a fan wrote: ↑Tue Jun 18, 2019 5:12 pm Why is our grid online in the first place? Grid management, load balancing. It is necessary. It is not necessary that it be accessible via the public Internet.
Or our voting machines? Not good reason I can see.
We have all our business accounting on a computer that isn't connected to the internet. Problem solved.
I absolutely agree that hitting Putin back, as good as that likely makes our cyber guys happy, is stupid. Because escalation.
All Things Russia & Ukraine
Re: All Things Russia
STAND AGAINST FASCISM
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
Re: All Things Russia
Just to be clear for a fan, not being connected to the internet does not prevent cyber connection, nor protection of information. Internet penetration is easier, but it's not the only penetration method.jhu72 wrote: ↑Tue Jun 18, 2019 9:49 pma fan wrote: ↑Tue Jun 18, 2019 5:12 pm Why is our grid online in the first place? Grid management, load balancing. It is necessary. It is not necessary that it be accessible via the public Internet.
Or our voting machines? Not good reason I can see.
We have all our business accounting on a computer that isn't connected to the internet. Problem solved.
I absolutely agree that hitting Putin back, as good as that likely makes our cyber guys happy, is stupid. Because escalation.
Of course, it's highly unlikely that foreign agents or even crooks are trying to penetrate your accounting system, so your defenses are likely just fine. Different matter for electric grid systems, nuclear power plants, chemical plants, etc. Voting systems.
Re: All Things Russia
It does from people living in Russia.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 9:35 am Just to be clear for a fan, not being connected to the internet does not prevent cyber connection
Yes, but the order of security of simply not having any connections to other computers is exponentially higher.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 9:35 am
Of course, it's highly unlikely that foreign agents or even crooks are trying to penetrate your accounting system, so your defenses are likely just fine. Different matter for electric grid systems, nuclear power plants, chemical plants, etc. Voting systems.
Last edited by a fan on Wed Jun 19, 2019 3:54 pm, edited 1 time in total.
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
Re: All Things Russia
I don't really want to get into what's actually possible, whether from abroad or here in country with proximity, etc. Suffice it to say that if there's a high value target, it can be penetrated numerous ways other than direct online internet connections. Multiple technologies these days.a fan wrote: ↑Wed Jun 19, 2019 11:22 amIt does from people living in Russia.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 9:35 am Just to be clear for a fan, not being connected to the internet does not prevent cyber connection
Yes, but the order of security of simply not having any connections to other computers is exponentially higher.
But certainly your business's accounting information is quite likely to not be the target of folks in Russia. Your bank accounts are another matter, but how much money you make or don't make, what you spend on, etc is not likely a high value target other than, perhaps, to a competitor interested in identifying ingredient sources, formulas, or other proprietary info. Possible. However, most risk from the typical criminal hacker is likely to a business' bank accounts. But defense in depth techniques do mitigate most of that risk, so the bad guys are much more into the sort of phishing attacks that involve human mistakes, ransomware, etc.
But we were talking about very high value targets from a military or nation-state espionage perspective. In these cases, not being connected to the public internet is definitely not adequate.
Re: All Things Russia
You're speaking on my behalf again.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pmI don't really want to get into what's actually possible, whether from abroad or here in country with proximity, etc. Suffice it to say that if there's a high value target, it can be penetrated numerous ways other than direct online internet connections. Multiple technologies these days.a fan wrote: ↑Wed Jun 19, 2019 11:22 amIt does from people living in Russia.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 9:35 am Just to be clear for a fan, not being connected to the internet does not prevent cyber connection
Yes, but the order of security of simply not having any connections to other computers is exponentially higher.
But certainly your business's accounting information is quite likely to not be the target of folks in Russia. Your bank accounts are another matter, but how much money you make or don't make, what you spend on, etc is not likely a high value target other than, perhaps, to a competitor interested in identifying ingredient sources, formulas, or other proprietary info. Possible. However, most risk from the typical criminal hacker is likely to a business' bank accounts. But defense in depth techniques do mitigate most of that risk, so the bad guys are much more into the sort of phishing attacks that involve human mistakes, ransomware, etc.
But we were talking about very high value targets from a military or nation-state espionage perspective. In these cases, not being connected to the public internet is definitely not adequate.
