Government/Big Business and IT vulnerability

Ok so I said I would come back after market and tell about my ex’s experience with gov’t IT vulnerability. Way too long for TF so… He’s high level IT security consultant and this is not only time he’s been pulled to work on a gov’t issue but it was the biggest.

Long story as short as I can make it he gets frantically contracted to our state gov’t. The alphabets state and federal all begin to show up. National Guard sets up camp in parking lot. He gets a temporary clearance and these are some of the things he was eventually allowed to tell. State gov’t payroll totally taken down. 911 down. All breathalyzers unable to report data. Control of local trains. Shutdown of state DOT control center. All out of St. Petersburg (Russia not FL). There was lot more and lot more he could not talk about. Total chaos. They work round the clock. It was crazy. He has fixed a lot of Russian based attacks on government targets over last few years.

So you can glimpse the vulnerability and what do you think State does? Yes, they try to hire ex, but they can’t afford it. They want to pay 10% less salary, no bonus, and lesser benefits. What does the crisis cost them? When they contract for him they pay so much more just for the crisis.

Remember when Target had enormous data breach 2013 that cost them about 20 million dollars? They had consultation with ex’s company before that. They warn of problem and say 600k to fix. Target is like that too much. Oops.

Big banks, healthcare systems, imagine all the places you don’t want hacked in addition to say IRS. They have all been so cheap and he and his colleagues get called to this after the big problem stuff all the time. The only thing surprising me is we haven’t had major Federal cyber attack yet from Russia (that we know about) since war started.

People assume big businesses and governments are so on top of this but they are not- because they don’t want to PAY. So then it’s a blow up and they pay through nose to clean up. The level of unpreparedness is shocking.


Interesting read. You mentioned in TF that people should stock up on generators if they’re a customer of Southern California Edison. Do you feel there’s an immediate threat? I quickly googled the company for news but didn’t find anything hacking-related.

Cyber security is definitely something that I think will be becoming more and more serious over the years and people in general will need to take it much more seriously. Might be an excellent choice for long term holds as well.

They just brought in my ex. Door has been open to Russian and Chinese hackers for 11 years. Worst part get fixed tonight but it will take months to be in good shape. You could still have many day outages. These cyberattacks are coming just in general- and
we are not ready. The Colorado attack started as ransomware in one department a Friday afternoon. They could not figure out who to call to get help until Monday!

This was almost 10 years ago but only learned about it a few months ago. Just thought it was relevant to your question in that most people think of grid attacks in terms of cyber right away. All our shit is above ground and this was so cal as well. As far as i know no one was ever caught. Dont think its likely there will be multiple all out physical attacks on the grid but clearly it can happen. Wondering if theres physical infrastructure plays here as well, but the common thing in the post is the incompetence so maybe the moneys not there

This will not surprise me either. But the thing I am saying is not just energy. Who would think to attack the breathalyzers? The bad guys are way ahead in thinking ways to cyberattack and we are very cyber dependent. Just think for minute about everything you do all day that is dependent on internet. It’s all vulnerable. As states are realizing maybe Palo Alto and others go up? Who knows. It’s just to think about for market and for your own life.

1 Like