Ivanka Trump discusses her ‘punk phase’ in the 1990s

[ad_1]

Known today for her chic ensembles and elegant style, Ivanka Trump recently divulged a lesser known sartorial chapter of her life in her mother’s new memoir, “Raising Trump.” In Ivana Trump’s tell-all book, the First Daughter divulges her momentary “punk phase” in the 1990’s, in which she favored “ripped corduroy jeans and flannel shirts.”

While this edgy aesthetic dominated runways and red carpets alike during this era, Ivana did not encourage it. She swiftly took action when her only daughter got her hands on some wildly blue hair dye, Business Insider reports.

DONALD TRUMP DEFENDS MELANIA’S CHOICE TO WEAR STILETTOS TO HOUSTON AFTER HURRICANE HARVEY

“One day after school, I dyed my hair blue. Mom wasn’t a fan of this decision,” Ivanka writes. “She took one look at me and immediately went out to the nearest drugstore to buy a $10 box of Nice ‘n Easy.”

Adding that Ivana returned with blonde hair dye “three shades lighter” than her natural locks, Ivanka took a liking to the temporary fix and has “never looked back” since.

DONNA KARAN, MARCHESA FACE BACKLASH AMID HARVEY WEINSTEIN SCANDAL

While President Donald Trump’s eldest daughter stepped down from her role at the helm of her eponymous fashion line soon before his inauguration, style has always been a true passion. In 2012, the First Daughter told Teen Vogue that positive feedback from customers was one of the best parts of watching her brand evolve.

FOLLOW US ON FACEBOOK FOR MORE FOX LIFESTYLE NEWS

“I love hearing from women that they wore one of my suits to their first job interview, or bought a pair of my evening shoes and danced all night at a wedding. Having the ability to now really dress a woman from head to toe is also a very exciting feeling!” she said.

Blue hair dye, totally optional. 

[ad_2]

Source link

Hurricane Ophelia strengthens before storm reaches UK

[ad_1]

Media playback is unsupported on your device

Media captionHurricane Ophelia upgrades to category 3

The UK is set to experience the tail end of a category three hurricane with high temperatures and wind forecast.

As a result of Hurricane Ophelia, parts of England could see temperatures reach 25C on Sunday beating the 15C average for mid-October.

On Monday some areas of the UK will be hit with winds of up to 80mph (128km/h).

The hurricane will be a storm when it hits the UK, exactly 30 years after the Great Storm of 1987 killed 18 people.

On its way from the Azores in the Atlantic Ocean, Hurricane Ophelia has set the record for the most eastern category three hurricane in the Atlantic.

Western England, Northern Ireland and parts of Scotland will be most affected by the storm winds.

The Republic of Ireland’s Met Office has issued a red warning for counties in Munster and Connacht, predicting that coastal areas will be hit by winds in excess of 80mph (130km/h) from 09:00 BST on Monday until Tuesday.

The ferocity of the hurricane will dissipate before it reaches the UK, but Ophelia’s remnants are forecast to bring high winds in coastal areas.

Image caption

Weather presenter Michael Fish is remembered for dismissing reports that a hurricane would hit the south of England in October 1987.

The storm is often remembered for BBC Weather presenter Michael Fish dismissing reports that “there was a hurricane on the way”.

Although he was right, storm winds of 100mph did batter the south of England, leaving a trail of destruction.

Eighteen people died and 15 million trees were destroyed as a result of the high winds.

It is thought that the storm caused £1bn in damage to property and infrastructure.

The Met Office has issued severe weather alerts ahead of Ophelia and has warned there could be potential power cuts, disruption to road and rail networks, and damage to buildings as a result of Monday’s stormy weather.

But parts of England will benefit from the warm temperatures brought by the storm, with areas as far up as Nottingham expected to hit highs of 21C on Monday.

Clouds in central and southern England are expected to break up to provide sunny spells over the course of the weekend.

Some parts of the country have been enjoying a “mini heatwave” already. Ian Senior tweeted a screenshot of the temperature in Cambourne, Cambridgeshire, which was 17C on Saturday morning.

