After Ukraine, DHS Warns Domestic Utility Companies

Feds advise utilities to pull plug on Internet after Ukraine attack

WashingtonExaminer: The Department of Homeland Security advised electric utilities Thursday that they may need to stop using the Internet altogether, after the agency found that a cyberattack that brought down Ukraine’s power grid in December could have been far more devastating than reported.

The Dec. 23 cyberattack forced U.S. regulators to place utilities on alert after unknown attackers caused thousands of Ukrainian residents to lose power for hours by installing malicious software, or malware, on utility computers. But the Department of Homeland Security said Thursday that the attack may have been directed at more than just the country’s electricity sector, suggesting the attackers were looking to cause more harm than was reported.

In response, federal investigators are recommending that U.S. utilities and other industries “take defensive measures.” To start with, they need to best practices “to minimize the risk from similar malicious cyber activity,” according to an investigative report issued Thursday by Homeland Security’s Industrial Control Systems Cyber Emergency Response Team.

But the team is also recommending more drastic action, such as keep control-system computers away from the Internet.

“Organizations should isolate [industrial control system] networks from any untrusted networks, especially the Internet,” the report says. “All unused ports should be locked down and all unused services turned off. If a defined business requirement or control function exists, only allow real-time connectivity to external networks. If one-way communication can accomplish a task, use optical separation.”

The findings show that the power outages were caused by three attacks using cyberintrusion software to attack electric power distribution companies, affecting about 225,000 customers. It also reveals that once power was restored, the utilities continued “to run under constrained operations,” implying that the damage to grid control systems was profound.

The team also learned that “three other organizations, some from other critical infrastructure sectors, were also intruded upon but did not experience operational impacts.” That suggests the attackers were going after more than just the power grid, and may have been planning a much more economy-wide attack. The team does not disclose what other sectors of the country were targeted.

The team said the attack was well-planned, “probably following extensive reconnaissance of the victim networks,” the report says. “According to company personnel, the cyberattacks at each company occurred within 30 minutes of each other and impacted multiple central and regional facilities.”

The attackers were attempting to make the damage permanent. The report says the attackers installed “KillDisk” malware onto company computers that would erase data necessary to reboot operations after a cyberattack.

There is also a mystery to the attackers’ actions.

“Each company also reported that they had been infected with BlackEnergy malware; however, we do not know whether the malware played a role in the cyberattacks,” the report says. The malware was delivered using an email embedded hacking technique known as “spear phishing” that contained a number of malicious Microsoft Office attachments.

“It is suspected that BlackEnergy may have been used as an initial access vector to acquire legitimate credentials; however, this information is still being evaluated,” the team says.

The investigation was done with Ukraine authorities and involved the FBI, Department of Energy and the North American Electric Reliability Corporation.


New research is shining a light on the ongoing evolution of the BlackEnergy malware, which has been spotted recently targeting government institutions in the Ukraine.

Security researchers at ESET and F-Secure each have dived into the malware’s evolution. BlackEnergy was first identified several years ago. Originally a DDoS Trojan, it has since morphed into “a sophisticated piece of malware with a modular architecture, making it a suitable tool for sending spam and for online bank fraud,” blogged ESET’s Robert Lipovsky.

“The targeted attacks recently discovered are proof that the Trojan is still alive and kicking in 2014,” wrote Lipovsky, a malware researcher at ESET.

ESET has nicknamed the BlackEnergy modifications first spotted at the beginning of the year ‘BlackEnergyLite’ due to the lack of a kernel-mode driver component. It also featured less support for plug-ins and a lighter overall footprint.

“The omission of the kernel mode driver may appear as a step back in terms of malware complexity: however it is a growing trend in the malware landscape nowadays,” he blogged. “The threats that were among the highest-ranked malware in terms of technical sophistication (e.g., rootkits and bootkits, such as Rustock, Olmarik/TDL4, Rovnix, and others) a few years back are no longer as common.”

The malware variants ESET has tracked in 2014 – both of BlackEnergy and of BlackEnergy Lite – have been used in targeted attacks. This was underscored by the presence of plugins meant for network discovery, remote code execution and data collection, Lipovsky noted.

