1 comment

[ 2.8 ms ] story [ 11.8 ms ] thread
Mainstream media is covering this [1], I came to HN to get a more technical analysis, and rather surprisingly there doesn't seem to be any discussion about this topic.

Haven't we known about SCADA vulnerabilities for years? Aren't these systems supposed to be airgapped? Any industrial controls folks want to weigh in?

Also I'm wondering about the timeline here. Are these tools new, or have they been known for some time? If the latter, why did they wait to issue an alert?

If the tools are new, why wouldn't the Russians hold back from using them until they want to launch an actual physically destructive attack? Maybe this is the beginning stage of such an attack? Maybe they aren't confident in lab tests, need to use them against the actual targets to assess their true effectiveness, and thought they could be stealthy enough to not get caught?

Or maybe these tools have been out there for years, US intelligence has known about them for a while, and the government decided the Russia-Ukraine conflict is heating up enough that publicizing enough information to scare management of SCADA shops into actually securing their stuff has more value than keeping it secret and playing the I-know-you-know spy game?

[1] https://www.youtube.com/watch?v=Mgsm8T-W7vo