3 minutes ago
This war will likely clean some old electronics providers from the market. You are either very good at security (and that does not mean "airgap" all the things- if your plc needs a special laptop to connect to, the malware just needs to go for those laptops) or you are out of buisness in regions under threat permanently.
11 hours ago
If you're looking for what the damage was, it failed.
Potential damage: "Most notable was one [attack] in Ukraine in December 2015. It left roughly 230,000 people without electricity for about six hours during one of the coldest months of the year."
8 hours ago
My first pass through the title was "Those windshield wipers shouldn't need to be internet-connected."
Thankfully, the article did clear that up, but the fact that my brain didn't even think, "that's a stupid idea that no one would buy that" is a bit depressing.
an hour ago
But then how would you alert people that their wiper blades are wearing down, and automatically ship them new ones?
43 minutes ago
Well, obviously, your car can count cycles on the electromotor moving the wipers. Then you apply statistical wear and tear, maybe even geofenced, and your car orders new wipers. Same with tires. Simple as pie ;)
BTW, I would have zero interest in that feature.
2 hours ago
Poland has a high alertness status for like 5 years now. So there was time to be prepared.
4 hours ago
The Jaguar hack cost the UK $2.5Bn and dropped production to levels you'd normally only see during open warfare. Recovery took many months, and the financial damage persists today.
We still operate with a primitive homunculi where a gunshot is considered aggressive, but sabotaging infrastructure that can kill hundreds from cold is being waved at.
13 minutes ago
But hey, at least they saved a few million a year in developer salaries by offshoring
5 hours ago
Curious to how these attacks work logistically. I assume these networks are air-gapped?
4 minutes ago
Another source says:
> It "involved an attempt to disrupt communication between generating installations and grid operators across a large area of Poland".
I doubt we will have all details, but I suspect this kind of communication occurred over the Internet (hopefully, at least a VPN).
Also, even completely airgapped networks are not 100% secure, if you can install a device or convince someone to do it by accident (social engineering).
11 hours ago
For what purpose? Cui bono?
11 hours ago
Poland is a major logistical hub for everything going towards Ukraine. Thus targeting basic infrastructure like energy grid or railroad have to be expected.
On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
8 hours ago
> On the bright side, using these weapon grade malware is burning exploits and also showing current state and techniques of Russian cyberwarfare which defender can learn a lot from.
Or perhaps they used an already-known malware to measure defensive capabilities without showing any of their cards.
21 minutes ago
Cyber-defensive measures aren't very useful though. Once malware is known to exist, you don't "reveal a capability" by detecting it - it all boils down to basically signature analysis, or just good standard practice (air gaps, software supply chain accountability etc).
This is vastly different to real world military systems, where there are a lot more variables and no guarantees - i.e. countries have limited numbers of air defense systems and missiles, the missiles have finite non-zero flight times, the physics of detection systems and sensors are not absolute etc.
The real world is just more complicated, so the value of buzzing someone's airspace reveals a lot more information then "huh, guess they didn't click on that email".
3 hours ago
You'd think it would've been done during the summer or some other time when that wouldn't matter then.
3 hours ago
No, of course not. They want to also measure response in the physical aspects (like electricians thot would have to drive some time to arrive on site). They're testing end-to-end, so to say. There's no testing like testing in production.
3 hours ago
While there's some overlap in methodologies and back-and-forth with various escalations, so-called malware is distinct from software exploits. Malware can be delivered without an exploit and quite often is. Social engineering is highly effective.
4 hours ago
Interesting that Russia still hasn't targeted the bridges going into Ukraine from Poland for some reason.
an hour ago
There were cases of railway sabotage.
4 hours ago
What bridges?
11 hours ago
Russia is at war with Europe.
11 hours ago
before anyone jumps on the pedantry bandwagon, its worth noting that even though open war hasn’t been called: the attacks on infrastructure especially cyber warfare is extremely active and, crucially, direct.
It is totally fair to say that in a digital context, Russia is absolutely at war with Europe.
As far as I can tell, they don’t even try to hide it.
an hour ago
Europe is the main supplier of weapons to Ukraine which is in actual war with Russia. Of course Russia is at war with Europe, the only reason bombs are not falling in Poland and Germany is that Russia wouldn’t have the capability to defend itself against retaliation. Do people really believe their countries can openly take sides in a war and not be targeted??