“We have observed over a hundred individual victims of these campaigns during our monitoring of the botnets,” he blogged. “Approximately half of these victims are situated in Ukraine and half in Poland, and include a number of state organizations, various businesses, as well as targets which we were unable to identify. The spreading campaigns that we have observed have used either technical infection methods through exploitation of software vulnerabilities, social engineering through spear-phishing emails and decoy documents, or a combination of both.”

In a whitepaper, researchers at F-Secure noted that in the summer of 2014, the firm saw samples of BlackEnergy targeting Ukrainian government organizations for the purposes of stealing information. These samples were nicknamed BlackEnergy 3 by F-Secure and identified as the work of a group the company refers to as “Quedagh.” According to F-Secure, the group is suspected to have been involved in cyber-attacks launched against Georgia during that country’s conflict with Russia in 2008.

“The Quedagh-related customizations to the BlackEnergy malware include support for proxy servers and use of techniques to bypass User Account Control and driver signing features in 64-bit Windows systems,” according to the F-Secure whitepaper. “While monitoring BlackEnergy samples, we also uncovered a new variant used by this group. We named this new variant BlackEnergy 3.”

Only Quedagh is believed to be using BlackEnergy 3, and it is not available for sale on the open market, noted Sean Sullivan, security advisor at F-Secure.

“The name [of the group] is based on a ship taken by Captain Kidd, an infamous privateer,” he said. “It is our working theory that the group has previous crimeware experience. Its goals appear to be political but they operate like a crimeware gang. There have been several cases this year of which BlackEnergy is the latest. The trend is one of off-the-shelf malware being used in an APT [advanced persistent threat] kind of way. The tech isn’t currently worthy of being called APT, but its evolving and scaling in that direction.”

Within a month of Windows 8.1’s release, the group added support for 64-bit systems. They also used a technique to bypass the driver-signing requirement on 64-bit Windows systems.

In the case of BlackEnergy 3, the malware will only attempt to infect a system if the current user is a member of the local administration group. If not, it will re-launch itself as Administrator on Vista. This will trigger a User Account Control (UAC) prompt. However, on Windows 7 and later, the malware will look to bypass the default UAC settings.  

“The use of BlackEnergy for a politically-oriented attack is an intriguing convergence of criminal activity and espionage,” F-Secure notes in the paper. “As the kit is being used by multiple groups, it provides a greater measure of plausible deniability than is afforded by a custom-made piece of code.”

In 2014 from the Department of Interior and DHS:

Summary: Investigation of NPS-GCNP SCADA SYSTEM

Report Date: August 7, 2014

OIG investigated allegations that the Supervisory Control and Data Acquisition (SCADA) system at Grand Canyon National Park (Park) may be obsolete and prone to failure. In addition, it was alleged only one Park employee controlled the system, increasing the potential for the system to fail or become unusable.

The SCADA system is a private utilities network that monitors and controls critical infrastructure elements at the Park. Failure of the system could pose a health and safety risk to millions of Park visitors. Due to potential risks that system failure posed, we consulted with the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and asked that they assess the overall architecture and cybersecurity of the Park’s SCADA system.

ICS-CERT conducted an onsite review and issued a report outlining the weaknesses it found at the Park’s SCADA system, including obsolete hardware and software, inadequate system documentation and policies, insufficient logging and data retention. We provided a copy of ICS-CERT’s assessment report to the National Park Service for review and action.



Supreme Court Got it Right vs. Obama

This Supreme Court decision could place Obama’s Paris Climate Change Agreement in real jeopardy, and it should.

Supreme Court threatens Obama’s climate agenda

Politico: President Barack Obama will leave office next January with the fate of one of his biggest environmental achievements hanging in the balance.

The Supreme Court on Tuesday took the unusual step of blocking the Environmental Protection Agency’s landmark carbon rule for power plants, throwing into doubt whether Obama’s signature climate change initiative will survive a legal battle before the high court.

The decision to grant the stay is no guarantee the justices ultimately will strike down the rule, but the development is a bad sign for EPA’s chances, and the agency’s foes quickly cheered the news, with West Virginia Attorney General Patrick Morrisey calling it a “great victory.”

