|| $0uRc3 || Profile picture
Apr 10, 2018 14 tweets 5 min read Twitter logo Read on Twitter
Hope @DHSgov is on this attack on the US Energy sector. There needs to be waaaay more coverage into the impacts across all Utility Markets. cc: @JynErso_2017 @TrickFreee theedgemarkets.com/article/cybera…
Chilling takeaway: Attack was reported to the public (4/5) only after ESG was back up and running. It started 3/30. Duke is on record because they ditched ESG. How many providers are still using ESG? How much of our personal data matching HOME addresses were compromised?
Beyond personal data there exists another threat: Disruption of services. Utility companies must communicate with each other in order for the market to function. Markets differ across the country, but in deregulated markets its amplified by a factor x100.
Here’s why: Say ResistElectric wants to turn off a customer for being deliquent. They use a 3rd Party (ESG) to send that transaction to the poles company to turn off meter. Inability to automate that business process creates unexpected operational costs and balloons bad debt
Now let’s say TrumpTrainElectric also uses ESG. They have a customer that wants to move into their new home. Well getting that to happen next day without ESG is hard. Now add in 15 other competitors and extrapolate over a month. Some discount Energy cos would go bankrupt.
Companies do not have the luxury to float tens of thousands (or 100s) of customer invoices while they figure out a way to get new customers onboarded and bad paying ones turned off. They use an EDI translator to do that and they don’t have another on standby if first is down.
Original reporting, Bloomberg was 4/2. 3 days before the public was notified of the intrusion.
And Bloomberg connected the dots. There are only a few outfits who could pull it off but only one drew warning from US officials last month (accurate 3/30 date of hack) >>> RUSSIA
So let’s get context.

May 29th. Russia was expelling 60 US diplomats. Lavrov extremely upset. Following day, intrusion into ESG. 🤔#TheResistance npr.org/sections/thetw…
Well here is NYT on 4/4. The common denominator in the hacks is that EDI Translators were the initial targets! This was a well planned orchestrated attack.
This is worse than I thought.
Hard to imagine transactions being faked in order to disrupt shipments and delivery now after it’s been identified but risks are severe if they ever do.
More Vulnerabilities. More reasons to suggest Russia. Exxon deal was scrapped and Gazprom facing increased scrutiny. 🤔

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with || $0uRc3 ||

|| $0uRc3 || Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @_sourceE

Oct 27, 2017
Welcome to duped by “Russian Active Measures.” Here is how a national publication helps Russia control the narrative.
Here is the source of this piece. Nice header and oh you used to work for Sputnik?
already did this thread back in May so I’ll just drop it here
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!