Monday, April 1, 2019

Alrich awarded Russian International Medal of Freedom!


  
I was very surprised to learn from a news feed this morning that the Ministry for Hybrid Warfare of the Russian Federation has awarded me the ironically-named International Medal of Freedom. Since I hadn’t heard of this, I looked it up online. It seems that this coveted award is bestowed annually on the foreign national who has done the most to advance the interests of Russia in his or her own country.

I was very puzzled by this news, since I certainly don’t think it can be said that I’ve provided any aid or comfort to Russia in my blog posts, especially recently. I was still wondering about this when I received a Skype call from a Russian reporter that I’d met at this year’s RSA Conference a few weeks ago. Of course, when he called me it was the later afternoon in Russia.

“I guess you heard the news?”

I did. What do you know about this?

“I was as surprised as you are when I heard it this morning. Fortunately, I have a very good friend who occupies a fairly high position in this Ministry. I called him about this. He said he did know the story behind this, but he wanted me to come in to talk to him, since he didn’t want to discuss this on the phone. I didn’t have other commitments this morning, so I drove in to talk with him.”

What did he say?

“First let me set the scene. Even though he’s been a friend since high school, I’ve never actually been in his office. I was very impressed – wood panels, high windows. He’s obviously somebody important there. What I found especially striking was the quotation from Nikita Khrushchev in gold lettering behind his desk: ‘We will bury you.’ I asked him why this quote from the height of the Cold War was still there. He answered that he’d regularly asked for the money to have it removed, but he was always turned down. Given how important he obviously is, I found this a little suspicious.”

Whatever.

“Then I got right to the point. I said to him, ‘I know you probably had never heard of Tom Alrich before today; it was probably some low-level guy who suggested him for the award. I actually met him in San Francisco just a few weeks ago, and I can certainly say he’s very nice. But he’s written a number of blog posts that have been very critical of our recent – ahem! – activities with respect to the US power grid. In fact, he’s been calling repeatedly of late for an investigation of the report in the 2019 Worldwide Threat Assessment, which implied that we’d actually penetrated control centers or substations of multiple electric utilities in the US, and had planted malware so that we could cause outages. Now, I know you’re going to deny this is true, since it’s never been officially acknowledged here, but…’

“At this point, I looked up at him, expecting him to be angry that I hadn’t taken the official line that the reports of Russians attacking the US grid were fantasy. Instead he said ‘Don’t worry, I know exactly who Tom Alrich is. I as well as a lot of my people have been reading his blog on certain occasions with great interest, even when he’s not talking about Russia. In fact, giving him the medal was my idea!’”

“Of course, now I was speechless. I almost blurted out ‘You know, I always thought you were smart. But giving a medal to someone who is doing everything he can to thwart what we’re doing with the US power grid is just about the stupidest thing I’ve ever heard. Have you been to the doctor lately?’”

“Fortunately, I didn’t have to say this, since he continued ‘I know this may seem strange to you. But consider: Has he been at all successful in his campaign to get an investigation?’ I admitted that he hadn’t, but I blurted out that this still isn’t a reason to give him a (Russian expletive) medal.

“He went on, ‘I first heard about him last summer when he started writing  about us, the day the big article appeared in the Wall Street Journal. This was a report on the first of four briefings that the Department of Homeland Security scheduled in late July. That article quoted DHS people at the briefing as saying that ‘Russian hackers’ had penetrated control networks at utilities, and had most likely planted malware that could cause outages (this story was immediately widely reported, of course).

I’ll admit that at the time I told others he was just an excitable fellow, and he wasn’t really a danger to us. After all, in that first post he asked a few pointed questions that implied the DHS people didn’t know what they were talking about. And when DHS issued a story two days after the briefing that just about completely discounted what had been said at the first briefing, Mr. Alrich expressed amazement that DHS could have been so wrong at first. But he clearly believed the walk back by DHS, not the briefings themselves. After that, people congratulated me that I had been right about his not being a danger, and I and my department pretty much forgot about him.

“But in January, the Wall Street Journal came out with another article – this one the product of its own research, not just repeating what was in a briefing – that provided a lot more detail about our campaign, including the statement by Vikram Thakur of Symantec that at least eight utilities had been penetrated at the control system level, and malware might have been planted. And shortly after that, the Worldwide Threat Assessment came out.

