On Friday the 28th, I’ll be Chris Blask’s guest on his interview show at 2PM EST. Chris is quite an interesting guy, while I’m a relentless scold (see below). So it should be interesting. I don’t know what we’ll talk about, but I think it might have something to do with SBOMs. But knowing Chris, it might have something to do with boats. Or maybe both. If you can’t make it on the 28th, it will be available on YouTube next week; I’ll publish the link when I get it.
Perhaps you’ve read something
about how Vladimir Putin, my favorite dictator/kleptocrat/cybercriminal, is now
threatening the Ukraine with invasion – although it seems he forgot to bring
more than half of the army he will need to conduct a successful invasion. On
the other hand, maybe he’s emulating George W Bush, who forced Army Chief of
Staff Erik Shinseki to retire in 2003, after he predicted that “several hundred
thousand troops” would be needed to pacify Iraq if we invaded. Bush invaded
with about half that number.
That move didn’t work out very
well, so for that reason I think the Ukrainians can sleep fairly peacefully in
their beds, knowing that Putin doesn’t intend to invade with the 100,000 troops
he’s arrayed now. From the ruthless giant that I (and everyone else in the US,
it seems) believed Russia to be up until the Soviet Union fell, Russia has now become
The Mouse that Roared. Plus, he’s made it clear that he won’t miss the opening
of the Winter Olympics in Beijing in two weeks – hardly a sign that the tanks
will be rolling anytime soon.
But just because he won’t invade
doesn’t mean that Putin won’t cause a lot of trouble for Europe and the US,
using his favorite “hybrid
warfare” tactic: hard-hitting cyberattacks, with the power grid being the
favorite target. So it might be expected that he’ll turn his attention back to
the grid he loves to attack over all others – yes, even over Ukraine’s: that’s
the US grid.
Fortunately for Uncle Vlad, he’s
been diligently seeding the US grid with the malware he knows will come in handy
on a rainy day – and that day may well be coming very soon. How do I know he’s
planted this malware? Consider the people who have been saying that:
1.
The directors of the FBI
and CIA, in their Worldwide
Threat Assessment in January 2019.
2.
Vikram
Thakur of Symantec, in the Wall Street Journal in January 2019.
3.
The former deputy
director of the NSA, in
May 2019.
4.
The WSJ in
November 2019.
With all these people waving a red
flag, what has been done to investigate
these reports of the Russians planting malware in our grid (and likely in
control centers, since they were said to be in a position to cause outages)?
After all, when the Russians attacked Ukraine’s grid in 2015 and 2016, US
investigators were as thick as flies over there – and they came back and gave a
whole series of classified and unclassified briefings in cities across the US. Wouldn’t
you expect that there would have been a similar investigation here, along with briefings
for utilities, to tell them how to remove the malware? After all, isn’t the US
grid much more important to us than Ukraine’s?
One would think so. But nothing
ever happened. No briefings, classified or unclassified. No high level reports.
No red alerts to the industry. No Facebook posts. No ads on milk cartons. Nothing.
So I have to assume either that
all of the above people are boldface liars, or the Russian malware is still
sitting in those control centers, waiting for the Dark Lord in his Dark Tower
in Moscow to raise his hand…
Have a good night! And make sure
your flashlight has batteries.
Any opinions expressed in this
blog post are strictly mine and are not necessarily shared by any of the
clients of Tom Alrich LLC. Nor
are they necessarily shared by CISA’s Software Component Transparency
Initiative, for which I volunteer as co-leader of the Energy
SBOM Proof of Concept. If you would
like to comment on what you have read here, I would love to hear from you.
Please email me at tom@tomalrich.com.
No comments:
Post a Comment