Jennie, who lives in Leeds, also wrote on Twitter that she never thought she would be “walk[ing] around bare legged wearing a skirt and short sleeved T-shirt” in mid-October.

But some parts of the country were still waiting for the temperatures to improve. Martin Cluderay, from Swaledale in the Yorkshire Dales, posted an overcast scene from the town titled: “Welcome to the heatwave.”

And Jo Field from Buckinghamshire wrote: “Where’s the mini heatwave then… I put my Ugg boots away and got my bikini out at the ready.”

A yellow warning for rain in northern England was in place on Saturday morning, with 50mm of rain expected on high ground.

West Scotland and Northern Ireland will also receive heavy rainfall on Sunday.

BBC Weather has tweeted that Monday will bring “very strong winds” to the west of the UK with two yellow warnings for wind issued across much of the UK on Monday and Tuesday.

[ad_2]

Source link

Windows 10 Fall Creators Update: What It Is and How to Get It

[ad_1]

On October 17, Microsoft drops a new version of Windows 10 called the Fall Creators Update. It’s packed to the brim with new features for everyday users and people who just like making cool stuff. Here’s what you need to know before you click that big ol’ update button.

What You’ll Get

The Fall Creators Update gives you a neat new Photos app for all your organization and editing needs. There’s a new feature called Story Remix that makes it a breeze to throw together a few pictures and video clips for those post-vacation slideshows. You can even mix in a song or two if you’re feeling fancy.

You’ve probably heard that you’ll need a crazy powerful rig to jump into VR. Not so with this new version of Windows. Microsoft is baking VR right into its operating system, and all you need is a compatible computer and a relatively-affordable headset, like this one from HP.

Microsoft’s also making a big push for 3-D objects, starting with Paint 3D (pour one out for the OG). With the Creators Update, the new Mixed Reality Viewer can plug any 3-D object into the world around you, so you can see what your funky new cartoon character would look like strutting down the boulevard.

Not into 3-D pictures or VR? You should still update your computer, because in addition to the standard security fixes you’d get, there are some neat little things to sink your teeth into. Windows can now talk with your Android phone (if you use Microsoft Launcher) so you can start up that memo while you’re on the train, then finish it when you get to the office. There’s also a bunch of new features that make using your computer just a little bit easier to use. You can annotate eBooks in Edge, pin your favorite contacts and websites to your taskbar, and even get better protection from ransomware. You’ll also be able to customize your computer’s balance between performance and battery life based on your needs, and people with disabilities can use the new Eye Control feature to move the mouse just by looking around.

How Do I Get It?

Ready to dive in? Rad. First, you need to make sure your computer’s geared up for that shiny new OS. It’ll need at least a 1 GHz processor, 1GB of RAM for the 32-bit version or 2GB for the 64-bit variant, and at least 16 GB of free storage for the 32-bit version and 20 GB for the 64-bit version. Oh, and don’t forget to backup your computer before getting started. Though, you’ll need a slightly beefier setup if you’re looking to try out all the new mixed reality stuff.

Once the update’s ready, you’ll get a notification to download and install it. Can’t wait until then? Hop over to Microsoft’s website and snag it right away.

[ad_2]

Source link

‘Omerta’ Director Hansal Mehta – Variety

[ad_1]

After a decade-long first innings where he switched between mainstream Bollywood and independent cinema, Indian filmmaker Hansal Mehta took a four-year hiatus and returned with the multiple-award winning indie hit “Shahid” (2012), starring Rajkummar Rao. “Aligarh” (2015), starring Manoj Bajpayee and Rao, won acclaim in Busan and around the world. Following its world premiere at Toronto, Mehta returns to Busan with the Asian premiere of Rao-starrer “Omerta,” a film about British-born, Pakistani terrorist Ahmed Omar Saeed Sheikh who kidnapped and murdered Wall Street Journal reporter Daniel Pearl in 2002.

What made you choose the Ahmed Omar Saeed Shaikh story?

