Posts

Tuesday Morning: Wow, You Survived Business Day 1

The post-holiday season debris field continues to thin out, making its way by the truckful to the landfill. I wonder how much oil the season’s plastic wrappings consumed.

Here’s what the trash man left behind this morning.

Hackers caused power outage — the first of its kind?
Marcy’s already posted about the electrical power disruption in Ukraine this past week, labeled by some as the first known hacker-caused outage. I find the location of this malware-based outage disturbing due to its location in western Ukraine. Given the level of tensions with Russia along the eastern portion of the country, particularly near Donetsk over the past couple of years, an outage in the west seems counterintuitive if the hackers were motivated by Ukraine-Russian conflict.

And hey, look, the hackers may have used backdoors! Hoocudanode hackers would use backdoors?!

Fortunately, one government is clued in: the Dutch grok the risks inherent in government-mandated backdoors and are willing to support better encryption.

‘Netflix and chill’ in a new Volvo
I’ve never been offered a compelling case for self-driving cars. Every excuse offered — like greater fuel efficiency and reduced traffic jams — only make greater arguments for more and better public transportation.

The latest excuse: watching streaming video while not-driving is Volvo’s rationalization for developing automotive artificial intelligence.

I’m not alone in my skepticism. I suspect Isaac Asimov is rolling in his grave.

US Govt sues pollution-cheater VW — while GOP Congress seeks bailout for VW
WHAT?! Is this nuts or what? A foreign car company deliberately broke U.S. laws, damaging the environment while lying to consumers and eating into U.S.-made automotive market share. The Environmental Protection Agency filed suit against Volkswagen for its use of illegal emissions control defeat systems. The violation of consumers’ trust has yet to be addressed.

Thank goodness for the GOP-led House, which stands ready to offer a freaking bailout to a lying, cheating foreign carmaker which screwed the American public. Yeah, that’ll fix everything.

Remember conservatives whining about bailing out General Motors during 2008’s financial crisis? All of them really need a job working for VW.

Massive data breach affecting 191 million voters — and nobody wants to own up to the database problem
An infosec researcher disclosed last week a database containing records on 191 million voters was exposed. You probably heard about this already and shrugged, because data breaches happen almost daily now. No big deal, right?

Except that 191 million voters is more than the number of people who cast a vote in 2012 or even 2008 presidential elections. This database must represent more than a couple election cycles of voter data because of its size — and nobody’s responding appropriately to the magnitude of the problem.

Nobody’s owning up to the database or the problem, either.

Here’s a novel idea: perhaps Congress, instead of bailing out lying, cheating foreign automakers, ought to spend their time investigating violations of voters’ data — those folks that put them in office?

Any member of Congress not concerned about this breach should also avoid bitching about voter fraud, because hypocrisy. Ditto the DNC and the Hillary Clinton campaign.

Whew, there it is, another mark on the 2016 resolution checklist. Have you checked anything off your list yet? Fess up.

Power Imbalances in Ukraine

The western press is ginning up alarm because hackers caused a power outage in Ukraine.

Western Ukraine power company Prykarpattyaoblenergo reported an outage on Dec. 23, saying the area affected included regional capital Ivano-Frankivsk. Ukraine’s SBU state security service responded by blaming Russia and the energy ministry in Kiev set up a commission to investigate the matter.

While Prykarpattyaoblenergo was the only Ukraine electric firm that reported an outage, similar malware was found in the networks of at least two other utilities, said Robert Lipovsky, senior malware researcher at Bratislava-based security company ESET. He said they were ESET customers, but declined to name them or elaborate.

If you buy that this really is the first time hackers have brought down power (I don’t), it is somewhat alarming as a proof of concept. But in reality, that concept was proved by StuxNet and the attack on a German steel mill at the end of 2014.

I’m more interested in the discrepancy of coverage between this and the physical sabotage of power lines going into Crimea in November.

A state of emergency was declared after four pylons that transmit power to Crimea were blown up on Friday and Saturday night. Russia’s energy ministry scrambled to restore electricity to cities using generators, but the majority of people on the peninsula remained powerless on Saturday night.

Cable and mobile internet stopped working, though there was still mobile phone coverage, and water supplies to high-rise buildings halted.

