Amazon explains big AWS outage

Amazon explains big AWS outage (http://www.geekwire.com)

Technology

Amazon explains big AWS outage, says employee error took servers offline, promises changes.

Amazon has released an explanation of the events that caused the big outage of its Simple Storage Service Tuesday, also known as S3, crippling significant portions of the web for several hours.

RELATED: AWS cloud storage back online after outage knocks out popular sites

Amazon said the S3 team was working on an issue that was slowing down its billing system. Here’s what happened, according to Amazon, at 9:37 a.m. Pacific, starting the outage: “an authorized S3 team member using an established playbook executed a command which was intended to remove a small number of servers for one of the S3 subsystems that is used by the S3 billing process. Unfortunately, one of the inputs to the command was entered incorrectly and a larger set of servers was removed than intended.”

Those servers affected other S3 “subsystems,” one of which was responsible for all metadata and location information in the Northern Virginia data centers. Amazon had to restart these systems and complete safety checks, a process that took several hours. In the interim, it became impossible to complete network requests with these servers. Other AWS services that relied on S3 for storage were also affected.

About three hours after the issues began, parts of S3 started to function again. By about 1:50 p.m. Pacific, all S3 systems were back to normal. Amazon said it has not had to fully reboot these S3 systems for several years, and the program has grown extensively since then, causing the restart to take longer than expected.

Amazon said it is making changes as a result of this event, promising to speed up recovery time of S3 systems. The company also created new safeguards to ensure that teams don’t take too much server capacity offline when working on maintenance issues like the S3 billing system slowdown.

Amazon is also making changes to its service health dashboard, which is designed to track AWS issues. The outage knocked out the service health dashboard for several hours, and AWS had to distribute updates via its Twitter account and by programming in text at the top of the page. In the message, Amazon said it made a change to spread that site over multiple AWS regions.

Continue reading at http://www.geekwire.com

My Two Cents:
We were working with the ESRI ArcGIS Web Services API when it went down. I was not aware that ESRI leveraged the Amazon S3 Cloud systems. If you are going to run API Services, make sure you have redundancy. I was surprised. The old saying “do not put all your eggs in one basket” is obviously alive and well with some Tech corporations.

German nuclear plant suffers cyber attack designed to give hackers remote access

German nuclear plant suffers cyber attack designed to give hackers remote access (http://www.telegraph.co.uk)

Technology – Security

German nuclear plant suffers cyber attack designed to give hackers remote access

A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility’s operations because it is isolated from the Internet, the station’s operator said on Tuesday.

The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE.

The viruses, which include “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualisation software associated with equipment for moving nuclear fuel rods, RWE said.

Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it had increased cyber-security measures as a result.

W32.Ramnit is designed to steal files from infected computers and targets Microsoft Windows software, according to the security firm Symantec.

First discovered in 2010, it is distributed through data sticks, among other methods, and is intended to give an attacker remote control over a system when it is connected to the Internet.

Conficker has infected millions of Windows computers worldwide since it first came to light in 2008. It is able to spread through networks and by copying itself onto removable data drives, Symantec said.

RWE has informed Germany’s Federal Office for Information Security (BSI), which is working with IT specialists at the group to look into the incident.

The BSI was not immediately available for comment.

My Two Cents:
Again…The DOE, and FERC need to address cyber security problems as a national security clear and present danger issue (TLP) RED level. I personally feel that the DOE and FERC are NOT the type of government agencies that mission statements are for this type of national security challenge (Protecting the USA Power Grid(s)). The DHS, US-CERT and FBI need to take control and get some move on in this power industry…

USA Power Grid and hydroelectric plants Black Start

USA Power Grid and hydroelectric plants Black Start (https://en.wikipedia.org)

Technology – Security

A black start is the process of restoring an electric power station or a part of an electric grid to operation without relying on the external transmission network.[1]

Normally, the electric power used within the plant is provided from the station’s own generators. If all of the plant’s main generators are shut down, station service power is provided by drawing power from the grid through the plant’s transmission line. However, during a wide-area outage, off-site power supply from the grid will not be available. In the absence of grid power, a so-called black start needs to be performed to bootstrap the power grid into operation.