“We are thrilled that the Supreme Court realized the rule’s immediate impact and froze its implementation, protecting workers and saving countless dollars as our fight against its legality continues,” he said in a statement.

The White House vowed that the rule, known as the Clean Power Plan, will survive, saying it “is based on a strong legal and technical foundation.”

“We remain confident that we will prevail on the merits,” press secretary Josh Earnest said in a statement late Tuesday night, adding that “the administration will continue to take aggressive steps to make forward progress to reduce carbon emissions.”

“We’re disappointed the rule has been stayed, but you can’t stay climate change and you can’t stay climate action,” EPA spokeswoman Melissa Harrison said in a separate statement. “Millions of people are demanding we confront the risks posed by climate change. And we will do just that.”

The Supreme Court issued its short order putting the rule on hold at the request of states and companies that had asked the high court to intercede early — even though a lower court had already declined to do so.

The ruling was on a 5-4 vote, with Justices Ruth Bader Ginsburg, Stephen Breyer, Sonia Sotomayor and Elena Kagan — the court’s liberal wing — lining up against staying the rule.

Environmentalists quickly downplayed the stay, noting that it did not come to any conclusions about the legality of the rule itself.

“The Clean Power Plan has a firm anchor in our nation’s clean air laws and a strong scientific record, and we look forward to presenting our case on the merits in the courts,” said Vickie Patton, the Environmental Defense Fund’s general counsel.

The justices did not explain their decision, but the order indicates they believe the rule threatens imminent and irreparable harm. The states and groups challenging the rule noted that the Supreme Court last year identified a major flaw with an EPA regulation limiting mercury emissions from power plants only after that rule had started to take effect, and they urged the justices not to allow something similar to happen with the carbon rule.

The D.C. Circuit Court of Appeals has put the case on a fast track, with oral arguments scheduled for June 2. That indicates a ruling from that court in late summer or fall, and tees up a Supreme Court appeal for as early as 2017.

“The stay is a signal the Supreme Court has serious concerns with the Power Plan,” said Mike Duncan, head of the coal-supported advocacy group American Coalition for Clean Coal Electricity.

Coal-heavy utilities, mining companies and 27 states are among those suing to reverse the rule, which opponents say exceeds EPA’s authority under the Clean Air Act.

The stay may only delay implementation of the rule by two or three years if EPA eventually triumphs at the Supreme Court. But it will keep the rule on hold into the next administration, increasing the chances that it could be undone if a Republican is elected to the White House this year.

At the very least, some efforts to replace power plants’ coal with cleaner-burning natural gas and carbon-free wind and solar power are likely to be delayed. And the stay could foreshadow an eventual court decision tossing out the rule altogether, which may severely limit how far the government can go in curbing greenhouse gas emissions.

This is not the first big Obama environmental rule to be stayed during litigation. In late 2011, just two days before it was to take effect, the D.C. Circuit put a stay on EPA’s Cross-State Air Pollution Rule, which targets pollutants like nitrogen oxide and sulfur dioxide that float downwind across state lines.

The circuit later struck down the rule — but the Obama administration appealed to the Supreme Court and ultimately won the case 6-2, and the rule took effect three years after its original start date.

With the rule’s legal defense stretching into the next administration, the possibility of a Republican president casts a thick fog over the regulation’s future. All of the GOP candidates have repudiated the rule as a threat to the economy and vowed to overturn it, and a Republican president would have several avenues for kneecapping the Clean Power Plan, including simply accepting a possible circuit decision to strike down the rule without filing an appeal — a more likely outcome after Tuesday’s stay.

Environmental groups have quietly prepared for that possibility by preserving their own right to defend the rule in court.

A combination of Supreme Court rulings and scientific findings is likely to eventually compel EPA to regulate power plants’ greenhouse gas emissions in some manner, though the extent of such regulations is up in the air.

In the meantime, EPA’s foes will double down on their efforts to get the Clean Power Plan tossed out for good. Critics argue that the Clean Air Act does not allow EPA to require tools such as renewable energy mandates to control pollution, and they say the agency’s authority is limited to cutting emissions from coal plants themselves.