[snip]

On Saturday, the pylons were the scene of violent clashes between activists from the Right Sector nationalist movement and paramilitary police, Ukrainian media reported. Ukrainian nationalists have long been agitating for an energy blockade of Crimea to exert pressure on the former Ukrainian territory.

There was even less attention to a smaller attack just before the New Year. (h/t joanneleon, who alerted me to it)

Officials said concrete pylons supporting power lines near the village of Bohdanivka, in southern Ukraine’s Kherson region, were damaged on Wednesday night.

“According to preliminary conclusions of experts… the pylon was damaged in an explosion,” a statement from police said on Thursday.

[snip]

Crimean Tatar activist Lenur Islyamov suggested that strong winds might have brought down the pylon and denied that Tatar activists had been behind the latest power cut.

While the physical attack did get coverage, there seemed to be little concern about the implications of an attack aiming to undercut Russian control of the peninsula. Whereas here, the attack is treated as illegitimate and a purported new line in the sand.

I get why this is the case (though the press ought to rethink their bias in reporting it this way). After all, when our allies engage in sabotage we don’t consider it as such.

But the US is just as vulnerable to physical sabotage as cyber sabotage, as an apparently still unsolved April 16, 2013 attack on a PG&E substation in Silicon Valley demonstrated, and as the case of Crimea shows, physical sabotage can be more debilitating. We should really be cautious about what we treat as normatively acceptable.

Russia’s Sabre-Rattling: Not Just Bluster About Banks and Ukraine Unrest


Last Friday, CNBC interviewed Andrey Kostin, CEO of Russia’s second largest bank, following the EU’s decision to extend economic sanctions against Russia, ostensibly to punish Russia for hostilities against Ukraine. Kostin’s comments were combative.

“You know, we have quite a strong opinion on sanctions. Sanctions, in other words, is economic war against Russia. Economic war will definitely have and will have very negative implications on the Russian economy, but more than that it will have very negative implications on the political dialogue and on security in Europe. And who wants to live in a less secure world? I think nobody. I think it’s the wrong way to treat Russia like this. I think it will never to lead to any other consequences as to less stability and less secure Europe.” [sic]

“”You can’t treat any country like this. You know you can’t say, if you behave rightly, that’s a small [weep*] for you, if you behave wrongly, that’s a big [weep*] for you.’ That’s not a dialog, that’s a threat. … I think we should talk. I mean, politicians should talk, like business men. Business men do talk, and they are interested in working together. …”

In short, Russia feels the sanctions are warfare, and they want to deal. They’d really like the asymmetric attack on finance to stop short of terminating Russian banks’ access to SWIFT (the impact of which WaPo spells out).

But the banks’ discomfort with the sanctions and continued incursions against Ukraine aren’t the only signs of Russian belligerence. By year end, there had been forty events characterized as “close military encounters” during 2014, according to European Leadership Network, a non-partisan, nonprofit think tank. Read more

Kerry Castigates Putin For Using US Strategy of Training, Arming Rebels

So far, I have suffered no ill effects from this outdated beer.

So far, I have suffered no ill effects from this outdated beer.

Aside from the fact that the only craft beer served at the National Security Caucus session at Netroots Nation 2014 was an outdated California beer rather than a local Michigan beer, it was a session marked by interesting discussion. I received quite a bit of support during that discussion for noting that the US response to any crisis anywhere, for far too long, has been simply to ask “Which group should we arm?”. Further, I noted, as we had heard in the “Iran: Diplomacy or War?” session, there is reason for optimism among those of us who favor diplomacy over violence in the successful removal and ongoing destruction of Syria’s chemical weapons rather than the missile strikes the US had been planning and in the remaining strong possibility of a diplomatic solution to the Iran nuclear technology issue instead of a war to destroy the technology. I illustrated that point by mentioning the tragic downing of MH17 and how that demonstrated the folly of training and arming rebel groups that often veer into extremist actions that result in atrocities. That point ties to the mad push to arm Syria’s rebels with the shorter range MANPAD antiaircraft missiles even though they are less powerful than the Buk missile that took down MH17. As I noted, will Syrian “moderates” promise us never to take the MANPADS to a site where civilian aircraft are within range, and would there be any reason to believe such a promise?

