectively paper records that solved the mystery. I'm just saying Colonial could have kept shipping product. And no, I don't believe any RUSSIAN hackers were involved, at all. 

[Eric Gagen + 713]

On 6/12/2021 at 3:48 PM, Ward Smith said:

Good old @Enthalpic always outing himself. Not quoting you Eric, just an artifact of this website software. I point out that @-trance was yet another Enthalpic sock puppet account and be denies it, and has other sock puppets deny it, then just happens to have the same job history as Enthalpic. Lol

Meanwhile, you're dreaming @Eric Gagenif you're expecting any great precision from a pipeline. They don't build one pipeline for naphtha, another for gasoline and two more for diesel and jet fuel. They use the same pipeline, and put "slugs" of product in the line as spacers to separate product. These aren't "ounces" of product. Glad you found your missing product, but notice that it was effectively paper records that solved the mystery. I'm just saying Colonial could have kept shipping product. And no, I don't believe any RUSSIAN hackers were involved, at all. 

I don't expect super precision from a pipeline either, and my example was screwing up volumes by the truckload (literally - we were off over a tanker truck load each month, sometimes 2 or 3 tanker loads) The example you cite in your post is not mine - it's @-trance which I quoted in my post, so you should adjust your statements accordingly.   I KNOW that they put multiple products in a line, which is why I made the point that I did - if you loose access to a reasonably accurate, and timely data stream from a sales system about what is in the system, and how much of it, and where, there's no reasonable way you can in real time (while the pipeline is running) construct a replica system for keeping track of it in just a few days.  In a pipeline with a single type of product in it, unless there are multiple points of entry and exit,  you only need to keep track of volume versus time, and the problem is mathematically trivial.  We found our problem with paper records MONTHS later.  Not in real time.  Not in a few days. Not in time to take action.  With only one product.  Which was batch delivered and batch sold (not continuous) This was a simple problem compared to running a continues pipeline system with multiple products, and multiple delivery points, We actually switched to a computerized record system (with paper backups) as a result of the foul up I discussed.  It cost hundreds of thousands of dollars a month for an operation which grossed ~ $10 million a month.  Fortunately our overall EBITDA at the time was running in the 35 - 40% range so it wasn't a financial disaster, but it easily could have been for a business on a tighter profit margin.  No business can afford to continue operating for any significant length of time without accurate, and timely access to data about what is bought and sold between what parties at what times.  It just can not happen.  

[Ward Smith + 6,615]

On 6/12/2021 at 7:18 PM, Eric Gagen said:

I don't expect super precision from a pipeline either, and my example was screwing up volumes by the truckload (literally - we were off over a tanker truck load each month, sometimes 2 or 3 tanker loads) The example you cite in your post is not mine - it's @-trance which I quoted in my post, so you should adjust your statements accordingly.   I KNOW that they put multiple products in a line, which is why I made the point that I did - if you loose access to a reasonably accurate, and timely data stream from a sales system about what is in the system, and how much of it, and where, there's no reasonable way you can in real time (while the pipeline is running) construct a replica system for keeping track of it in just a few days.  In a pipeline with a single type of product in it, unless there are multiple points of entry and exit,  you only need to keep track of volume versus time, and the problem is mathematically trivial.  We found our problem with paper records MONTHS later.  Not in real time.  Not in a few days. Not in time to take action.  With only one product.  Which was batch delivered and batch sold (not continuous) This was a simple problem compared to running a continues pipeline system with multiple products, and multiple delivery points, We actually switched to a computerized record system (with paper backups) as a result of the foul up I discussed.  It cost hundreds of thousands of dollars a month for an operation which grossed ~ $10 million a month.  Fortunately our overall EBITDA at the time was running in the 35 - 40% range so it wasn't a financial disaster, but it easily could have been for a business on a tighter profit margin.  No business can afford to continue operating for any significant length of time without accurate, and timely access to data about what is bought and sold between what parties at what times.  It just can not happen.  

I explained about the website artifact, of course I know I was talking about the Eejit, not you. Multiple accounts with multiple personalities, and multiple psychoses to boot. Not going after you. 

I'm not a pipeline expert, that's midstream and my experience is upstream and downstream. I've talked to midstream experts and they're the ones who explained walking speed and slugs to me, but the convo didn't get into more weeds than that. Given that Colonial inconvenienced millions of people and all their customers, I'd have taken a different tack if I were in charge. Business insurance would have covered any issues with lost revenues, if any, but overall customers have more to lose than gain by playing games. As you correctly pointed out, Colonial is payed for conveyance no different than if they were a railroad. You worded it oddly, claiming "tariff" but I think I grokked your point. Imagine a railroad shutting down because their billing was confused? It could happen, but it's unlikely. Most likely, they keep delivering and try to figure out the details from paper records for later billing. Their computerized customers will gladly help, they're the ones who need the transport to continue unabated.i think we've beaten this subject to death enough, the info isn't getting better over a month out. Bad guys now know yet another way to mess with America. 

[nsdp + 449]

On 6/8/2021 at 5:55 PM, Ward Smith said:

or was it? Does anyone believe a multi billion dollar company doesn't have anyone who knows how to operate valves? Inquiring minds want to know. 