“At this point, Mr. Alrich completely changed his tune and – while he still indicated skepticism about the reports, he said an investigation was needed, and he started a one-man campaign for this (which he continues today). He made the point that a lot of experts had flown from the US to the Ukraine to investigate after our successful attacks there (both the 2015 and 2016 attacks), and had produced some very good papers on them. Plus DHS had held multiple briefings for the utilities, both classified and unclassified – so that they could be on the lookout for similar attacks. He started asking very loudly why so much had been done when the Ukraine was attacked, whereas when the FBI and CIA reported that the US was subjected to attacks that might be far more damaging, nobody felt motivated enough to look into why they said this – even though the general consensus in the utility industry was that those agencies must have been wrong.’

“At this point, I was really exasperated and got sarcastic. ‘So you decided the right way to neutralize Mr. Alrich as a threat was to give him a medal!? Whatever happened to the Skripal solution?’ Of course, I really like you so I certainly don’t want what happened to Skripal to happen to you, but I assumed the office was bugged and I began to think this was some sort of test of my loyalty. And you probably know that Russian journalists who show insufficient loyalty to President Putin sometimes die of acute lead poisoning, if not some other type of poisoning.”

Don’t worry, I’m sure you wouldn’t seriously advocate the Skripal solution for me. And even if you did, given how badly the Russians botched that one, I wouldn’t be too concerned about it.

“You’re right about that! We really blew it. At this point, my friend picked up his story. He said ‘Believe me, I started to advocate for something like Skripal to be applied to Mr. Alrich. But then I decided to talk to a deeply embedded asset we have in the US, who is really on top of all this electric utility stuff. I told him we were considering taking action to neutralize Mr. Alrich, and he laughed. He asked if I was crazy, and he said we should give Mr. Alrich a medal, not try to kill him.

“Now I was really confused, and I asked if he was joking with me. He said ‘Certainly not. The best thing you can do for yourself is let Mr. Alrich continue his campaign for an investigation. In fact, you should do everything you can to encourage him in it – maybe get some of our friends in the US government to egg him on, whatever. And do you know why I say this? It’s because that guy has been going on crusades for years - complaining about wording problems in CIP version 5 and trying to get them fixed, trying to get NERC to postpone the CIP v5 compliance date, trying to get all of the current CIP standards rewritten in a risk-based format, and on and on.

“Yet guess how much success he’s had? Zero. People read him, but nobody in a position to make anything happen ever agrees with him. In fact, what makes him really valuable to you is that, because he complains so much, I think the people in power deliberately don’t do what he’s demanding. So the best thing that ever happened to our attacks on the US power grid was when Tom Alrich started calling for an investigation. That probably guaranteed they’ll never be seriously investigated!’

“At this point, our asset in the US stopped talking, to let this sink in with me. I thought a bit, then asked him if he’d heard the phrase ‘useful idiot’. He said he had indeed, and that while it was often attributed to Lenin it was actually much older. I said ‘Well, it seems like Mr. Alrich may be our useful idiot. I absolutely agree we should give him a medal, not kill him. I’ll get that done right away.’’’

“And now you know why they gave you that medal. I have to admit I was in awe at the subtlety of this reasoning; and I was also very relieved that they’d rejected the idea of killing you – which means, by the way, that you shouldn’t hesitate to come here to St. Petersburg to accept the award. By the way, have you ever been to Russia?”

I haven’t, although I’ve always wanted to visit St. Petersburg. I’ve read a lot about the Bolshevik revolution and I’ve always wanted to see the Hermitage. However, I saw that the ceremony is during the next NERC CIPC meeting and I very much want to attend that because of the CIP-013 discussions beforehand – so I’ll have to decline.

“Too bad, I would have given you a personal tour of the Hermitage. I spend most of my Sundays there! Well, at least you now know why you got the medal.”

I thanked my friend for his invitation and said I’d hope to come another time. But I probably won’t, for fear there will be a change of heart at the Ministry, and they’ll go back to planning the Skripal solution for me. I’m safer here in the USA!

Plus I can’t say I really appreciate being called a useful idiot. I’ve been called an idiot many times before, but useful???


Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC.

If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com. Please keep in mind that if you’re a NERC entity, Tom Alrich LLC can help you with NERC CIP issues or challenges like what is discussed in this post – especially on compliance with CIP-013. To discuss this, you can email me at the same address.

No comments:

Post a Comment