20 minutes ago
This has been going on from well before the Ukraine war. It has just intensified. The real question is: should the affected states develop some counter-capability to deter this opportunistic behaviour?
10 hours ago
Not to mention the information war they have been waging globally since 2016
9 hours ago
True, but they’ve certainly been doing it much longer than ten years. I’ll never forget this headline [0] that struck me as purely devilish, especially in the lead up to the 2016 presidential election. Combine that with the knowledge that Trump has been anti-NATO since the 1980s [1]. Who knows how long Russia has been nudging him along. Who knows how many avenues they traverse? Take for example the letter to Senator Tom Cotton about Greenland [2]. What an embarrassment. I can only hope we are equally successful in our own PsyOps.
[0] https://www.rt.com/news/265399-putin-nato-europe-ukraine-ita...
[1] https://www.buzzfeednews.com/article/ilanbenmeir/that-time-t...
6 hours ago
You don’t remember Trump Moscow? Ivanka? Trump and Russian connections go all the way back to Epstein’s early days.
3 hours ago
9 hours ago
Some could say that in the cyber realm, they are not petty, ya! Well, or something like that.
Eversince notpetya and the colonial pipeline hack, the cyber strategy game changed a lot. Notpetya was genius as a deployment, because they abused the country's tax software deployment pipeline to cripple all (and I mean all, beyond 99%) businesses in one surgical strike.
The same is gonna happen to other tax software providers, because the DATEV AG and similar companies are pretty much the definition of digital incompetence wherever you look.
I could name other takedowns but the list would continue beyond a reasonable comment, especially with vendors like Hercules and Prophete that are now insolvent because they never prioritized cyber security at all, got hacked, didn't have backups, and ran out of money due to production plant costs.
7 hours ago
The cold war never ended
5 hours ago
...for Putin
10 hours ago
Europe has sanctioned Russia, frozen hundreds of billions of its assets (threatening to seize them), cut diplomatic relationships and even direct travel. It's arming Russia's adversary and providing it with logistic and intelligence support. It keeps repeating that its goal is to see Russia defeated in war. Then it's a bit rich to complain that "Russia is at war with Europe". Seems to me that it's Europe that has decided to go to war against Russia in all except with boots on the ground.
9 hours ago
They started this long ago, with the first invasion of Ukraine in 2014 and a series of poisoning attacks all the way back to https://en.wikipedia.org/wiki/Poisoning_of_Alexander_Litvine...
9 hours ago
You're conveniently omitting these all happened in response to the full scale Russian invasion of Ukraine.
But thanks for proving the point about Russia's disinformation war.
4 hours ago
Funny that I got three replies all stating the same thing, that Russia is the aggressor and has invaded Ukraine. Of course it is so, and then? Russia invaded Ukraine, not the EU. It's the EU that has decided to get involved in the war by supporting Ukraine.
34 minutes ago
Chamberlain decided not to join the war, look what that resulted in.
2 hours ago
Did you actually read all the posts pointing this and all the _other_ aggressive actions Russia is taking against the EU?
Regardless, Russia is a bully and sticking your head in the sand won't make them go away.
an hour ago
Can you think of why Russia may be taking those aggressive actions? Was the EU and the USA friendly towards Russia or you truly believe aggression was one sided?? Just one example: NATO has always been Europe’s defense against Russia, no one else was seen as the enemy until China became powerful enough to, which apparently cannot be tolerated. Russia was always wary of NATO including more countries and that was always a big reason for the difficulties in normalizing relations with the West. Yet the West made absolutely no attempt to calm the Russians down and for some reason announced in 2008 plans to expand to Georgia and Ukraine, despite even Western experts warning about that being utterly provocative. You know the result of that, but still consider there was no provocation at all , Russia just behaves like an arse for no reason , right?
30 minutes ago
Sort of.
It’s not a secret that Ukraine is vital for the ground defence of Russia, but the Ukrainian people are pro-EU, and not from propaganda. You might well remember that their government was essentially a puppet for Russia until they were ousted. So if Ukraine is radicalised it is odd to think that its because of European propaganda- more likely they got tired of their masters.
