top | item 30758382

(no title)

samgtx | 4 years ago

I just recently read This is How They Tell Me the World Ends by Nicole Perlroth which was an extremely interesting and concerning book, explaining the escalating capabilities of chained zero-day exploits to create devastating cyber attacks on critical infrastructure.

According to the book, Russia is already inside many American water treatment plants, dams, and electrical grids. This is a concerning and increasingly plausible response to the economic sanctions imposed on them by the west.

discuss

QuarterRoy|4 years ago

I used to consult as a security pen tester and also did forensics and IR. I had many utilities in the US as clients. This was 15+ years ago.

It was quite scary when they started using SCADA to IP and exposing control systems to the internet.

samgtx|4 years ago

You might enjoy the book then. The tools that were built in the NSA and its contractors that are now in the hands of our enemies, combined with the shocking lack of security throughout the country is borderline terrifying. We are so vulnerable.

ericmay|4 years ago

> This is a concerning and increasingly plausible response to the economic sanctions imposed on them by the west.

I'm not so sure about that. Certainly they could do something, but anything truly harmful draws NATO into war with Russia. Maybe they want that? But if this is part of an escalation tactic to then use nuclear weapons, at that point, well it's pointless because you're now already in a committed war with no room for further escalation except nuclear weapons; now you've lost the threat component of the weapon and only have the weapon left, but so does your adversary.

The best card for Putin to play is the threat card. Without using nuclear weapons, or by using them first, he gains the escalation initiative which forces his adversary to respond with matching or further escalatory force, which is good when your adversary doesn't want to escalate. If you go all-in, well they're automatically all-in too. The problem with cyber attacks is you're likely to draw yourself into a full-blown war that conventionally you'll definitely lose, and now there's no escalatory room anymore - essentially it calls the nuclear bluff. If you were never going to use them, now you're at a war you're definitely losing. If you were going to use them, well, that is what it, and now everyone knows and can deal with reality as-is versus guessing at it and giving you (Putin) everything you want up to that threshold.

AnimalMuppet|4 years ago

I think this was the point of a comment by Biden (or someone else?) a couple of weeks ago about the US offensive cyber capability. I think it was a reminder: We're not slouches at this. We can attack you, too, and we can do at least as much damage as you can. Don't open that door.

And so far, Russia hasn't opened it, at least not blatantly.