Geo Political Risk

[GTM 3442]

Power networks are usually attacked via network infiltration rather than a raw DDoS attack. Conceivably if some component of the power network was internet facing (I'm struggling to think of an example though) a DDoS could result in an outage, but I think this is extremely unlikely especially when coupled with the lack of any publicly reported incidents of mass outages.

Yes, well I thought it didn't make a lot of sense either, given the lack of reporting around "major power outages", but there it was, in black and white.

I still think that the actual "target" was the response.

[Davexl]

Example of the impact of geopolitical tensions on commercial transactions in Aust...

Beverages group Lion abandons $600 million China dairy sale

https://www.theage.com.au/business/c...25-p55p1p.html


Following on from the above:

China warns of 'shadow' over ties with Australia, tells it to stop whining

https://www.reuters.com/article/us-c...-idUSKBN25M0MH

[Davexl]

China flexes at US in four seas show of force


China conducts near-simultaneous massive naval drills for first time in a tit-for-tat response to perceived US provocations

by Richard Javad Heydarian

https://asiatimes.com/2020/08/china-...show-of-force/

[Davexl]

South Korea's predicament:

Moon risks U.S. rift with China policy, top South Korean opposition lawmaker says

https://www.japantimes.co.jp/news/20...lawmaker-says/

(Remember to delete your cookies & refresh if necessary)

Excerpt:

South Korea is caught between maintaining strong ties with China — its biggest trading partner — and the U.S., its main military ally and a key market for the exports that power its economy. The pressure has only picked up as the U.S. has sought help to block China’s push into regional waters and Moon’s progressives have been criticized for keeping silent about Beijing’s moves seen as suppressing democracy in Hong Kong.

[Davexl]

China’s expansionism enters dangerous phase

https://www.japantimes.co.jp/opinion...-expansionism/

(Remember to delete your cookies & refresh if necessary)


Longtime Japan Times contributor Brahma Chellaney is a geostrategist and the author of nine books,
including the award-winning “Water: Asia’s New Battleground.”

Excerpt:

"Recently, Chinese state media suddenly discovered that Tajikistan’s Pamir Mountains historically “belong to China.” Earlier in May, the state-run media claimed that Mount Everest, the world’s tallest peak on the Nepal-Tibet border that symbolizes Nepalese sovereignty, was wholly in China."

[Cyclical]

Despite our geographic isolation and relative neutral political position, we are a key member of the five eyes network and have recently criticised the actions of specific countries, which makes the country a target for international actors. Attribution is however always difficult.

This could be regarded as a clear warning shot across our collective bow, or it could be a warm up exercise. Denying access to the NZX on an ongoing basis would be severely detrimental to the country.

Personally, I suspect that the NZX is incidental, and that the real point of the exercise is to examine the speed, quality, and effectiveness of the response.

I think you guys might be on track tbh. I have a sneaking suspicion this little episode we're going through is just a probing exercise while at the same time a little reminder. Having a crack at the NZX gets noticed by enough people and it is a piece of NZ's infrastructure that should have a certain amount of controls in place to help mitigate against this to an extent. Potentially Spark could have better controls at the front gate too that could use automation to block this stuff closer to real time, but it would be a dangerous trade off between having a fairly open Internet here versus a great firewall of China approach, and it probably lies outside of Spark's mandate currently. But this attack my have implications on that front and we may find some moves by the government to strengthen their powers on the control of our global Internet gateways (cue the civil libertarians).

[Cyclical]

Power networks are usually attacked via network infiltration rather than a raw DDoS attack. Conceivably if some component of the power network was internet facing (I'm struggling to think of an example though) a DDoS could result in an outage, but I think this is extremely unlikely especially when coupled with the lack of any publicly reported incidents of mass outages.

With IOT, convergence of what was traditionally the instrument and electrical realm with the IT realm, the need for remote access via the Internet for this that and everything else, particularly for provisioning of new globally sourced equipment sans the overseas specialists in a travel constrained world atm, I'm afraid there are heaps of back doors just waiting to be exploited.

[Davexl]

With IOT, convergence of what was traditionally the instrument and electrical realm with the IT realm, the need for remote access via the Internet for this that and everything else, particularly for provisioning of new globally sourced equipment sans the overseas specialists in a travel constrained world atm, I'm afraid there are heaps of back doors just waiting to be exploited.

Yes, I find it very concerning that in the fast developing IOT world, there is a lack of standardisation of security and firmware / software updating requirements able to be mandated for the end-point devices / sensors on the network. With 5G enabling IOT on the network, this standardising of protocols is extremely urgent, and is an example of where China & the US need to cooperate to ensure unified standards regimes. Typically this work would be carried out by the Internet Engineering Task Force (IETF) as for other TCP/IP protocols.

[Cyclical]

Yes, I find it very concerning that in the fast developing IOT world, there is a lack of standardisation of security and firmware / software updating requirements able to be mandated for the end-point devices / sensors on the network. With 5G enabling IOT on the network, this standardising of protocols is extremely urgent, and is an example of where China & the US need to cooperate to ensure unified standards regimes. Typically this work would be carried out by the Internet Engineering Task Force (IETF) as for other TCP/IP protocols.

Thing is, you can put all sorts of controls in place, and then no sooner your back is turned, someone who just doesn't understand the risks has tethered their laptop off their mobile and run up TeamViewer or the likes while patched into a process control network, thereby circumventing all your hard work. I'm really not sure what the answer is.

[Zaphod]

With IOT, convergence of what was traditionally the instrument and electrical realm with the IT realm, the need for remote access via the Internet for this that and everything else, particularly for provisioning of new globally sourced equipment sans the overseas specialists in a travel constrained world atm, I'm afraid there are heaps of back doors just waiting to be exploited.

Agreed - My point is that there's no evidence that this attack resulted in or was brought about by the compromisation of the NZX core network, as others have eluded to.

Yes, I find it very concerning that in the fast developing IOT world, there is a lack of standardisation of security and firmware / software updating requirements able to be mandated for the end-point devices / sensors on the network. With 5G enabling IOT on the network, this standardising of protocols is extremely urgent, and is an example of where China & the US need to cooperate to ensure unified standards regimes. Typically this work would be carried out by the Internet Engineering Task Force (IETF) as for other TCP/IP protocols.

Yes, this is a huge & very quickly emerging issue with some very significant issues surrounding national security. The public for the most part don't understand (who would want to compromise my fridge anyway?) and don't care (I don't want to pay more for my devices, or it's not my problem). It will certainly require an international multipronged approach to solve. The current geopolitical troubles with the chief manufacturer of these devices, may actually help this situation in some respects.