US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack

US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack (http://www.ibtimes.com)

Technology – Security

The power outage last December in the Ukraine that put 180,000 people in the dark was the first electricity failure caused by a computer hack, the U.S. Department of Homeland Security has confirmed. Researchers previously suggested that a strain of malicious software known as BlackEnergy, a favorite of Russian hacking groups, was responsible.

The December 23 outage at the Prykarpattyaoblenergo power plant in western Ukraine was a nightmare scenario come true for cybersecurity researchers who have warned it was a question of when, not if, hackers managed to infiltrate a critical infrastructure facility.

DHS issued an advisory Tuesday confirming initial evidence that BlackEnergy malware first infected the plant’s systems after a successful spearphishing email attack, when hackers sent what appears to be a normal message to a high value target. Homeland Security and the FBI are among the international investigators still examining the cyberattack.

DHS’s Industrial Control Systems Cyber Emergency Response Team emailed the advisory to Reuters Tuesday, confirming that malware analysis yielded evidence that BlackEnergy 3 was found lurking on Ukrainian networks. It’s the same method of attack that was used against a number of U.S. critical infrastructure targets in 2014, though it’s not clear if any of those incidents led to a similar electricity failure.

The attack has been blamed on Sandworm, a group Russian government sponsored hackers that have spent years harassing Ukrainian officials and their allies.

“There is a darkening sky,” former U.S. National Security Director Michael Hayden told Tuesday of the Ukraine attack. “This is another data point an arc that we’ve long predicted.”

My Two Cents:
The DOE, and FERC need to address cyber security problems as a national security clear and present danger issue (TLP) RED level. I personally feel that the DOE and FERC are NOT the type of government agencies that mission statements are for this type of national security challenge (Protecting the USA Power Grid(s)). The DHS, US-CERT and FBI need to take control and get some move on in this power industry…

USA Power Grid and hydroelectric plants Black Start

USA Power Grid and hydroelectric plants Black Start (https://en.wikipedia.org)

Technology – Security

A black start is the process of restoring an electric power station or a part of an electric grid to operation without relying on the external transmission network.[1]

Normally, the electric power used within the plant is provided from the station’s own generators. If all of the plant’s main generators are shut down, station service power is provided by drawing power from the grid through the plant’s transmission line. However, during a wide-area outage, off-site power supply from the grid will not be available. In the absence of grid power, a so-called black start needs to be performed to bootstrap the power grid into operation.

To provide a black start, some power stations have small diesel generators, normally called the black start diesel generator (BSDG), which can be used to start larger generators (of several megawatts capacity), which in turn can be used to start the main power station generators. Generating plants using steam turbines require station service power of up to 10% of their capacity for boiler feedwater pumps, boiler forced-draft combustion air blowers, and for fuel preparation. It is uneconomical to provide such a large standby capacity at each station, so black-start power must be provided over designated tie lines from another station. Often hydroelectric power plants are designated as the black-start sources to restore network interconnections. A hydroelectric station needs very little initial power to start (just enough to open the intake gates and provide excitation current to the generator field coils), and can put a large block of power on line very quickly to allow start-up of fossil-fueled or nuclear stations. Certain types of combustion turbine can be configured for black start, providing another option in places without suitable hydroelectric plants.

My Two Cents:
I have been working with hydroelectric Power plants since 2005 with regard to their Software Technology. I was amazed to find out that FERC (ISO/RTO/Electric Power Markets), have made it economic unprofitable for most hydroelectric plants to remain a Black Start system for our power grid(s). Over the years I have been inside many hydroelectric power plants and pump storage power plants, and to my amazement 90 % of them have had the black start systems removed, 8 % were still there but deemed unoperational, and only 1 was still good to go….Seriously…. So over the years based on deregulation and the way our capital system is setup, AND how these power firms have been bought and sold, the fact that it is so expensive and the regulations required by FERC (ISO/RTO/Electric Power Markets), it is cheaper to remove the black start features from these plants. Even the Insurance companies that insure these firms somehow where either kept in the dark or allowed this to happen. I feel that every hydroelectric power plant in the USA should be black start operational, especially Hydro facilities that have an ongoing source of water for generation like rivers. I believe it should not be an economic policy with regard to national security. I am just dumbfounded on the logic behind this…

Talen Energy completes power plant sales, Holtwood and Lake Wallenpaupack

Talen Energy completes power plant sales, Holtwood and Lake Wallenpaupack (http://www.mcall.com)

Technology – Hydro

Talen Energy of Allentown has completed a series of power plant divestitures required by federal regulators last year when the company was launched.

The independent power producer announced Friday that, as anticipated, it had completed the sale of its Holtwood and Lake Wallenpaupack hydroelectric plants to a subsidiary of Brookfield Renewable Energy Partners L.P. for $860 million.

The two Pennsylvania hydroelectric plants – Holtwood in Lancaster County and Lake Wallenpaupack in the Pocono Mountain region – have a combined generating capacity of 292 megawatts.

The Federal Energy Regulatory Commission required the divestitures when PPL Corp. spun off its PPL Supply power plant and energy marketing division, combining it with certain power plants owned by Riverstone Partners, to form Talen Energy.

