Power Outages – An attack on our Critical National Infrastructure?

Power Outages – An attack on our Critical National Infrastructure?

Power Outages – An attack on our Critical National Infrastructure?

****Updated 1855 hrs***** -Additional Assessment at the end.

****Further Updated 10 Aug 0845*****

What I am writing is purely speculative, it is one theory and will be described by some as a bit wacky, I have no problems with that because I hope it is, but it is an informed theory, informed by years of analysis and training that gut feeling. It has been informed by watching for unusual patterns and if they happen look for the most suspicious whilst hoping for the simple in explanations.

Listing only a few recent events we have had unexpected drone interference at Gatwick in December closing the airport for 36 hours, an unexplained Russian Flag draped over the scaffolding on Salisbury Cathedral and unexplained cyber-attack on Gatwick at the time of the drone incident.  

More recently, in the past few days we have seen the baggage handling system at Heathrow Airport fail through IT issues, the BA checking in system fail through IT issues, signals out of Euston Station fail and now power outages across parts of the UK when there are no conditions that would cause a user surge demand. 

We have the beginnings of a pattern and that pattern is disruption of elements of the UKs national infrastructure, its critical national infrastructure with its transport networks.  We have had airports disrupted, airlines disrupted, rail networks disrupted and with the traffic light systems in London suffering, now our roads disrupted.

It is very easy to shrug these incidents in isolation off and but look at them together and plot them out a pattern emerges. I have spoken with the National Cyber Security Centre (NCSC) part of the governments spy agency GCHQ and they stated that, “The Heathrow Baggage, BA check in and Euston signalling issues were not as they are aware caused by cyber incidents.”

However, this-evenings power cuts have affected airports, traffic lights and the railway network leaving some without electricity. 

UK Power Networks tweeted on Friday evening: ‘We’re aware of a power cut affecting large parts of London and South East. We believe this is due to a failure on National Grid’s network, which is affecting our customers.’

Having spoken again to the NCSC, their press office was frantically busy at 6pm on a Friday! Another potential indicator. I will keep this blog updated as new information is received. 

However, I do believe there is evidence in some of these incidents of deliberate hostile or rogue state action in the UK. The most recent state openly blamed for an incident in the UK was Russia for its use of Novichok nerve agent in Salisbury last year.

(New) The latest power outage incident has been assessed by the NCSC as not Cyber related, but the question remains how vulnerable is our CNI if it is creaking to this degree through other reasons? Comment: It is probable that this incident isn’t cyber related but on the other hand if it were and the Government wanted to keep it quiet from the public, the NCSC statement would be as issues. However, it is too easy to be overly machiavellian. Comment Ends.

(New 2) Now that the power is back on the power regulator Ofgem has asked for an “urgent details report” to find out what went wrong. Last night Julian Leslie, Head of National Control at National Grid ESO did a quick Twitter Vlog to try and explain what happened. However, all he said was how when two generators (power company speak for whole power stations!) went off line simultaneously the ” system protected itself by losing some demand,” the grid did what it should do and shut parts of itself down. He made no comment on what caused two completely different, geographically separated powers stations to fail at exactly the same time. All of the official commentary avoids that question. In addition the two “generators” were brought back online relatively quickly suggesting this wasn’t a mechanical failure but electronic or control.

We have to look at a few issues here to keep what I admit freely is an unlikely scenario alive, but the questions still have to be asked. Would a hostile state actor have the capability and the intent and with that why?

In June the BBC reported, “Russia has said it is “possible” that its electrical grid is under cyber-attack by the US. Kremlin spokesman Dmitry Peskov said reports that US cyber-soldiers had put computer viruses on its electrical grid was a “hypothetical possibility”. His comments came in response to a New York Times (NYT) story which claimed US military hackers were targeting Russian power plants.

That same month Wired reported, “Over the past several months, security analysts at the Electric Information Sharing and Analysis Center (E-ISAC) and the critical-infrastructure security firm Dragos have been tracking a group of sophisticated hackers carrying out broad scans of dozens of US power grid targets, apparently looking for entry points into their networks.” Those sophisticated hackers were linked to the Russian Government.

Further capability and examples are covered in great detail in Gordon Corera’s fantastic book INTERCEPT reviewed here: https://greyharemedia.com/intercept-by-gordon-corera/

So a ‘hostile’ state has the capability and seemingly the intent to carry out action in the UK (the Skripal attack and I personally suspect Gatwick disruption). Why now? We are in a period of political turmoil with a new Prime Minister with a majority of only one in Parliament, the looming no deal BREXIT anxiety and a very left leaning opposition and a country still smarting over its outing for the Skripal attack. So why not? It is a Russian tactic to “stir the pot”. The 2007 Cyber attacks by Russia shutting Estonia down for a protracted period are a perfect example and there have been many more since.