-
- Posts: 32140
- Joined: Mon Jul 30, 2018 12:10 pm
Re: All Things Russia
The Trump spokesperson position is already taken. Next best opportunity......old salt wrote: ↑Wed Jun 19, 2019 3:22 pmYou're speaking on my behalf again.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pmI don't really want to get into what's actually possible, whether from abroad or here in country with proximity, etc. Suffice it to say that if there's a high value target, it can be penetrated numerous ways other than direct online internet connections. Multiple technologies these days.a fan wrote: ↑Wed Jun 19, 2019 11:22 amIt does from people living in Russia.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 9:35 am Just to be clear for a fan, not being connected to the internet does not prevent cyber connection
Yes, but the order of security of simply not having any connections to other computers is exponentially higher.
But certainly your business's accounting information is quite likely to not be the target of folks in Russia. Your bank accounts are another matter, but how much money you make or don't make, what you spend on, etc is not likely a high value target other than, perhaps, to a competitor interested in identifying ingredient sources, formulas, or other proprietary info. Possible. However, most risk from the typical criminal hacker is likely to a business' bank accounts. But defense in depth techniques do mitigate most of that risk, so the bad guys are much more into the sort of phishing attacks that involve human mistakes, ransomware, etc.
But we were talking about very high value targets from a military or nation-state espionage perspective. In these cases, not being connected to the public internet is definitely not adequate.
“You lucky I ain’t read wretched yet!”
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
Re: All Things Russia
I don't think either of us did so intentionally.old salt wrote: ↑Wed Jun 19, 2019 3:22 pmYou're speaking on my behalf again.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pmI don't really want to get into what's actually possible, whether from abroad or here in country with proximity, etc. Suffice it to say that if there's a high value target, it can be penetrated numerous ways other than direct online internet connections. Multiple technologies these days.a fan wrote: ↑Wed Jun 19, 2019 11:22 amIt does from people living in Russia.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 9:35 am Just to be clear for a fan, not being connected to the internet does not prevent cyber connection
Yes, but the order of security of simply not having any connections to other computers is exponentially higher.
But certainly your business's accounting information is quite likely to not be the target of folks in Russia. Your bank accounts are another matter, but how much money you make or don't make, what you spend on, etc is not likely a high value target other than, perhaps, to a competitor interested in identifying ingredient sources, formulas, or other proprietary info. Possible. However, most risk from the typical criminal hacker is likely to a business' bank accounts. But defense in depth techniques do mitigate most of that risk, so the bad guys are much more into the sort of phishing attacks that involve human mistakes, ransomware, etc.
But we were talking about very high value targets from a military or nation-state espionage perspective. In these cases, not being connected to the public internet is definitely not adequate.
Looks like there was a foul up in a fan's quotes as what I wrote just above was incorrectly attributed to you. Both quotes were from my text. Sometimes happens when one is cutting down a prior post to respond to just a part. Cut in the wrong place and the quote gets attributed to the wrong poster. I didn't even notice it in my exchange with him.
Re: All Things Russia
I misquoted you old salt. That was my error, not Mdlax's, my apologies to you both.
I fixed it.
I fixed it.
Last edited by a fan on Wed Jun 19, 2019 3:54 pm, edited 1 time in total.
Re: All Things Russia
Yes. That's why it's not connected to the internet. We're not paranoid about someone "stealing our whiskey recipes". What we're worried about is my 70+ year old bookkeeper (otherwise known as mom) from opening a bad email, or any other malware.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pm But certainly your business's accounting information is quite likely to not be the target of folks in Russia. Your bank accounts are another matter, but how much money you make or don't make, what you spend on, etc is not likely a high value target other than, perhaps, to a competitor interested in identifying ingredient sources, formulas, or other proprietary info. Possible. However, most risk from the typical criminal hacker is likely to a business' bank accounts. But defense in depth techniques do mitigate most of that risk, so the bad guys are much more into the sort of phishing attacks that involve human mistakes, ransomware, etc.
I agree. But it's a start. And one tool in the toolbag.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pm But we were talking about very high value targets from a military or nation-state espionage perspective. In these cases, not being connected to the public internet is definitely not adequate.