In executing his Full Ginsburg yesterday, US Secretary of State John Kerry reached new heights of hypocrisy, as he went from Sunday morning talk show to talk show, proclaiming the evils of Russian actions in Ukraine. The evils for which Kerry is castigating Putin are precisely the evils that the US has been unleashing on the world in places like Iraq, Afghanistan, Yemen, Syria and beyond. From today’s New York Times:

 In presenting the most detailed case yet alleging Russia’s involvement in the Ukraine crisis, Secretary of State John Kerry said on Sunday that Russia had funneled large quantities of heavy weapons to Ukrainian separatists and trained them how to operate SA-11 antiaircraft missiles, the type of system that is believed to have been used to shoot down the Malaysian airliner over eastern Ukraine.

“We know for certain that the separatists have a proficiency that they’ve gained by training from Russians as to how to use these sophisticated SA-11 systems,” Mr. Kerry said on the CNN program “State of the Union.”

Just as when CIA Director John Brennan got his panties in a wad over al Qaeda training death squads in Syria after we had trained our own death squads to send there, Kerry is now saying that Russia choosing a group to arm and train is a horrible thing even though he has been instrumental in helping the Obama administration to do the exact same thing in other areas.

And just as the US now faces problems in its upcoming training of Iraqi troops because of the previous failures in training Iraqi troops, there is reason to believe that the atrocity of MH17 may be due in part to failed training by the Russians. From today’s Washington Post:

Meanwhile, in Kiev, the U.S. Embassy said American intelligence analysts had confirmed the authenticity of recorded conversations in which rebel leaders bragged about shooting down what they thought was a Ukrainian military transport plane moments after the Malaysian jetliner was blown apart.

So even though the separatists are good at using the missiles to blow aircraft out of the sky (the Times article notes they have downed “almost a dozen Ukrainian transport planes, reconnaissance aircraft and helicopters”), it would appear that they haven’t quite worked out that whole target verification thing and that this tragedy may not have been an intentional targeting of civilians as much as it is a training failure. But yes, the Russians own a large portion of this tragedy, as the evidence seems strong that they provided the weapon along with instructions on firing it (if not the full lesson on target verification). And their tactics in doing do were taken directly from the US playbook, all the way down to the training being an abject failure.

Minority Report on Ukraine, or What’s Venezuela Got to Do with It?

I freely admit to being the oddest of the quadruplets in the Emptywheel sensory deprivation pool, producing the quirky minority report from time to time.

Which may explain the following graphic with regard to current geopolitical tensions.

[Source: Google Trends and Google Finance]

[Source: Google Trends and Google Finance]

 As you can see, not every trending burp in the news about either Venezuela or Ukraine produced a corresponding bump in the fossil fuel market. Some trend-inducing news may have nothing at all to do with energy. It’s quite possible I may not have captured other key businesses as some of them don’t trade publicly, or are don’t trade in a manner readily captured by Google Finance.

But there are a few interesting relationships between news and price spikes, enough to make one wonder what other values may spike with increased volatility in places like Venezuela (which has the largest oil and natural gas reserves in the western hemisphere), and Ukraine (which lies between the EU and the largest natural gas deposits in the world, and the world’s eighth largest oil reserves).

Of course there’s an additional link between these two disparate countries. Both of them have already seen similar upheavals in which the U.S. played a role — Ukraine’s 2004 Orange Revolution, and the 2002 attempted coup in Venezuela.

When someone made noise about an Afghan Muslim being a key locus of the latest unrest in Ukraine, I couldn’t help but think of the Trans-Afghanistan Pipeline for natural gas which has yet to be realized, primarily for a lack of adequate political will among nation-states with a vested interest in its success.

It also made me think of news reports from this past summer when Turkmenistan, sitting on the fourth largest natural gas reserves in the world, expressed a readiness to export gas to Europe. This would cut into Russia’s sales, but not for a few years, requiring continuation of existing relationships for the next three to five years. Note the pipelines, existing and planned on the following U.S. State Department map (date unclear, believed to be post-2006).*