It is more likely to have been forced out in an early retirement program.

[nsdp + 449]

On 6/14/2021 at 2:02 AM, Ward Smith said:

I explained about the website artifact, of course I know I was talking about the Eejit, not you. Multiple accounts with multiple personalities, and multiple psychoses to boot. Not going after you. 

I'm not a pipeline expert, that's midstream and my experience is upstream and downstream. I've talked to midstream experts and they're the ones who explained walking speed and slugs to me, but the convo didn't get into more weeds than that. Given that Colonial inconvenienced millions of people and all their customers, I'd have taken a different tack if I were in charge. Business insurance would have covered any issues with lost revenues, if any, but overall customers have more to lose than gain by playing games. As you correctly pointed out, Colonial is payed for conveyance no different than if they were a railroad. You worded it oddly, claiming "tariff" but I think I grokked your point. Imagine a railroad shutting down because their billing was confused? It could happen, but it's unlikely. Most likely, they keep delivering and try to figure out the details from paper records for later billing. Their computerized customers will gladly help, they're the ones who need the transport to continue unabated.i think we've beaten this subject to death enough, the info isn't getting better over a month out. Bad guys now know yet another way to mess with America. 

Colonial has had 9 years since the Telvent hack in 2012. https://www.securityweek.com/telvent-hit-sophisticated-cyber-attack-scada-admin-tool-compromised

Management did nothing to prepare for the next time.  Money should be deducted from their paychecks.

[Ward Smith + 6,615]

13 hours ago, nsdp said:

Colonial has had 9 years since the Telvent hack in 2012. https://www.securityweek.com/telvent-hit-sophisticated-cyber-attack-scada-admin-tool-compromised

Management did nothing to prepare for the next time.  Money should be deducted from their paychecks.

Telvent had nothing to do with Colonial that I can see. SCADA wasn't touched either, but they shut it down just in case. I'm about 99% convinced this is because of Solar Winds breach. Colonial is like everyone else, they outsource their security. Just like Telvent, the security of your vendor becomes the problem. I figure there's a fat Jurassic Park guy working on the inside selling to the highest bidder. 

[nsdp + 449]

Ward, if you don't know who has what product were in the line how do you sent Jet to Hartsfield , Gasoline to Florida, Diesel to Knoxville or reformate to Bayway.   How do you send the boundary between products to the batch tanks for separating.  Operations depend on knowing  who put how much product in where so you don't put diesel in someone's gas tank.

[surrept33 + 609]

On 6/20/2021 at 11:07 AM, Ward Smith said:

Telvent had nothing to do with Colonial that I can see. SCADA wasn't touched either, but they shut it down just in case. I'm about 99% convinced this is because of Solar Winds breach. Colonial is like everyone else, they outsource their security. Just like Telvent, the security of your vendor becomes the problem. I figure there's a fat Jurassic Park guy working on the inside selling to the highest bidder. 

The Darkside malware was precariously close enough to the OT systems:

Edited June 24, 2021 by surrept33

[surrept33 + 609]

On 6/9/2021 at 7:06 PM, Ward Smith said:

Of every known customer they have, only one claimed they were never hacked. That customer? The software provider to the 4 largest electronic voting systems. Totally plausible, right? 

[citation needed]

Many of solarwinds' customers are likely not effected because not everyone used the products that had the backdoor:

https://www.solarwinds.com/sa-overview/securityadvisory

[Ward Smith + 6,615]

3 hours ago, surrept33 said:

[citation needed]

Many of solarwinds' customers are likely not effected because not everyone used the products that had the backdoor:

https://www.solarwinds.com/sa-overview/securityadvisory

Thoroughly documented in the election thread. I even posted graphics from their website Before they deleted it. You're the most useful, useful idiot I've ever seen. Who pays you? I'm guessing Soros or Cuckerberg

[nsdp + 449]

 

On 6/9/2021 at 6:06 PM, Ward Smith said:

I understand all that. I am the only person I know of who has put a real hacker in prison, and gathered 6 months of keystroke evidence on him to boot. I used to sell managed security services. This isn't rocket surgery. Interesting that you mention Solarwinds. Of every known customer they have, only one claimed they were never hacked. That customer? The software provider to the 4 largest electronic voting systems. Totally plausible, right? 

As for "giving their product away free". That's preposterous! It isn't their product. They sell transit, they don't buy the refined product and hope the price doesn't change in the 4 days it takes to make delivery at 3 miles per hour, which is how fast the oil flows in pipelines on average. The refiners have their own records of how much they put into the pipeline. These are trivial problems. Deconstructing the data is nothing. 

Ward.

I spent 25 years as a member of the Federal Public Defenders A Panel for the southern then later the western district of Texas doing white collar crimes.   I got started in the Mitnik era and was shanghaied by theIEEE04082018.pdf US Bankruptcy trustee to work with the two gentlemen whose cards are attached in the Enron Trading case where we sent 41 to federal prison.  I got pulled in because of experience with federal white collar cases and  certification as a dispatcher so I understood what the traders were doing.