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
Re: All Things Russia
Absolutely, though there's always a trade-off between interconnection and vulnerability. Really can't run an electric grid without interconnection. And any such interconnection can be penetrated. Same for a chemical plant. The plant operational management system may not have any public internet connections (and it shouldn't), but the system is nevertheless going have digital connections, on-off switches, etc. So, vulnerable to a determined foe. Fortunately you're unlikely to have such foes in the whiskey business.a fan wrote: ↑Wed Jun 19, 2019 3:48 pmYes. That's why it's not connected to the internet. We're not paranoid about someone "stealing our whiskey recipes". What we're worried about is my 70+ year old bookkeeper (otherwise known as mom) from opening a bad email, or any other malware.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pm But certainly your business's accounting information is quite likely to not be the target of folks in Russia. Your bank accounts are another matter, but how much money you make or don't make, what you spend on, etc is not likely a high value target other than, perhaps, to a competitor interested in identifying ingredient sources, formulas, or other proprietary info. Possible. However, most risk from the typical criminal hacker is likely to a business' bank accounts. But defense in depth techniques do mitigate most of that risk, so the bad guys are much more into the sort of phishing attacks that involve human mistakes, ransomware, etc.
I agree. But it's a start. And one tool in the toolbag.MDlaxfan76 wrote: ↑Wed Jun 19, 2019 2:58 pm But we were talking about very high value targets from a military or nation-state espionage perspective. In these cases, not being connected to the public internet is definitely not adequate.
Funny re 'mom'. I can picture it!
We have a small family real estate business (not our primary one) that still has my now 82-yr old mom opening the mail, paying the bills, etc, Quickbooks, etc. Some vulnerability, sure, as it's all in the cloud, and her computer is certainly on the public net. We're taking over this function slowly from her, post my dad passing a few months ago, but it's a step at a time.
We run our business nearly entirely in the cloud, and pay a ton of attention to security issues, as we handle some sensitive PII and are regularly audited by regulated industry clients in healthcare, finance, telecom, etc. All sorts defense in depth efforts, but nothing can ever be perfect if the bad guys are sophisticated and your target is very high value. They're evolving all the time, we're all just trying to keep up.
Back to 'mom'. Does 'mom' touch your bank accounts? Aren't they connected? That's where the phishing attack might get her. It's pretty amazing how tricky the sophisticated attacks can be these days, looking just like an official notice....
Re: All Things Russia
Sorry for your loss.
No. Mom just does the books, and my Northwestern U. Econ grad brother handles all banking.
We have Federal issues because of the distilling. Our tax paying mechanisms have to be wired pretty tight.
No. Mom just does the books, and my Northwestern U. Econ grad brother handles all banking.
We have Federal issues because of the distilling. Our tax paying mechanisms have to be wired pretty tight.
Re: All Things Russia
For afan's reading pleasure. Take this Vlad.
NATO storms the beach in the Baltic :
NATO storms the beach in the Baltic :
https://news.usni.org/2019/06/19/u-s-na ... n-security
As the U.S. Navy and its NATO allies showed off the various ways they could take a beach from the sea, they were also showing a deeper commitment to collective security in the Baltic Sea and in Europe in general.
With 18 nations sending 50 ships, two submarines, three dozen aircraft and about 8,600 personnel, the size of the 47th annual BALTOPS alone is impressive. But digging into those numbers is more revealing: the number of personnel in the exercise is more than double than the 4,000 of the 2017 event. The United Kingdom sent 14 ships and Spain sent its flagship and two high-end air defense frigates. And the exercise included fixed-wing strike aircraft – seven Spanish AV-8B Harrier IIs off amphibious assault ship ESPS Juan Carlos I (L-61) – for the first time in years.
Re: All Things Russia
Was a few klicks nearby recently.old salt wrote: ↑Wed Jun 19, 2019 11:31 pm For afan's reading pleasure. Take this Vlad.
NATO storms the beach in the Baltic :https://news.usni.org/2019/06/19/u-s-na ... n-security
As the U.S. Navy and its NATO allies showed off the various ways they could take a beach from the sea, they were also showing a deeper commitment to collective security in the Baltic Sea and in Europe in general.
With 18 nations sending 50 ships, two submarines, three dozen aircraft and about 8,600 personnel, the size of the 47th annual BALTOPS alone is impressive. But digging into those numbers is more revealing: the number of personnel in the exercise is more than double than the 4,000 of the 2017 event. The United Kingdom sent 14 ships and Spain sent its flagship and two high-end air defense frigates. And the exercise included fixed-wing strike aircraft – seven Spanish AV-8B Harrier IIs off amphibious assault ship ESPS Juan Carlos I (L-61) – for the first time in years.
BALTOPS has been going on since the mid 1980's, yes?
Re: All Things Russia
BALTOPS started in '71. It was just a few ships. It's grown over the years as the Cold War ended & NATO expanded eastward. Russia participated 19 years. It started as just shipboard drills & maneuvers, then expanded, adding air & sub ops, then minesweeping, then finally amphib ops, not always this big. I don't recall Spain sending their carrier & Harriers before. The overall exercise, including the amphib portion, got bigger after Russia annexed Crimea & went to war with Ukraine.