EPA counters that the law allows it to choose the best path forward, and that the agency should receive deference to interpret conflicting statutes that were passed by Congress and signed into law.

Coal producer Peabody Energy, represented by liberal law icon Laurence Tribe, has also raised several constitutional concerns over the Clean Power Plan, though it remains unclear whether the courts will be receptive.



Obama’s Paris Climate Agreement to Cost Trillions

Obama’s Paris Global Warming Treaty Will Cost At Least $12.1 Trillion

A.Follett/DailyCaller: The United Nations Paris agreement to stop dangerous global warming could cost $12.1 trillion over the next 25 years, according to calculations performed by environmental activists.

“The required expenditure averages about $484 billion a year over the period,” calculated Bloomberg New Energy Finance with the assistance of the environmentalist nonprofit Ceres.


That’s almost as much money the U.S. federal government spent on defense in 2015, according to 2015 spending numbers from the bipartisan Committee For Responsible Federal Budget. The required annual spending is almost 3.7 times more than the $131.57 billion China spent on its military in 2014.

Bloomberg’s estimates are likely low, as they exclude costly energy efficiency measures. The amount spent to meet global carbon dioxide emissions reduction goals could be as high as $16.5 trillion between now and 2030, when energy efficiency measures are included, according to projections from the  International Energy Agency. To put these numbers in perspective, the U.S. government is just under $19 trillion in debt and only produced $17.4 trillion in gross domestic product in 2014.

American taxpayers spend an average of $39 billion a year financially supporting solar energy, according to a report by the Taxpayer Protection Alliance. The same report shows President Barack Obama’s 2009 stimulus package contained $51 billion in spending for green energy projects, including funding for failed solar energy companies such as Solyndra and Abound Solar.

Solyndra was given a $535 million loan guarantee by the Obama administration before filing for bankruptcy in 2011. Abound Solar got a $400 million federal loan guarantee, but filed for bankruptcy in 2012 after making faulty panels that routinely caught fire.

Despite relatively high levels of taxpayer support, in 2014 solar and wind power accounted for only 0.4 and 4.4 percent of electricity generated in the U.S., respectively, according to the Energy Information Administration.

Ironically, solar and wind power have not done much to reduce America’s carbon dioxide emissions. Studies show solar power is responsible for one percent of the decline in U.S. carbon-dioxide emissions, while natural gas is responsible for almost 20 percent. For every ton of carbon dioxide cut by solar power, hydraulic fracturing for natural gas cut 13 tons.

*** Really dude?

Protect the health of American families. In 2030, it will:

  • Prevent up to 3,600 premature deaths

  • Prevent 1,700 non-fatal heart attacks

  • Prevent 90,000 asthma attacks in children

  • Prevent 300,000 missed workdays and schooldays

Boost our economy by:

  • Leading to 30 percent more renewable energy generation
    in 2030

  • Creating tens of thousands of jobs

  • Continuing to lower the costs of renewable energy

Save the average American family:

  • Nearly $85 a year on their energy bills in 2030

  • Save enough energy to power 30 million homes
    in 2030

  • Save consumers $155 billion from 2020-2030

*** Climate Action Plan

Explore the infographic to learn about the progress we’re making to combat climate change, and read President Obama’s full Climate Action Plan here.


Obama Greased the System for Big Lobby/Money

Government Drags Us Back in Time – Because Cronies and Ideology Tell It To

Motley/RS: Government by ideological fantasy – at the expense of actual facts – is a terrible idea. So too is government of, by and for the donors. Far too often government regulators and bureaucrats ignore Reality – to tilt at ideological windmills. And WAY too often government becomes one giant stenographer for contributors – writing laws and regulations to accommodate their check-cutters’ every whim and wildest dream.

Thus does equal protection before the law – become special treatment for Friends of Government (FOG, if you will). Donors and dumb ideas are favored – at inordinate expense to the rest of us.

To wit: “green” “energy” (wind, solar, hydro, geothermal, ethanol) is neither green nor energy. It’s far worse for the environment than traditional energy sources – that actually produce, you know, affordable energy. Governments here and all around the world have spent hundreds of billions of dollars on this phony energy. It’s been a titanic failure – for decades.