There are uneasy truths that we usually try not to confront. Omar’s story is one such truth. Governments believe that by bombing entire cities and destroying countries they will end radicalism. Instead we need to focus on individuals like him – educated, wealthy and completely radicalized. I see “Omerta” as a companion piece to my earlier film “Shahid.” Both examine individuals beginning with similar angst and embarking on a similar journey to avenge injustice through radicalism. While “Shahid” found his ultimate calling by becoming a champion of human rights, Omar went deeper into the world of terror and eventually spread a trail of violence. The irony of our times is that Shahid is dead while Omar continues to live. For me that is a dangerous sign of our times and this story had to remind us of the times we live in and the need for urgent solutions beyond mass destruction that will only breed more Omars.

Apart from brief sections in India and the U.K., the film is largely set in Pakistan. Given the frosty relationship between India and Pakistan, what were the logistical challenges of a Pakistan-set film?

We had to create Pakistan in areas of Punjab and Delhi. It would have been impossible to shoot in Pakistan even if we overcame logistical challenges because of the way “Omerta” implicates the state in sponsoring individuals like Omar. My production designer Neil Chowdhury and cinematographer Anuj Dhawan have been instrumental in maintaining the overall authenticity and resemblance of locations in the film.

Your latest release, the U.S. set heist caper “Simran,” has polarized critics and audiences. What is your reaction to that?

I was expecting a polarized reaction and it is not any different from the way my second feature “Dil Pe Mat Le Yaar” was received when it released in 2000. Some films and their intent are often understood much after all the hype and noise dies down. I do feel “Simran” will be ultimately seen for what it is – an interesting character study of a young girl who is unapologetically reckless and flawed. History will be kinder to “Simran.”

What are you working on next?

There are scripts that I have been developing with different teams of writers. I’m still exploring themes that excite me both emotionally and politically. I am also writing something that will feature my favorite actor Rajkummar Rao in another interesting part, something that will help us push the envelope and explore newer stories in our filmography.

 

[ad_2]

Source link

French army charter plane crashes in Ivory Coast, four Moldovans killed

[ad_1]

ABIDJAN (Reuters) – Four Moldovan citizens were killed and two others were injured on Saturday when a cargo plane chartered by the French military crashed into the sea near the airport in Ivory Coast’s main city, Abidjan, Ivorian and French officials said.

Four French citizens were also injured in the crash, which occurred as the Antonov 26 plane, en route from Burkina Faso’s capital Ouagadougou, neared the airport, said Sinaly Silue, director general of Ivory Coast’s civil aviation authority.

A witness had earlier told Reuters that the plane crashed shortly after takeoff.

“There were 10 people aboard including six crew members, three French soldiers and a French civilian who was working for the (aviation) company,” Silue said at a news conference. He said the plane was registered in Moldova, but did not name the company.

The control tower in Abidjan lost contact with the plane at 8:24 a.m. (0824 GMT) during a heavy thunderstorm, Silue added.

Abidjan’s airport is located in a heavily populated area but it did not appear that anyone on the ground was hurt.

Rescuers pull the wreckage of a propeller-engine cargo plane after it crashed in the sea near the international airport in Ivory Coast’s main city, Abidjan, October 14, 2017. REUTERS/Luc Gnago

The French military operates a logistics base next to the airport in support of its Barkhane operation, combating Islamist militants in West Africa’s Sahel region.

“This was a plane chartered by the French army in the framework of the Barkhane force in order to carry out logistical missions,” French army spokesman Colonel Patrick Steiger said.

Silue said he did not yet have information about what caused the crash, though he noted that the weather was “very bad” along the approach to the airport.

An investigation had been launched and Ivorian authorities were in contact with their French and Moldovan counterparts, he said. The four injured French citizens were being treated at the French military base adjacent to the airport.

France’s ambassador to Ivory Coast, along with French gendarmes and soldiers, had quickly arrived at the crash site, where hundreds of local residents gathered to look at the wreckage.

Some of them assisted firefighters and rescue divers who had to contend with rough seas as they freed the bodies of the dead from the plane, which had broken into several large pieces.