I fully accept that Putin thinks of NATO as a threat to Russia, and NATO is at the door.
Its also entirely true that the border countries (Estonia for example) have major anxiety regarding a Russian invasion, and actively seek NATO membership to avoid that.
However, flying aircraft into sovereign territory (as Russia often did and continues to do to Sweden) is not the behaviour of a threatened country, they are the ones making the threats, constantly testing.
Their expansions into territory under the guise of “going where there are native Russians” will necessarily conclude with border regions being even more hostile to any native Russians wanting to settle. Again, in Estonia, the city of Narva is almost entirely native Russian; but they don’t want to be under Putin. Putins actions make Estonians wary of this fact and makes the Estonian government wish to integrate these people more instead of letting them live their lives.
In the Ukraine this was true too, thats why there was such a push to get people speaking Ukrainian, but Putin saw that his claim to the territory gets weaker over time and decided to invade.
If you understand the incentives of all involved, it is plain to see that Putin is the architect of his own misery here.
31 minutes ago
Does NATO actually threaten Russia?
It threatens mobsters racket profits, but it will not start any actual fight.
9 hours ago
This completely ignores that: 1. Russia was the aggressor in Ukraine, 2. Putin has made clear his desire to pursue expansionist goals through military action targeting prior members of the Soviet Union, 3. Putin regular threatens nuclear war with Ukraine, 4. Russia has shown outward hostility towards Western democracies and sought to manipulate elections with information warfare to reach their goals (most notably, 2016 US Election and Brexit), 5. Russian regularly cuts cables connecting countries, and 6. Though completely unrelated, Putin has a history of assassinating political opponents. That's wolfish behavior if I've ever seen it.
10 hours ago
What I am starting to appreciate about these digital infrastructure attacks is that they may be reversible and or temporary. It can be a nice feature.
9 hours ago
Then you're missing the point.
If they succeed they may well not be reversible. The question is if this had succeeded would we have shrugged it off again or responded appropriately?
8 hours ago
Can you give some examples of? I can imagine that under the right circumstances you might succeed in blowing up some transformers or even a turbine, but it seems like you’d be up to speed within a month or two on the outside? Or am I missing the gravity somehow?
8 hours ago
Pardon? A month or two without power does not seem like an enormous crisis?
Stuxnet destroyed centrifuges. It does not seem impossible that a sophisticated attack could shred some critical equipment. During the Texas 2021 outage -they were incredibly close to losing the entire grid and being in a blackstart scenario. Estimates were that it could take weeks to bring back power - all this without any physical equipment destroyed or malicious code within the network.
Edit: Had to look it up, the Texas outage was "only" two weeks and scattershot in where it hit. The death toll is estimated at 246-702.
4 hours ago
> Or am I missing the gravity somehow?
Yes, there is the risk of cascading failures, some industrial processes are very hard to re-start once interrupted (or even impossible) and the lead time on 'some transformers' can be a year or more. These are nothing like the kind that you can buy at the corner hardware store. A couple of hundred tons or so for the really large ones.
Grid infra is quite expensive, hard to replace and has very long lead times.
The very worst you could do is induce oscillations.
18 minutes ago
Consider that if a cyberattack could destroy a major power grid transformer, for a marginal cost approaching zero, versus the low-end US$10 million a Kinzal ballistic missile would cost to do the same thing (presuming you only need 1 which is...unlikely), that that might be a significant military capability.
5 hours ago
I've seen less-than-credible software in an ATM and in a "ring up your own groceries" station. No idea who's behind it or who would care, though.
7 hours ago
Transformers and turbines of any significance are not off the shelf parts and can have lead times of years
6 hours ago
> Transformers and turbines of any significance are not off the shelf parts and can have lead times of years
Bloomberg had a decent article[0] about transformers and their lead time. They're currently a bottleneck on building. It wasn't paywalled for me.
"The Covid-19 pandemic strained many supply chains, and most have recovered by now. The supply chain for transformers started experiencing troubles earlier — and it’s only worsened since. Instead of taking a few months to a year, the lead time for large transformer delivery is now three to five years. " [0]
[0] https://www.bloomberg.com/features/2025-bottlenecks-transfor...
