Saturday, May 8, 2021

It's Infrastructure, Weak

Criminal and possibly terrorist cyberattacks are landing more and more often on America's critical infrastructure systems, and after the last guy made sure those doors were left wide open, it's a wonder then that the country hasn't been forced offline by more assaults like these.


The attack hit Colonial Pipeline, which carries gasoline, diesel and jet fuel from Texas to New York and moves about 45% of all fuel consumed on the East Coast.

In a statement late Friday, Colonial Pipeline said it was "the victim of a cybersecurity attack" though the company didn't say who launched the attack or what the motives were.

"In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems," the company said.

Colonial Pipeline said it contacted federal agencies and law enforcement, as well as enlisting a third-party cybersecurity firm to help with an investigation "into the nature and scope of this incident."

The Georgia-based company transports more than 100 million gallons, or 2.5 million barrels of fuel daily, including gasoline, diesel fuel, home heating oil, jet fuel and fuels for the U.S. military through its pipeline system, according to the company's website.

The pipeline shutdown comes amid growing concerns over vulnerabilities in the country's infrastructure after several recent cyberattacks, including last year's attack at the software company SolarWinds that hit several U.S. government agencies, including the Pentagon, the Treasury Department, the State Department and the Department of Homeland Security, as reported by NPR.

The Biden administration responded to the SolarWinds attack by issuing an executive order to help the country better protect itself against cybersecurity attacks.

"The fact that this attack compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated or the systems were not well secured," said Mike Chapple, a computer science professor at Notre Dame.


"This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyberattack," he said.

Chapple notes that securing infrastructure involves different federal agencies and requires centralized leadership. "Last year, Congress authorized the creation of a national cybersecurity director within the White House, but this position remains unfilled by the Biden administration," he said
 
Part of Biden's infrastructure plan needs to be funding for and implementation of new security measures for the systems that control pipelines, sanitation systems, water works, and power plants. If those go offline for an extended period of time, we're done.

And everyone knows it.

Retribution Execution, Con't

So turns out the Trump Regime went directly after the phone records of Washington Post reporters over the Russian collusion story back in 2017 in order to smoke out the Post's national security sources.

The Trump Justice Department secretly seized the phone records of three Washington Post reporters who covered the federal investigation into ties between Russia and Donald Trump’s 2016 presidential campaign, the newspaper said Friday.

The disclosure sets up a new clash between the federal government and news organizations and advocates for press freedom, who regard the seizures of reporters’ records as incursions into constitutionally protected newsgathering activity. Similar actions have occurred only rarely over the past decade, including a seizure of phone records of Associated Press reporters and editors over a 2012 story that revealed a foiled bomb plot.

In a statement published by the newspaper, Cameron Barr, the Post’s acting executive editor, said: “We are deeply troubled by this use of government power to seek access to the communications of journalists. The Department of Justice should immediately make clear its reasons for this intrusion into the activities of reporters doing their jobs, an activity protected under the First Amendment.”

The action is presumably aimed at identifying the reporters’ sources in national security stories published in the early months of Trump’s administration, as federal investigators scrutinized whether his 2016 campaign had coordinated with the Kremlin to sway the election.

The records’ seizure was approved by Justice Department leadership last year. The reporters — Ellen Nakashima, Greg Miller and Adam Entous, who has since left the Post — were notified in letters dated May 3 that the Justice Department had obtained records for their home, work or cellphone numbers.

The records sought cover the period of April 15, 2017, to July 31, 2017, according to the newspaper. Justice Department guidelines for media leak investigations mandate that such actions are to be taken only when other avenues for obtaining the information have been exhausted, and that the affected reporters are to be notified unless it’s determined that it would impede the investigation or interfere with national security.

“While rare, the Department follows the established procedures within its media guidelines policy when seeking legal process to obtain telephone toll records and non-content email records from media members as part of a criminal investigation into the unauthorized disclosure of classified information,” department spokesman Marc Raimondi said in a statement.

“The targets of these investigations are not the news media recipients but rather those with access to the national defense information who provided it to the media and thus failed to protect it as lawfully required,” he added.

Bruce Brown, the executive director of the Reporters Committee for Freedom of the Press, said it “raises serious First Amendment concerns” for the government to obtain records of journalists’ communications.

“It is imperative that the new Justice Department leadership explain exactly when prosecutors seized these records, why it is only now notifying the Post, and on what basis the Justice Department decided to forgo the presumption of advance notification under its own guidelines when the investigation apparently involves reporting over three years in the past,” Brown said in a statement.
 
That's actually quite true,  AG Merrick Garland needs to explain whey this happened. 
 
On the other hand, we pretty much know why this happened, because Trump ordered it. We're only finding out now because making this public 3 years ago would have completely turned the press against Trump, even FOX.

So let's start there, shall we?