Reporting by Ange Aboa; Additional reporting by Elizabeth Pineau and Clotaire Achi in Paris; Writing by Joe Bavier and Aaron Ross; Editing by Andrew Bolton

[ad_2]

Source link

Puerto Rico raises Hurricane Maria death toll to 48

[ad_1]

Authorities in Puerto Rico raised the death toll from Hurricane Maria by 3 to 48 on Saturday based on a review of medical records.

The medical examiner concluded that the hurricane was the deciding factor in the three newly disclosed deaths, Secretary of Public Security Hector Pesquera said.

Precise details were not available, but one occurred in the central town of Caguas when a person was unable to get dialysis treatment after the storm knocked out power.

TRUMP WARNS POST-HURRICANE PUERTO RICO, SAYS FEMA WON’T STAY ‘FOREVER’

Another happened in nearby Juncos when a person with undisclosed respiratory problems could not get treatment.

The third occurred in the northern city of Carolina when a person suffering a heart attack was also unable to get treatment.

Pesquera said that the medical examiner is still reviewing all deaths that occurred in island hospitals around the time of the storm and the toll could rise further.

“We are reviewing each and every case to see if the storm was a direct or indirect cause,” he said following a news conference in the capital. “I doubt seriously that we will have any direct at this juncture.”

Maria hit the U.S. island territory Sept. 20 as a category 4 hurricane. The government says about 85 percent of the island remains without power.

FBI IN PUERTO RICO INVESTIGATING MISHANDLING OF FEMA SUPPLIES

Gov. Ricardo Rossello says he is pushing for outside aid to restore electricity and his goal is to have it back for half the island by Nov. 15 and for 95 percent by Dec. 31. But he conceded the task of rebuilding the transmission and distribution network is enormous.

“These are aggressive goals,” Rossello told reporters.

Previously, officials had said it could take as long as March to reach that goal. 

[ad_2]

Source link

Somalia: At least 30 dead in Mogadishu blasts

[ad_1]

Media playback is unsupported on your device

Media captionThe aftermath of the explosion in Mogadishu

A massive bomb attack in a busy area of the Somali capital Mogadishu has killed at least 30 people, police say.

Dozens more were wounded when a lorry packed with explosives detonated near the entrance of a hotel.

Police say two people were killed in a second bomb attack in the Madina district of the city.

It is not clear who staged the attacks. Mogadishu is a regular target for the al-Qaeda linked al-Shabab group, which is battling the government.

Image copyright
Reuters

Image caption

There are fears people are trapped under the rubble

After the first blast, police captain Mohamed Hussein told Reuters news agency: “It was a truck bomb. There are casualties but we do not know the exact amount as the scene is still burning.”

Witnesses told the BBC they believed dozens of people were dead.

A BBC Somali reporter at the scene said the Safari Hotel had collapsed, with people thought to be trapped under the rubble.

Mogadishu resident Muhidin Ali told news agency AFP it was “the biggest blast I have ever witnessed, it destroyed the whole area”.

[ad_2]

Source link

George Clooney’s ‘ER’ costar accused him of ‘blacklisting’ her from Hollywood

[ad_1]

George Clooney’s former “ER” star claimed the A-list star “helped blacklist” her from Hollywood after she reported being harassed on the set.

Vanessa Marquez, 48, who starred as Nurse Wendy Goldman on the long-running hospital drama for the first three seasons, tweeted Tuesday: “B.S. Clooney helped blacklist me when I spoke about harassment on ‘ER.’ ‘Women who don’t play the game lose career.’ I did.”

On Friday, Marquez continued her tweets claiming other “ER” stars were inappropriate to her on set.

“I’ve named them. P—y grabbers: Eriq La Salle, Terence Nightingall. Racial: Anthony Edwards, Noah Wyle and Julianna Margulies.”

GEORGE CLOONEY ‘HEARD RUMORS’ FOR YEARS ABOUT HARVEY WEINSTEIN’S ALLEGED ‘INDEFENSIBLE’ BEHAVIOR

Marquez elaborated on the alleged harassment after a Twitter user asked her to explain.

