Monday, December 31, 2018

A note to my Russian friends (at least, I hope you’re friends!)

For the first time that I know of, this blog has had more hits in the previous seven days from a foreign country than from the US. Specifically, there have been 553 page views from Russia vs. 382 from the US. Of course, this doesn’t include the close-to-700 subscribers to the email feed, who probably read my posts (or don’t read them) from the email without going to the site. While I can’t see who these subscribers are, I’ve always assumed they are primarily North American (I’ve never received any email about the blog from somebody who isn’t in North America, or at least says they are). But it is still remarkable that US residents are currently the minority of my non-subscriber readers, although I don’t think that will last very long.

I’ve had one big Russian spike in July and August, when I was writing[i] about the Russian supply-chain attacks on the power industry, and more specifically DHS’s wildly-exaggerated reporting of those attacks - although even then I don’t think Russians were ever responsible for more page views than Americans, over a period as long as a week. The reason why there might be a lot of interest in Russia in what I was writing was pretty obvious then, whereas I can’t think of anything I’ve written lately that even refers to Russia.

I’ve always had a decent contingent of non-North American readers[ii], but I always assumed that was because other countries are always considering the question whether they should impose mandatory cyber security regulations on their electric utilities. From that point of view, just about everything I write has some relevance for them, because so much of it has to do with problems with the NERC CIP standards – and some of it points to how I would rewrite CIP if given the chance.

In any case, to my new Russian readers, welcome! I hope you find information here that will help Russia design workable guidelines or regulations for your own power industry. But if you happen to be one of the small number of Russians actively engaged in trying to hack into the US power grid, you aren’t going to find anything in this blog that will help you in your job, so I suggest you find some more productive line of work. Your efforts so far have been a dismal failure, and I don’t want you to hope that this will change anytime soon, because it won’t. There can’t be a lot of job security in your current position, and a lot of downside – like being indicted and sanctioned by the US.

P.S. While I have your attention, I'd like you to relay a question to Mr. P, the next time you run into him at the grocery store: If - say - 10 or 15 years ago, he had made the decision to unleash the vast scientific and technical talents of the Russians on developing computer software and hardware that the rest of the world would want, rather than on trying to attack them (for little or no visible gain to the Russian people, regardless of a few worn feathers in Mr. P's cap), wouldn't your country be much better off? And wouldn't a lot of you be hugely better off personally, in Russia's own Silicon Valley? Just asking. 

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC.

If you would like to comment on what you have read here, I would love to hear from you. Please email me at Please keep in mind that if you’re a NERC entity, Tom Alrich LLC can help you with NERC CIP issues or challenges like what is discussed in this post – especially on compliance with CIP-013; we also work with security product or service vendors that need help articulating their message to the power industry. To discuss this, you can email me at the same address.

[i] And I don’t want to leave the impression that I consider this story over, since I haven’t heard anybody from DHS explain to my satisfaction how the apocalyptic statements they made initially are consistent with the shifting explanations they have provided since then – or for that matter, with the much more measured statements they made when they first pointed out the issue, in far less detail, last March. I have another post on the topic in my to-do list, but that list keeps getting longer as more pressing issues like this one pop up.

[ii] And they have been distributed across a number of countries, although lately the Ukraine and Eastern Europe (Poland, Czechia and Hungary) have all had their spikes. I’ve been especially pleased with some recent hits from Vietnam, since my wife is Vietnamese and I’ve been there a number of times in recent years – a really great place to visit, by the way, with the friendliest people you’ll ever meet. I’ve always been surprised by how few Canadian hits I have, but I know there are a number of Canadians that subscribe to the email feed, since I often get email comments from them based on having read the feed.

No comments:

Post a Comment