My Two Cents:
Should be a good move for Brookfield Renewable Energy Partners L.P.

Web Based Mapping/ Water Quality Index Application is the Water Quality Index Calculator

Web Based Mapping/ Water Quality Index Application is the Water Quality Index Calculator (http://www.water-research.net – Written by Mr. Brian Oram, PG)

Technology – Software

Mr. Oram has conducted research and consulting projects related to acid mine drainage ( AMD ), mine drainage, lake and stream monitoring programs, wetland creation and monitoring, filtration plant performance evaluations, testing new point of use water treatment devices and systems, hydrogeological evaluations, geological investigations, soils testing, soil morphological evaluations, water well drilling and construction, drinking water testing, mail order water testing kit program, private well water testing programs, and land reclamation. Mr. Oram has also been involved with Citizen Monitoring and other Environmental Training Programs for groups within the United States, Europe, and even the former Soviet Union.

The main reason is that most private wells and small water systems are not regulated by the EPA or the DEP in a given state and in Pennsylvania about 50% of private wells produce water that does not meet a primary health standard, i.e., Could Make the Well Owner Sick. Therefore, it is up to the individual private well owner to ensure that the water is safe. This website has been up and running for over 25 years with the primary mission of providing free information on this topic to well owners. We have had over 1,400,000 + unique visitors and many private well owners from throughout the world use this portal.

In Pennsylvania, we have found that typically at least 10 % of private well have one or more of these problems:
a. Low pH / corrosive water
b. Elevated Iron and/or Manganese
c. Elevated Bacteria (Actually it is 40 % to 50% for this parameter)

Less than 5 % of private wells have problems with methane gas, barium, alpha/beta, and other contaminants that would suggest a saline water source. In the middle, we have found about 5 to 10% may have problems with copper, lead, arsenic, and plasticizers.

Note- There are over 1 million private wells in Pennsylvania. Assume 3 citizens per household and 50 % of households having contaminated water, this means that 1.5 million citizens of the Commonwealth are Drinking Water that could make them SICK – This is a Health Crisis!
It is time to ACT. We know this information because of the hundreds of private well owners that have released their information to the Citizen Groundwater Database.
To Act, we recommend the following:

1. Get Educated and Informed.
2. Get Your Water Tested
3. Work as a Community to Develop Local and State Solutions

Using the book Field Manual for Water Quality Monitoring, the National Sanitation Foundation surveyed 142 people representing a wide range of positions at the local, state, and national level about 35 water quality tests for possible inclusion in an index. Nine factors were chosen and some were judged more important than others, so a weighted mean is used to combine the values.

(Continue reading at http://www.water-research.net – Written by Mr. Brian Oram, PG)

My Two Cents: Web Based Mapping/ Water Quality Index Application is the Water Quality Index Calculator, is an extremely valuable tool needed for homeowners to test their drinking water wells, share their information with other homeowners and locate problems and have them fixed. Mr. Brian Oram, PG is an extremely valuable asset in achieving this. I look forward in seeing this application expand providing more features that will help protect our water, and save lives. Read more about Brian Oram at B.F Environmental Consultants Inc. www.bfenvironmental.com

Windows 10 Issues

Why Windows 10 Sucks or
Everything Wrong with Windows 10
(http://itvision.altervista.org – Artem S. Tashkinov)

Technology – Software

It’s funny and equally sad that year 2015 marks the end of the Windows OS for a lot of people. There are several issues with Windows which, at present, make Windows 10 inappropriate and even outright dangerous for a lot of people. The most egregious, of course, is a total abandonment of any form of privacy and control.

Firstly, Microsoft openly stated that pervasive data Microsoft: ‘We finally fixed everything in Windows 10’ View this page source code to find the source of this picture collection will be present in any Windows version starting from Windows 10 and as a host of research on the Internet shows, this data collection cannot be disabled using official means. If you decide to disable total tracking (including keyboard scanning and voice recording) you’ll have to disable over a hundred different Internet addresses and then no one guarantees that a new Windows update doesn’t add new hosts because Microsoft surely is not interested in losing such a lucrative feature meant for Big Brother agencies. Read the rest of the article for official Microsoft statements and for various information on how Windows breaches you privacy and how you might try to control it (it’s almost futile btw).

Secondly, Microsoft has stripped us of controlling Windows updates. It was ostensibly done to improve the user experience by keeping the system up to date and perhaps malware free, but the truth is that a built-in antimalware protection in Windows is simply horrible (according to various AV comparisons Microsoft Essentials misses over 20% of in the wild malware) and said updates mean nothing for security because over 90% of infections happen due to the user actions (like downloading and installing dubious applications). No Windows update can prevent such a behaviour.

Thirdly, as Microsoft has stated multiple times, Windows 10 will not have any service packs, Windows 10 is the final version of Windows, because Windows 10 has become a service, it will be updated over time to bring new features and remove the old ones. Windows 10 you might have updated to in July 2015 will be a different OS than Windows 10 plus all its updates a year later.

(Continue reading at http://itvision.altervista.org Artem S. Tashkinov)

My Two Cents: Windows 10 is another disappointment…I agree with Artem S. Tashkinov.