“Sexual (p—y grabbing) & racial. Mexican jokes EVERY day. Happened to all the women. They chose 2b victims. I fought!” Marquez tweeted.

Marquez tweeted she complained of the indecent behavior to John Wells, one of the show’s executive producer.

Cast members of the television show "ER" pose with their awards for best ensemble of a dramatic television series, February 22, in Los Angeles. From L to R - George Clooney, Anthony Edwards, Gloria Reuben, Noah Wyle, and Laura Innes.

SAG AWARDS - RP1DRIDAPLAC

George Clooney, Anthony Edwards, Gloria Reuben, Noah Wyle and Laura Innes of “ER.”

 (Reuters)

“Wells was the boss & I 1st reported it to him. His 1st question: Did George do something to u?”

After her run on “ER,” Marquez briefly starred in “Malcolm & Eddie” in 1999.

WEINSTEIN SCANDAL – CAN DEMOCRATS AFFORD TO CUT HOLLYWOOD LOOSE?

 

Clooney, who starred on the hit medical drama from 1994 to 1999, released a statement addressing Marquez’s claims, US Weekly reported.

“I had no idea Vanessa was blacklisted,” Clooney said. “I take her at her word. I was not a writer or a producer or a director on that show. I had nothing to do with casting. I was an actor and only an actor. If she was told I was involved in any decision about her career then she was lied to. The fact that I couldn’t affect her career is only surpassed by the fact that I wouldn’t. “

The accusations followed Clooney slamming Harvey Weinstein this week for his alleged sexual misconduct on a number of women, saying the famed Hollywood producer’s behavior was “indefensible” and “disturbing on a whole lot of levels.” Clooney told the Daily Beast he heard rumors about Weinstein’s inappropriate behavior for years.  

[ad_2]

Source link

Logic’s ‘1-800-273-8255’ Gets A Beautiful Bilingual Remix With Juanes

[ad_1]

Chances are, you’ve listened to (and maybe cried along to) Logic’s hit single “1-800-273-8255” a time or two. But just when it started getting engrained in your head, Logic has given it a fresh remix that only elevates its powerful message about suicide prevention.

The Everybody rapper has tapped Colombian superstar Juanes for a Spanish remix of “1-800,” named after the National Suicide Prevention Lifeline. Alessia Cara and Khalid’s original cameos remain in-tact on the new bilingual version, while Juanes reworks the pre-chorus and chorus with his smooth Spanish croon.

“I don’t want to wait for someone to come save me,” Juanes sings in Spanish. “I can’t heal / Let me explain.” He later gets more optimistic, singing, “I want to see you dream / I want to see you fly / Don’t let yourself fall / Don’t feel down.”

Following the remix’s release, Juanes tweeted, “I love being part of a song with such a powerful message. With music, we can help those who are in the dark side of life.” He reiterated the same message in an interview with Billboard, saying, “I think these days when everything’s about dancing and having a good time, it’s fresh to find a hit song like this one that’s talking about serious issues.”

Logic released “1-800-273-8255” in April and and shared the track’s powerful music video in August. That same month, he, Cara, and Khalid performed the song at the 2017 MTV Video Music Awards, surrounded by suicide attempt and loss survivors. Revisit the powerful performance below.

[ad_2]

Source link

How Power Grid Hacks Work, and When You Should Panic

[ad_1]

In 2017, it can sometimes seem like power grids are practically crawling with digital intruders. Over just the last four months, news has emerged that Russian hackers penetrated a nuclear power plant, that the same group may have had hands-on access to an American energy utility’s control systems, that another group of Kremlin hackers used a new form of automated malware to induce a power outage in Ukraine—and now this week, that North Korean hackers breached an American energy utility. Reading those headlines, you’d be forgiven for thinking that hacker-induced blackouts were a near-weekly occurrence, not a twice-ever-in-history event.

But as real as the threat of power-utility hacking may be, not every grid penetration calls for Defcon 1. Responding to them all with an equal sense of alarm is like conflating a street mugging with an intercontinental ballistic missile attack. What’s publicly referred to as a “breach” of an energy utility could range from something barely more sophisticated than a typical malware infection to a nation-state-funded moonshot months or years in the making. Those incidents could also have vastly different consequences, from mere data theft to a potentially catastrophic infrastructure failure.