Why has government continued to throw this copious coin out the window – to keep us locked into an uber-failed yesterday? Because their ideological fantasies trump Reality. Why else? Because donors get government money at dollars-on-the-pennies they donated. To wit: President Barack Obama and his Democrats threw $80 billion more at the fake “green energy” industry in the 2009 “Stimulus.” 80% of that money – went to Obama donors.

The more government gets involved – the less the private sector can advance. The more rapidly a sector is advancing – the bigger an impediment government is. Likely no sector is advancing more quickly than the Tech sector. Enter government.

The Obama Administration’s Federal Communications Commission (FCC) has already done egregious damage there. To appease their ridiculous fantasies – and huge donors. About a year ago the Commission’s three unelected Democrat bureaucrats decided to go all the way back in time to1934 landline telephone law – and unilaterally impose it on the Internet. Behold Internet Reclassification – so as to impose the ridiculous Network Neutrality.

The Obama Administration did it – because donors asked for it. Donors like Google. No one did more to get President Obama elected and reelected – than Google. Just about no company swapped staff with the Obama Administration at such prodigious numbers – than did Google.

And after Google greased the skids for Obama – Obama greased the skids for Google. Google spent nearly the entirety of the 2000s trying and failing to get Net Neutrality passed in Congress. Because it is government forcing Internet Service Providers (ISPs) to give uber-bandwidth-hogs like Google – unlimited free bandwidth. We the People didn’t want it – Congress couldn’t pass it. So Obama just issued a fiat – and gave it to them.

But the problem with buying support – is that the “supporters” rarely stay bought. Google is now channeling West Wing President Josiah Bartlet – “What’s next?” And most unfortunately, President Obama’s government stenographers have many, many responses to that request.

Here’s one: FCC Chairman Tom Wheeler has penned a defense of the next backwards-looking power grab – huge new backdoor mandates via television set-top-boxes. Which they have attempted to obfuscate – as a deregulation of set-top-boxes.

Set-top-boxes are the devices we lease from cable companies – to watch their television packages. Which we are doing to a lesser and lesser degree – as the marketplace has already created myriad ways for us to “cut the cord.” Meaning give up cable television – and the set-top-boxes – altogether.

The future (and increasingly the present) of television – isn’t boxes. It’s apps (and alternate hardware like Apple TV and Amazon Firestick). Netflix, Amazon Prime, Roku, Hulu and a host of other companies deliver you (via their apps) unlimited streaming TV and movie content – using only an Internet connection. No cable TV subscription required. And unlike programmed TV, you can watch whenever you want, wherever you want. So more and more people are cutting their cords.

Meanwhile, the government is yet again stuck in the past. The FCC is dubiously invoking a twenty-year-old law (and seriously, how unbelievably different was how we watched TV twenty-years ago?) – to “open” to competitors the collapsing set-top-box market. This is a terrible idea for a number of reasons.

It is just stupid from an evolutionary standpoint. This is like the government issuing mandates to “open” the horse-buggy industry – as Model T Fords are rolling with ever increasing frequency into our driveways and hearts. If you’re “helping” prop up yesterday’s technology – you aren’t helping.

This mandate forces cable companies to spend a LOT of money totally reconfiguring their networks – to accommodate the new boxes. A new configuration for each new box, most likely – because each box will most likely connect uniquely to each network. And cable companies have a LOT of proprietary information and content to protect – so they will have to spend EVEN MORE time and money reconfiguring so as to ensure its protection. For which we will inexorably pay in higher fees – on TV, and the other services cable companies provide (like Internet). All to make room for more devices – of which people want less.

And you will be trading the box lease – for the box purchase. Which requires more coin upfront. And unlike with the lease, when the next upgraded model comes out – you won’t get it for free. You will pay all over again. And given the rapid technological advancement – how often will that purchase have to happen again, and again, and…?

Think how quick is the smart phone tech turnover (which is a MUCH more intensive product). Where you just purchased the “latest” Google Android – only to almost immediately watch Google roll out the next Android. Does Google give you that next version for free? Of course not. Google won’t give you their latest set-top-box either.

