For the
first time that I know of, this blog has had more hits in the previous seven
days from a foreign country than from the US. Specifically, there have been 553
page views from Russia vs. 382 from the US, and smaller numbers from other countries (of course, this doesn’t include the
close-to-700 subscribers to the email feed, who probably read my posts - or don’t
read them - from the email without going to the site). But it is still remarkable that US
residents are currently the minority of my non-subscriber readers, although I
don’t think that will last very long.
I’ve had one
big Russian spike in July and August, when I was writing[i] about
the Russian
supply-chain attacks on the power industry, and more specifically DHS’s wildly-exaggerated
reporting of those attacks - although even then I don’t think Russians were
ever responsible for more page views than Americans, over a period as long as a
week. The reason why there might be a lot of interest in Russia in what I was
writing was pretty obvious then, whereas I can’t think of anything I’ve written
lately that even refers to Russia.
I’ve always
had a decent contingent of non-North American readers[ii], but I
always assumed that was because other countries are always considering the
question whether they should impose mandatory cyber security regulations on
their electric utilities. From that point of view, just about everything I
write has some relevance for them, because so much of it has to do with
problems with the NERC CIP standards – and some of it points to how I would
rewrite CIP if given the chance.
In any case,
to my new Russian readers, welcome! I hope you find information here that will
help Russia design workable guidelines or regulations for your own power
industry. But if you happen to be one of the small number of Russians actively
engaged in trying to hack into the US power grid, you aren’t going to find
anything in this blog that will help you in your job, so I suggest you find
some more productive line of work. Your efforts so far have been a dismal
failure, and I don’t want you to hope that this will change anytime soon,
because it won’t. There can’t be a lot of job security in your current
position, and a lot of downside – like being indicted and sanctioned by the US.
P.S. While I have your attention, I'd like you to relay a question to Mr. P, the next time you run into him at the grocery store: If - say - 10 or 15 years ago, he had made the decision to unleash the vast scientific and technical talents of the Russians on developing computer software and hardware that the rest of the world would want, rather than on trying to attack them (for little or no visible gain to the Russian people, regardless of a few feathers in Mr. P's cap), wouldn't your country be much better off? And wouldn't a lot of you be hugely better off personally, in Russia's own Silicon Valley? Just asking.
Note from Tom 4/1/19: I was right in stating in this post that the spike in views from Russia was probably temporary. The next week, presumably due to this post, the numbers went way down. However, at the same time there was a huge spikes in hits from "Unknown Region" - they went from the normal 10-20 range to around 250. I assumed this was because a lot of my supposed Russian friends wanted to keep reading, but used IP addresses not assigned to any region. This leads me to believe that at least a lot of the Russian spike consisted of people whose motives for reading me weren't pure - i.e. they may be looking for me to reveal weaknesses in the US grid. I know of only one possible serious weakness that hasn't been widely discussed, and I turned that over to FERC last year to investigate. I will never write about that in this blog.
P.S. While I have your attention, I'd like you to relay a question to Mr. P, the next time you run into him at the grocery store: If - say - 10 or 15 years ago, he had made the decision to unleash the vast scientific and technical talents of the Russians on developing computer software and hardware that the rest of the world would want, rather than on trying to attack them (for little or no visible gain to the Russian people, regardless of a few feathers in Mr. P's cap), wouldn't your country be much better off? And wouldn't a lot of you be hugely better off personally, in Russia's own Silicon Valley? Just asking.
Note from Tom 4/1/19: I was right in stating in this post that the spike in views from Russia was probably temporary. The next week, presumably due to this post, the numbers went way down. However, at the same time there was a huge spikes in hits from "Unknown Region" - they went from the normal 10-20 range to around 250. I assumed this was because a lot of my supposed Russian friends wanted to keep reading, but used IP addresses not assigned to any region. This leads me to believe that at least a lot of the Russian spike consisted of people whose motives for reading me weren't pure - i.e. they may be looking for me to reveal weaknesses in the US grid. I know of only one possible serious weakness that hasn't been widely discussed, and I turned that over to FERC last year to investigate. I will never write about that in this blog.
Any opinions expressed in this blog post are strictly mine
and are not necessarily shared by any of the clients of Tom Alrich LLC.
If you would like to comment on what you have read here, I
would love to hear from you. Please email me at tom@tomalrich.com. Please keep in mind that
if you’re a NERC entity, Tom Alrich LLC can help you with NERC CIP issues or
challenges like what is discussed in this post – especially on compliance with
CIP-013; we also work with security product or service vendors that need help
articulating their message to the power industry. To discuss this, you can
email me at the same address.
[i]
And I don’t want to leave the impression that I consider this story over, since
I haven’t heard anybody from DHS explain to my satisfaction how the apocalyptic
statements they made initially are consistent with the shifting explanations
they have provided since then – or for that matter, with the much more measured
statements
they made when they first pointed out the issue, in far less detail, last
March. I have another post on the topic in my to-do list, but that list keeps
getting longer as more pressing issues like this one pop up.
[ii]
And they have been distributed across a number of countries, although lately
the Ukraine and Eastern Europe (Poland, Czechia and Hungary) have
all had their spikes. I’ve been especially pleased with some recent hits from
Vietnam, since my wife is Vietnamese and I’ve been there a number of times in
recent years – a really great place to visit, by the way, with the friendliest
people you’ll ever meet. I’ve always been surprised by how few Canadian hits I
have, but I know there are a number of Canadians that subscribe to the email
feed, since I often get email comments from them based on having read the feed.
No comments:
Post a Comment