7 hours ago
How do they not have backups??
6 hours ago
Enough for the entire grid? There are some amount of reserves on hand (eg drunk runs into a telephone pole), but nothing that could replace a targeted attack with the explicit goal of taking out the most vital infrastructure.
4 hours ago
And those pole mounted transformers are tiny. The big ones require special transports and can weigh a few hundred tons. Some are so large they are best transported via boat if possible.
6 hours ago
It's middle of winter, and it gets pretty danged cold. Being without power in such weather might well end up being deadly, even with short durations.
9 hours ago
I wasn't commenting on any particular case. I was stating that flipping a switch is less costly to reverse than blowing up a dam.
9 hours ago
These attacks are not at the level of 'flipping a switch'. If they succeed they can destabilize the grid and that has the potential to destroy gear, and while not as costly as blowing up a dam it can still be quite costly.
9 hours ago
During WW2 both germany and the UK as example were carpet bombed to assail industry, does that help you to understand my position better?
Vietnam too.
9 hours ago
Not really.
If you succeed in attacking the grid, you achieve the same widespread industry impact, without the cost of the munitions.
It can take decades to recover from a cyber attack like this, if it succeeds.
8 hours ago
Again, not endoring any specific case just endorsing SPECIFICITY, COST, and "Collaterals".
8 hours ago
I was not speaking to just one case. Today's incident, is _the norm_.
These attacks are widespread, damaging, and the repercussions are felt for decades in their wake. We _are_ being carpet bombed, and the costs for the victims are ongoing and growing. The collateral damage is everywhere.
Do you really think there's no impact?
> Cyber units from at least one nation state routinely try to explore and exploit Australia’s critical infrastructure networks, almost certainly mapping systems so they can lay down malware or maintain access in the future.
> We recently discovered one of those units targeting critical networks in the United States. ASIO worked closely with our American counterpart to evict the hackers and shut down their global accesses, including nodes here in Australia.
> https://www.intelligence.gov.au/news/asio-annual-threat-asse...
3 hours ago
Deaths resulting from such attack are not reversible.
32 minutes ago
It is not, because Europe is not a political entity. Russia is at war with some European countries.
10 hours ago
Does Europe overall feel and act like that’s the case though?
It seems as if the European war has been pushed to the background recently, and most people kind of forgot about it. If you walk down the streets of Paris or Berlin does it look like it’s wartime, do people talk about it much, do they share the latest front news and so on?
9 hours ago
>If you walk down the streets of Paris or Berlin does it look like it’s wartime,
Like what exactly would you want them to do? Run around screaming all day because there's a war in another country 2000 km away from them?
No, people just go on with their lives, doing their jobs, taking care of family and friends, paying their taxes, so that specialized workers in the ministry of defence can take care of the war stuff for them. That's how modern society works.
It's even similar in Kiev, when you walk down the streets you see people living their lives. Gyms, bars, cafes, clubs are full and lively. People don't stop living and enjoying their daily lives just because there's shelling somewhere else in the country.
6 hours ago
> It's even similar in Kiev, when you walk down the streets you see people living their lives. Gyms, bars, cafes, clubs are full and lively. People don't stop living and enjoying their daily lives just because there's shelling somewhere else in the country.
While it's true to a certain degree, you make it sound like Kyiv residents are having a grand old time right now. But in reality, the majority are trying very hard to keep from freezing to death as Russian attacks targeting their power and heating infrastructure have destroyed much of it.
8 hours ago
Kyiv.
And "enjoying their daily lives" diminishes real tragedies of Ukrainians' daily lives.
8 hours ago
I beg to differ. Calling going out to a gym, cafe, club or a bar during wartime, as anything other than enjoying life, diminishes the real tragedy of those who are fighting on the front line and don't enjoy such leisure activities. Some people are fortunate enough that they can still get to enjoy life even if their country is in a war, as just like in every war ever, not everyone is affected equally.
2 hours ago
Berlin recently had a blackdown caused by domestic terrorists.
6 hours ago
Thankfully we'll magically stop being at war with Russia once Ukraine gives up :P
3 hours ago
Haha yep :P
Next is Moldova.
