Profile picture
|| $0uRc3 || @_sourceE
, 14 tweets, 5 min read Read on Twitter
Hope @DHSgov is on this attack on the US Energy sector. There needs to be waaaay more coverage into the impacts across all Utility Markets. cc: @JynErso_2017 @TrickFreee theedgemarkets.com/article/cybera…
Chilling takeaway: Attack was reported to the public (4/5) only after ESG was back up and running. It started 3/30. Duke is on record because they ditched ESG. How many providers are still using ESG? How much of our personal data matching HOME addresses were compromised?
Beyond personal data there exists another threat: Disruption of services. Utility companies must communicate with each other in order for the market to function. Markets differ across the country, but in deregulated markets its amplified by a factor x100.
Here’s why: Say ResistElectric wants to turn off a customer for being deliquent. They use a 3rd Party (ESG) to send that transaction to the poles company to turn off meter. Inability to automate that business process creates unexpected operational costs and balloons bad debt
Now let’s say TrumpTrainElectric also uses ESG. They have a customer that wants to move into their new home. Well getting that to happen next day without ESG is hard. Now add in 15 other competitors and extrapolate over a month. Some discount Energy cos would go bankrupt.
Companies do not have the luxury to float tens of thousands (or 100s) of customer invoices while they figure out a way to get new customers onboarded and bad paying ones turned off. They use an EDI translator to do that and they don’t have another on standby if first is down.
Original reporting, Bloomberg was 4/2. 3 days before the public was notified of the intrusion.
bloomberg.com/news/articles/…
And Bloomberg connected the dots. There are only a few outfits who could pull it off but only one drew warning from US officials last month (accurate 3/30 date of hack) >>> RUSSIA
So let’s get context.

May 29th. Russia was expelling 60 US diplomats. Lavrov extremely upset. Following day, intrusion into ESG. 🤔#TheResistance npr.org/sections/thetw…
Well here is NYT on 4/4. The common denominator in the hacks is that EDI Translators were the initial targets! This was a well planned orchestrated attack.
nytimes.com/2018/04/04/bus…
This is worse than I thought.
Hard to imagine transactions being faked in order to disrupt shipments and delivery now after it’s been identified but risks are severe if they ever do.
More Vulnerabilities. More reasons to suggest Russia. Exxon deal was scrapped and Gazprom facing increased scrutiny. 🤔
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to || $0uRc3 ||
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!