One of my favorite and oft-repeated warnings is that "two (or more) can play the covert operations game," and it's a warning well worth remembering in today's atmosphere of threats - and more threats - coming from the Lying Circus in Swampington, D.C. Today we're specifically concerned with that threat that the Bidenenko regime recently made to Russia along the lines of "sending a real message" via some sort of cyber warfare that only Mr. Putin and the Russian intelligence services would understand.
Well, E.G. spotted the following story, and it made me think of that threat, and that perhaps we're looking at "message received, here's our reply":
Note that the attack took down a petroleum products pipeline that runs from Texas to New England. But there's more. According to the article's author, Mike Lennon, while the incident is certainly being written down as of this moment to an attack, no one is really sure who the culprit is nor what the motivation was:
The Colonial Pipeline Company said late Friday that it was the victim of a cyberattack, sparking the company to proactively take certain systems offline and temporarily halt all pipeline operations. The company said the attack had impacted some of its IT systems, but did not say if any of its operational technology (OT) systems were directly impacted.
Colonial said in an update Saturday that the incident does involve ransomware.
The incident comes just days after the U.S. National Security Agency (NSA) released a cybersecurity advisory focusing on the security of OT systems, particularly in terms of connectivity to IT systems.
"Not enough is known to comment about attribution but there are interesting possibilities," Mike Hamilton, former CISO of Seattle and CISO of cybersecurity firm, CI Security, told SecurityWeek. "If Colonial is being extorted with ransomware it may, but does not necessarily implicate organized crime as nation-states have been known to obfuscate their motivation using ransomware as a false flag"
"If Colonial is NOT being extorted," Hamilton continued, "this may be pure disruption for the purpose of creating further chaos in the American economy. This is a strategic interest of some countries, especially those that depend on energy for a good portion of their GDP; it is likely that energy prices will spike as a result of this action." (Boldface emphasis added)
What's intriguing to contemplate in connection with these statements is how broad of a list of suspects are implicated: state actors hiding behind a ransomware attack as a "false flag", to organized crime, to a simple "chaos attack" to ruin the American economy, and these could be coming from anywhere outside or inside the country; after all,the current insanity in Swampington - which only exists by means of massive cyber-fraud (the latest out of Maricopa county Arizona is that they don't possess the passwords to the voting machines) and the previous regime gave us the "quackcines" by playing along with the planscamdemic - is such that I think these people would be capable of pretty much anything.
That's a pretty broad and widespread list of potential subjects.
The problem is, however, that we're looking at one isolated incident, and I submit that we've been looking at a full-scale cyber-war that has been going on for quite some time. Recall those attacks from the alleged cyber-warfare group called Anonymous a few years ago, which emerged from nowhere, made the headlines for a few incidents, then quickly disappeared from media reports (a fact which raises the question, Did the group really disappear and cease its activities? Or did reporting about it simply disappear?) We've seen hacks on Sony, on major banks including Chase, JP Morgan, Wells Fargo and so on. Add to this something I observed years ago in connection to actual hardware attacks on internet choke points: the severing of cables in San Franciso, and between Flagstaff and Phoenix, Arizona. Then we had the strange incidents of ship collisions with US warships in the waters of Japan and the Malacca Straits, which at the time seemed to me to be either a cyber attack, or the use of some other form of electronic warfare. Then there was the recent Suez Canal incident, aspects of which seem to imply some sort of possible cyber event. After the incidents with the US Navy warships, a quiet story appeared that the Navy was returning to the practice of teaching celestial navigation and changing some of its bridge operating procedures.
And lest we forget, there's also the curious case of all those restorations of steam locomotives around this and other countries. Union Pacific Railroad in the USA leads this effort, having restored (by my count) at least three engines, including two articulated locomotives that were designed for heavy freight hauling. I've offered the opinion that these restorations - which now are going on in the United Kingdom, Australia, Germany, and Italy (by my last reckoning) - are not simply being done out of the philanthropical kindness of Union Pacific's or British Rail's hearts to provide curiosities for "railroad heritage days". One doesn't go to the expense of restoring steam engines for service (and replacing parts, and training crews) for nothing. No, my guess is that these locomotives are being restored to provide backup in case electro-magnetic pulse takes down the diesel-electric locomotive fleets. If that assessment is accurate, then one should look for signs of restoring the old analogue semaphor and switching systems along major rail networks.
On and on we could go, but I think you get the point.
At the time of those attacks I offered the hypothesis that someone appeared (to me at least) to be trying to map the architecture of the internet and key nodes within that architecture. My point is, we need to start considering these events not as isolated events, but as part of a potential larger picture. As a final argument that we need to start viewing such incidents not in isolation, but with a view to their potential inter-connectedness, consider the "Farewell" case. "Farewell" was the codename that French intelligence gave to Lt. Col. Vladimir Ippolitovich Vetrov, a mole it had inside the Soviet KGB's technical branch in the 1980s. In fact, "Farewell" was in all likelihood the highest ranking mole any western intelligence service ever had inside Russian intelligence, and Vetrov proved to be a veritable goldmine for the French, and later, for US intelligence, for then-French President Francois Mitterrand shared the information about the mole personally to US President Ronald Reagan at their first summit meeting. Vetrov provided the French (and the US) with the KGB's "shopping list," and among that list was western "software." The Reagan administration arranged for the KGB to buy and otherwise steal some software, which had, of course, a "back door" allowing US cyber-warriors to tap into it any time they wished.
They hacked a Soviet natural gas pipeline, causing an immense explosion visible from space, and helping to set back the already crippled Soviet economy. (See my book Hidden Finance, Rogue Networds, and Secret Sorcery, pp. 221-243 for the story, and its possible connections to the PROMIS software-Inslaw story). Oddly and "coincidentally" enough, in 1984, a novel about cyber-warfare appeared, first in France, and then in 1986 in English, called Softwar (French title: La Guerre Douce), by Thierry Breton and Denis Baldwin-Beneich.
To put it country simple: full scale cyber warfare has been going on since the 1980s at least.
And this latest incident may be but one more pixel in a much larger picture...
See you on the flip side...