So, it is important to ask wast it a hostile state? Even though the probable answer is no. The real positive that came out of this is if it were a hostile state action, it was defeated very quickly and normality restored so our defensive processes clicked in quickly. But that is only a positive if it were a cyber attack.

Note: This blog is written by Philip Ingram MBE, a former British Military Intelligence Officer and now journalist who has served in the Gulf. If you would like any further comment from Philip, please contact him by clicking HERE

Finally a bonus – a Tin Foil Hat Podcast done with The People Hacker – Jenny Radcliffe:

https://podcasts.apple.com/gb/podcast/tin-foil-hats-club-with-philip-ingram-mbe/id1174807837?i=1000446788630

Santa hacked again

Santa hacked again

Santa hacked again – Grey Hare spies investigate the latest.

In the run up to Christmas there are always incidents that bring joy, bring concern and bring worry.  HMS Big Lizzie returned to her home port after successful sea and air trials started last year just before Christmas when she was used as a to secret FOB for Santa, as reported by the Grey Hare Media team here: https://greyharemedia.com/top-secret-mission-for-hms-queen-elizabeth/

However, in the year the new General Data Protection Regulation came into force, we were reminded of Santa’s vulnerability given the amount of data he has in his databases. He knows the name and address of every child across the globe. He has details of who has been good and who has been naughty, his naughty list is one of the most comprehensive global databases, and it was hacked!

Now there are a few things that we need to know about Santa and the Grey Hare spies have been hunting to bring them to you. He has 31 hours of Christmas to work with thanks to the different time zones and the rotation of the earth and according to observations from the International Space Station he travels east to west.

The North American Aerospace Defense Command (NORAD)have a special SANTA tracking facility that is made ready once a year to ensure that SANTA is kept safe and should there be any mishaps, then the right help can be provided quickly.

This joint US/ Canadian facility will not be affected by President Trump’s government shutdown. It is a vital global service ensuring the safety of happiness and joy.

What NORAD have conferment is that Santa makes 822.6 visits per second allowing him 1/1000th of a second to park, hop out of the sleigh, jump down the chimney, fill the stockings, distribute the remaining presents under the tree, eat whatever snacks have been left, get back up the chimney, get back into the sleigh and move on to the next house….. phew…..

So, the chances of children seeing him are very remote, however, he has specialist stealth technologies that keep him invisible, but that seems to have been compromised.

Santa’s sleigh moves at 650 miles per second, 3,000 times the speed of sound. This makes Rudolf a very special type of reindeer as a conventional reindeer can run at a maximum of about 15 miles per hour. His defining feature is his red nose but at 650 miles per second and with special stealth technologies, only Santa and the other reindeers should be able to see it.

However, the Grey Hare spies’ team have been informed that Santa’s stealth technology was hacked at the same time his naughty list was. This has only just come to light when Gatwick Airport was brought to a standstill over drone incursion incidents.  What people don’t realise is that just before Christmas each year Santa has a series of practice runs to let his reindeers stretch their legs and confirm they still remember where to go. Part of their emergency plans are landing (covertly) for quick repairs so present delivery can continue. The Grey Hare spies saw HMS Big Lizzie being used last year, however, a regular conventional stop is Gatwick Airport amongst other global airports.

This is not widely publicised as at 650 miles per second, using Santa and Rudolf’s specialist anti-collision device (the red Nose) he is usually in and out between flights without being noticed. This year was different, something clearly blocked the red nose stealth tech making it visible and concerned staff will have reported it as a possible drone incursion. Santa’s security team believe this may have been a deliberate act by the GRU to say “Bah Humbug” for embarrassments they have suffered this year.

Severely embarrassed at disrupting flights for his adoring fans coming to the North Pole to visit him, as well as those off on holiday, Santa has refused to comment on this latest embarrassment.  Luckily, under his beard, and with his red suit, no one had noticed the gentle flush of his face going red.

What is critical is that his operations on 24thDec delivering presents goes ahead – so appeals have been made to Elisabeth Denholm the Information Commissioner and the EU GDPR regulators not to investigate Santa too closely and to the Gatwick authorities, to realise he is really, really sorry!  He also appeals to the GRU and President Trump just to let him get on with his job and deliver joy not angst.

Follow his progress using NORAD’s live tracker here: https://www.noradsanta.org