Then Latvia and Lithuania.
Then Estonia and Northern Finland/Norway.
Then Romania and Bulgaria.
Putin has already said many times that he intends to rebuild the Russian empire to its zenith.
9 hours ago
have you seen the competence in those who manage the infrastructure? i'd say i would need significant proof before assuming anything. And IF russia is doing it, I would still say that we should put 99% blame on the absolute incompetents running the infrastructure, 1% russia.
9 hours ago
If you did then you'd be extremely gullible.
9 hours ago
That seems like just victim blaming - "she was asking for it with the clothes she was wearing".
7 hours ago
Software with vulnerabilities was defectively written.
If someone makes tanks with paper for armour, because it cuts costs, they are to blame if those tanks catch fire.
4 hours ago
A tank is designed for war. Infrastructure is designed to serve some other utility. Claiming it should also be hardened against (cyber) war is acknowledging that there is an aggressor performing an attack of war, not that the infrastructure is failing the utility it was designed for.
It's fine to have this view that software should be defect free and hardened against sophisticated nation-state attackers, but it stretches the meaning of "defect" to me. A defect would be serving to fulfill that utility it had been designed for, not succumbing to malicious attackers.
an hour ago
Poland is frequently listed by Putin and his crew as one of Russia’s greatest enemies.
9 hours ago
Russia is currently focused at striking Ukrainian energy assets. Ukraine get energy imports from EU through Hungary and Poland. Hampering energy supply from Poland would but a huge strain on the already struggling Ukrainian network.
11 hours ago
The most obvious answer is Russia(or one of their allies like China or Iran) did it because Poland is supporting Ukraine in the war (directly, and also indirectly by letting stuff from other countries be staged and move through Poland).
3 hours ago
That would be the most obvious answer, but Russia wants to keep Poland off-balance over the next 2 decades so that they won't intervene as Russia captures its neighbors. You'll see a lot more sabotage in France if Europe agrees to a new nuclear defense pact.
5 hours ago
Hybrid war on Europe.
2 hours ago
Will this be the time that EU grows a spine and comes together to oppose Russia?
Naaa, better continue to have Germany and France continue to destroy the Union by looking only at their self interests while they pretend to talk tough on Trump and sabotage any real internal changes so that they can keep their crumbs.
Just this week, France’s meddling halted a deal that was 30 years in the making: Mercosul while their president, in all his virtue signaling went on Davos to pretend to have the moral upper hand on the USA.
We’re a union of hypocrites. And France and Germany are the worst of them.
an hour ago
Yes, but how could that be solved? To solve this issue you'd have to significantly reduce the sovereignty of the EU member states, which some, especially Poland will oppose fiercely. But on the other had, without some coherent cooperation and responses, Europe will be chewed up country at a time by Russia, and maybe in the future by China.
22 minutes ago
https://eur-lex.europa.eu/EN/legal-content/glossary/mutual-d...
Any actual EU members are in principle protected by this, even if they aren't NATO members. Whether or not EU countries being in NATO diminishes their ability to act without US consent is debatable and I lean towards saying NATO's joint command essentially sets article 42 cooperation up to fail.
That's the difference between Ukraine and the other countries on Putin's list though: Ukraine wasn't in the EU or NATO, and for all intents and purposes had no allies.
8 minutes ago
Things like that don't protect countries. If a real threat arises, if there is no unified force, under the command of one central organ, they won't cooperate, it will always be inferior to the force that does have a single unified command center, like Russia for example or China. NATO or the EU cannot command, say Poland or Germany where to put their forces and what to do with them, but Russia and China can do that with their own. Although their military potential is on par (I mean NATO and Russia) My point is, although on paper NATO is great, it's still fragmented, and to some extent relies on who is in power politically, for example the tomorrow's president of an X country can say "Oh, we will leave NATO yata yata"
10 hours ago
With all the other crazy world-destroying us bullshit, is this also you? 50% you, 50% russia. It's an new gameshow, is it Russian or us?
4 hours ago
Assuming that Ukraine cyber attacks (novel/0-day) on the Russian energy grid must be happening, I don't often hear of this happening there.
Why not?? Is Russia's grid infrastructure so old as to not be as vulnerable?