To provide a black start, some power stations have small diesel generators, normally called the black start diesel generator (BSDG), which can be used to start larger generators (of several megawatts capacity), which in turn can be used to start the main power station generators. Generating plants using steam turbines require station service power of up to 10% of their capacity for boiler feedwater pumps, boiler forced-draft combustion air blowers, and for fuel preparation. It is uneconomical to provide such a large standby capacity at each station, so black-start power must be provided over designated tie lines from another station. Often hydroelectric power plants are designated as the black-start sources to restore network interconnections. A hydroelectric station needs very little initial power to start (just enough to open the intake gates and provide excitation current to the generator field coils), and can put a large block of power on line very quickly to allow start-up of fossil-fueled or nuclear stations. Certain types of combustion turbine can be configured for black start, providing another option in places without suitable hydroelectric plants.

My Two Cents:
I have been working with hydroelectric Power plants since 2005 with regard to their Software Technology. I was amazed to find out that FERC (ISO/RTO/Electric Power Markets), have made it economic unprofitable for most hydroelectric plants to remain a Black Start system for our power grid(s). Over the years I have been inside many hydroelectric power plants and pump storage power plants, and to my amazement 90 % of them have had the black start systems removed, 8 % were still there but deemed unoperational, and only 1 was still good to go….Seriously…. So over the years based on deregulation and the way our capital system is setup, AND how these power firms have been bought and sold, the fact that it is so expensive and the regulations required by FERC (ISO/RTO/Electric Power Markets), it is cheaper to remove the black start features from these plants. Even the Insurance companies that insure these firms somehow where either kept in the dark or allowed this to happen. I feel that every hydroelectric power plant in the USA should be black start operational, especially Hydro facilities that have an ongoing source of water for generation like rivers. I believe it should not be an economic policy with regard to national security. I am just dumbfounded on the logic behind this…

What is an Encryption Key?

What is an Encryption Key? (http://www.wisegeek.org)

Technology – What is an Encryption Key?

Encryption is a form of security that turns information, images, programs, or other data into unreadable cipher by applying a set of complex algorithms to the original material. These algorithms transfer the data into streams or blocks of seemingly random alphanumeric characters. An encryption key might encrypt, decrypt, or perform both functions, depending on the type of encryption software being used.

The algorithms used are considered very secure, with one of this type adopted as the Advanced Encryption Standard (AES) used by the U.S. Government for storing classified and top secret information. The one weakness of symmetric encryption programs is that the single key must necessarily be shared, presenting an opportunity for it to be leaked or stolen. Part of key management involves changing the key often to improve security.

(Continue reading at http://www.wisegeek.org)

My Two Cents: I have been writing a lot of Advanced Encryption Standard (AES) 256 bit Encryption controls within our systems from data sources to email. The private key is the only scary part of the Encrypted object(s). I have come up with a solution that encrypts, scrambles, and embeds the private key in the Encryption itself, thus removing the need to have the private key to decrypt the object(s). You would have to have our software to encrypt and decrypt it on both ends. Other applications could not decrypt the object(s). The only downside I see if our software was destroyed it would be impossible to decrypt the object(s)…highly unlikely. With all the loss of data these days based on Cyber Attacks I feel Encryption is the way to go.

Cybersecurity experts take Russian hacking scare with a pinch of salt

Cybersecurity experts take Russian hacking scare with a pinch of salt (http://www.theguardian.com)

Technology News – Cybersecurity

Security researchers have expressed concern over the claim that more than 4.5bn user credentials including 1.2bn unique usernames and passwords have been amassed by a Russian cybercriminal gang.

Security researchers from Kaspersky, Symantec and University College London have questioned the news reported on Tuesday that private security firm Hold Security had identified a Russian cybercriminal gang called CyberVor, which had amassed a database of more than 4.5bn stolen records, including 1.2bn unique usernames and passwords belonging to 500m email addresses.

Cybersecurity experts are concerned that Hold Security has not yet made the data public or available for confirmation by users. “We’ve had very little concrete information released,” said David Emm, senior researcher with security firm Kaspersky, talking to the Guardian.

“I’m inclined to take it with a pinch of salt for now.”

“Nothing has been released by an established security company – I personally haven’t come across Hold Security before – and we’ve had no information on the companies affected, or whether they’re still vulnerable,” said Emm. “There’s just what seems to me to be a pretty vague claim of the largest security breach to date.

(Continue reading at http://www.theguardian.com)

My Two Cents: I agree, I have never heard of Hold Security before too, and this claim is huge based on pretty vague data…