Wait – Google wants to get into the going-out-of-business set-top-box business? You bet they do. So the Obama Administration is prepping to issue yet another fiat – to make Google’s wishes come true. Again.

Crony-infested and ideologically-blinded is no way to go through life, Son. It is also absolutely no way to run a government.

Hillary, Bernie, Donald, Ted, Congress, What Say You? $$$$

Gov’t report: Budget deficit to rise to $544B this year

WASHINGTON (AP) – A government report released Tuesday estimates that this year’s budget deficit will rise to $544 billion, an increase over prior estimates that can be attributed largely to tax cuts and spending increases passed by Congress last month. The deficit and debt picture over the long-term has also worsened considerably.

The estimate from the Congressional Budget Office also sees the economy growing at a slower pace this year than it predicted just a few months ago. It projects the economic growth will slow to 2.7 percent this year; it foresaw 3.0 percent growth in 2016 in last summer’s prediction.

Over the coming decade, CBO predicts deficits totaling $9.4 trillion. That’s up $1.5 trillion from its August estimate, with much of the increase mostly due to last month’s tax legislation, which permanently extended several tax cuts that Congress had typically renewed temporarily. But slower economic growth in coming years and increased spending on veterans benefits and health care for the poor are other major factors.

Last year’s deficit registered $439 billion, the lowest of President Barack Obama’s term in office.

The deficit increase to $544 billion is due to several factors, CBO said, particularly the retroactive extension of tax cuts that had expired at the beginning of last year and additional spending for the Pentagon and domestic agencies that’s a result of last year’s budget deal. A timing shift of large payments is also at work. The current budget year ends Sept. 30.

The deficit issue has largely fallen in prominence in Washington in recent years, due in large part to its fall from record highs and a sense of resignation that Obama and congressional Republicans simply can’t agree on ways to cut it after some failed attempts in recent years. At 2.9 percent of the size of the economy, most economists don’t believe the deficit is very worrisome in the short term.

But the picture over the long run is more dire, CBO says in its report. As deficits rise over the decade and the national debt grows, interest rates are likely to be forced up, economic growth could slow, and policymakers may have no choice but to raise taxes and cut spending more sharply than if they acted now.

Deficits would rise to about 5 percent of gross domestic product within 10 years, CBO expects, and the resulting debt could cause big economic problems.

“Such high and rising debt would have serious negative consequences for the nation,” CBO said.

The CBO study could actually underestimate the deficit picture for the future. The agency’s rules require that it assumes Congress sticks to current policies. But lawmakers in recent years haven’t demonstrated they can stay within tight “caps” on spending for day-to-day agency operations and there are still expiring tax cuts that Washington is likely to renew. And CBO’s estimates assume that the economy won’t lapse into recession but will grow by at least 2 percent each year through 2020. The agency sees unemployment dropping to 4.5 percent by next fall.

The report hits as Republicans controlling Congress are girding for this spring’s debate on the budget. Last year, Republicans adopted a nonbinding budget blueprint that promised a budget surplus by 2024 through eliminating the Affordable Care Act and sharp spending cuts. But they did nothing to actually implement that budget plan other than trying to partially repeal so-called Obamacare through a unique type of legislation that can’t be filibustered by Senate Democrats. Obama vetoed the measure.
[3:41:16 PM] The Denise Simon Experience: Last week, House Speaker Paul Ryan, R-Wis. – who’s promised to use the congressional agenda to draw an election-year case for awarding Republicans the presidency after eight years of Democratic control – said efforts to tangibly cut spending won’t be part of that agenda. He said the House will pass another nonbinding budget but won’t seek to deliver real, binding spending legislation to the president.

“Clearly that’s going to take a Republican president because this president has continued to kick the can down the road and I see no change in his behavior,” Ryan told reporters last week.

Lawmakers and groups concerned about the government’s budget problems responded Tuesday with familiar calls for action.

“Our nation has a choice to make. We can stay the course and watch CBO’s projections of slow growth and a rising mountain of debt become a reality,” said House Budget Committee Chairman Tom Price, R-Ga. “Or, we can take positive actions and implement policies that will heal our economy, promote greater growth and job creation for more Americans, and put our nation’s fiscal house in order.”