Re: All Things Russia
You mean after Russia invaded Ukraine and occupied Crimea. Violating Ukrainian sovereignty. Transit rights.
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
Re: All Things Russia
Russia's occupation of Crimea was unopposed by Ukrainian military forces.MDlaxfan76 wrote: ↑Thu Jun 20, 2019 9:01 amNah, they just 'annexed' Crimea.
Interesting detail though from Salty.
Annexation is the accurate term, in common use re. Crimea. Deal with it.
https://en.wikipedia.org/wiki/Annexation
This article is about the incorporation of additional territory into a nation state.
Annexation (Latin ad, to, and nexus, joining) is the administrative action and concept in international law relating to the forcible acquisition of one state's territory by another state and is generally held to be an illegal act. It is distinct from conquest, which refers to the acquisition of control over a territory involving a change of sovereignty, and differs from cession, in which territory is given or sold through treaty, since annexation is a unilateral act where territory is seized and held by one state. It usually follows military occupation of a territory.
Annexation can be legitimized via general recognition by international bodies (i.e. other countries and intergovernmental organisations).
Crimea
Main article: Annexation of Crimea by the Russian Federation
In March 2014, Russia annexed most of the Crimean Peninsula, part of Ukraine, and administers the territory as two federal subjects — the Republic of Crimea and the federal city of Sevastopol. Russia rejects the view that this was an annexation and regard it as an accession to the Russian Federation of a state that had just declared independence from Ukraine following a referendum, and considers it secession as a result of irredentism. A term often used in Russia to describe these events is "re-unification" (воссоединение) to highlight the fact that Crimea was part of Russian Empire and later Russian SSR.
- MDlaxfan76
- Posts: 25748
- Joined: Wed Aug 01, 2018 5:40 pm
Re: All Things Russia
Yes, they illegally 'annexed' Crimea. But that's hardly all they did. "Annexing" or as the Russians prefer to call it, 'reunification', happened after Russian forces rolled in disguised as Ukrainians and occupied Crimea. They bought off the military. They rolled in their military equipment. They shot down a jet.old salt wrote: ↑Thu Jun 20, 2019 7:50 pmRussia's occupation of Crimea was unopposed by Ukrainian military forces.MDlaxfan76 wrote: ↑Thu Jun 20, 2019 9:01 amNah, they just 'annexed' Crimea.
Interesting detail though from Salty.
Annexation is the accurate term, in common use re. Crimea. Deal with it.https://en.wikipedia.org/wiki/Annexation
This article is about the incorporation of additional territory into a nation state.
Annexation (Latin ad, to, and nexus, joining) is the administrative action and concept in international law relating to the forcible acquisition of one state's territory by another state and is generally held to be an illegal act. It is distinct from conquest, which refers to the acquisition of control over a territory involving a change of sovereignty, and differs from cession, in which territory is given or sold through treaty, since annexation is a unilateral act where territory is seized and held by one state. It usually follows military occupation of a territory.
Annexation can be legitimized via general recognition by international bodies (i.e. other countries and intergovernmental organisations).
Crimea
Main article: Annexation of Crimea by the Russian Federation
In March 2014, Russia annexed most of the Crimean Peninsula, part of Ukraine, and administers the territory as two federal subjects — the Republic of Crimea and the federal city of Sevastopol. Russia rejects the view that this was an annexation and regard it as an accession to the Russian Federation of a state that had just declared independence from Ukraine following a referendum, and considers it secession as a result of irredentism. A term often used in Russia to describe these events is "re-unification" (воссоединение) to highlight the fact that Crimea was part of Russian Empire and later Russian SSR.
This was not merely an 'administrative action', it was a semi-covert, full-on 'invasion', as well as illegal taking.
Note that Trump and the far right tiptoe around this, whispering things like it was formerly 'part of Russia', they speak Russian, so really, who can complain? Remove the sanctions!
Re: All Things Russia
Spot on. There are also problems with them in other near countries. Estonia has a large Russian population is worried about Russian aggression. exactly what it is by the way. The excuse making is appeasement.
South America used to be part of Spain. Texas part of Mexico. The Middle East would have to be redrawn as would Africa.
South America used to be part of Spain. Texas part of Mexico. The Middle East would have to be redrawn as would Africa.