Vickers Speck304032018.pdf Vickers Speck03162018.pdf Vickers Speck03162018.pdf

Edited July 5, 2021 by nsdp
I screwed up down load.

[Tom Nolan + 2,441]

July 9th is Friday ... CyberPolygon Event ...brought to us by the World Economic Forum and other rich elite... you know, the same crowd with Bill Gates and World Economic Forum who brought us Event 201 on October 18, 2019 (prior to the Pandemic) which ran simulations of a worldwide pandemic out of China, a Novel Coronavirus which would kill millions and shut down the global businesses and demand that the media censor people.   Watch the 12 minute Highlights reel from that Event 201 - Source video (not a copy) https://youtu.be/AoLw-Q8X174

Why Are ‘Conspiracy Theorists’ Worried About an Impending Power Grid Failure?

https://www.thelastamericanvagabond.com/why-are-conspiracy-theorists-worried-about-an-impending-power-grid-failure/

On the eve of the World Economic Forum’s Cyber Polygon simulation of a cyberhack a number of independent journalists and their supporters are warning of a potential power grid failure. Is there reason to be concerned?

In recent months various independent media outlets and journalists have been sounding the alarms, warning their followers of the potential for a power grid failure as the result of a cyber attack. These sentiments are echoed by mainstream pundits, think tanks, and U.S. government officials who also warn that a devastating attack on America’s electric grid or food distribution systems is waiting on the horizon.

However, the major difference between these warnings is the belief that a cyber attack on America’s infrastructure will not come from foreign actors – such as the oft-cited “Russian hackers” – but from the actual individuals warning about threats of cyber terrorism. This “alternative” crowd believes that a cyber attack aimed at taking down the grid will be a sort of “false flag” operation designed to accelerate a push towards a digital dystopia under the guise of “The Great Reset” (more on that in a moment) and the so-called “Fourth Industrial Revolution”.

[ARTICLE CONTINUES]

[Ward Smith + 6,615]

I wish I'd been keeping up on magazines I'm subscribed to rather than wasting time here trying and failing to beat brains into morons. Interesting how the search engines failed to find this, I noticed it cleaning up old emails

Colonial Pipeline hack deconstructed

There are a few key learnings from the incident as it relates to the need for resilience as a core business strategy:

1. The ransomware attack was driven through the enterprise business systems, not through operations. The attack was not an attack on the operational technology (OT) systems which control the pipeline nor were they directly compromised. Still, process interdependencies resulted in the pipeline being shut down. It is important for pipeline operators in the United States to understand all of their cybersecurity risks, not just those related to operational systems, to be resilient. Many companies tend to view cybersecurity and resilience measure as a cost center that affects the bottom line. Yet the risk of disruption to operations threatens revenue in addition to the public health and safety impacts. To protect against attacks, the Federal Energy Regulatory Commission (FERC) has mandatory standards for grid operators, however, does not have the same comparable standard for the network of pipelines. It is up to each organization to frame cybersecurity as a matter of business resilience and think holistically about processes and resultant impact.

2. Colonial’s OT infrastructure had controlled isolation from its IT infrastructure. This has been the modus operandi for operations for many years. The notion that IT/OT convergence requires seamless, two-way communication is a fallacy. The incident highlights the efficacy of network isolation and raises the issue of implementing network segmentation on the operations network in case future incidents occur on the OT network. Salient data can be exchanged without compromising operations, and resiliency in the network means being capable of mitigating spread and impact where a network is penetrated by bad actors.

3. Operations was still capable of delivering, but was starved of orders due to business systems being cut off. Those who spin this incident as a lesson in OT security are doing a dangerous disservice to the reality of the breach. The reality of OT cybersecurity is the biggest risks come from human vectors. In this case, it was an employee falling victim to a phishing effort. Nevertheless, the attack was a call to action for pipeline operators and other managers of critical infrastructure to understand the consequences of all of their cybersecurity risks, regardless of whether they are directed at OT systems or only IT systems.

4. Within two days, Colonial was already partially operating through manual intervention. The decision to shut down the pipeline was taken by the operator itself out of an abundance of caution and could have been overridden if there was indeed a national fuel emergency. The broader fuel supply system responded effectively through the mobilization of ships and trucks. Much of the resiliency of the response was not dependent on technology, an important reminder of how we must adapt in a world where we cannot depend on digital systems.

[-trance + 114]

On 7/22/2021 at 10:58 AM, Ward Smith said:

I wish I'd been keeping up on magazines I'm subscribed to rather than wasting time here trying and failing

So do we.

[Ward Smith + 6,615]

55 minutes ago, -trance said:

So do we.

Don't let the door hit you in the ass when you leave. Just leave, everyone despises you, I've got you blocked as do many others, the rest just point out your numerous failings @Enthalpic. You've fooled no one with your sock puppets so just give up already

[-trance + 114]

18 minutes ago, Ward Smith said:

Don't let the door hit you in the ass when you leave. Just leave, everyone despises you, I've got you blocked as do many others, the rest just point out your numerous failings @Enthalpic. You've fooled no one with your sock puppets so just give up already

You are very confident you know what others think; childlike egocentric thought...

The fact that some internet persona has you completely obsessed is sad.