It’s true that the last several years have seen a “stark spike” in hacking attempts on industrial control systems like power utilities, water, and manufacturing, says Rob Lee, a former NSA analyst who now runs the critical-infrastructure-focused security firm Dragos, Inc. But Lee says it’s crucial to keep a sense of proportion: Of the hundreds of well-funded hacker groups that Dragos tracks globally, Lee says that roughly 50 have targeted companies with industrial control systems. Of those, Dragos has found only six or seven groups that have reached into companies’ so-called “operations” network—the actual controls of physical infrastructure. And even among those cases, Lee says, only two such groups have been known to actually trigger real physical disruption: The Equation Group, believed to be the NSA team that used the Stuxnet malware to destroy Iranian nuclear enrichment centrifuges, and the Sandworm team behind the blackouts in Ukraine.

So when news arises that hackers have merely “penetrated” an energy utility—as North Korean hackers recently did—receive it with those numbers in mind, and not with the assumption that the next Stuxnet or Sandworm has dropped. “This is a world where people can die,” Lee says. “If we come out and say it’s a big deal, it should be a big deal.”

To that end, here’s WIRED’s guide to the different gradations of grid hacking, to help you dial in your panic to the appropriate level for the power-grid penetrations to come. And there will be more.

Step One: Network Breach

When government agencies or the press warn that hackers have compromised a power utility, in the vast majority of cases those intruders haven’t penetrated the systems that control the flow of actual power, like circuit breakers, generators, and transformers. They’re instead hacking into far more prosaic targets: corporate email accounts, browsers, and web servers.

Those penetrations, which typically start with spearphishing emails, or “watering hole” attacks that infect target users by hijacking a website they commonly visit, don’t necessarily differ from traditional criminal or espionage-focused hacking. Most importantly, they don’t generate the means of causing any physical damage or disruption. In some cases, the hackers may be performing reconnaissance for future attacks, but nonetheless don’t get anywhere near the actual control systems that can tamper with electricity generation or transmission.

‘This is a world where people can die. If we come out and say it’s a big deal, it should be a big deal.”

Rob Lee, Dragos Inc

Earlier this week, for instance, a leaked report from security firm FireEye raised alarms when it revealed that North Korean hackers had targeted US energy facilities. A followup report from security news site Cyberscoop asserted that at least one of those attempts successfully penetrated a US utility. But a subsequent FireEye blog post indicated that its analysts had only found evidence that the hackers had sent a series of spearphishing emails to its intended victims—a fairly routine hacking operation that doesn’t appear to have come close to any sensitive control systems.

“We have not observed suspected North Korean actors using any tool or method specifically designed to compromise or manipulate the industrial control systems (ICS) networks that regulate the supply of power,” FireEye’s statement reads. “Furthermore, we have not uncovered evidence that North Korean-linked actors have access to any such capability at this time.”

North Korea no doubt has ambitions to wield power over US grid systems, and the fact that they’ve taken the first step is significant. But for now those attacks—and any others that stop at the level of IT compromise—should be seen at worst as foreboding, rather than an imminent threat of hacker blackouts.

Step Two: Operational Access

Hackers poking around an energy firm’s IT system should cause some concern. Hackers poking at operational technology systems, or what some security experts call OT, is a far more serious situation. When hackers penetrate OT, or gain so-called operational access, they’ve moved from the computer systems that exist in practically every modern corporation to the far more specialized and customized control systems for power equipment, a major step towards manipulating physical infrastructure.

In one recent hacking campaign, for instance, Symantec revealed that a group of hackers it named DragonFly 2.0—possibly the same Russian group reported earlier in the summer to have broken into a US nuclear facilityhad gained operational access to a “handful” of US energy firms. The intruders had gone so far as to screenshot the so-called human-machine interfaces for power systems, likely so that they could study them, and prepare to start flipping actual switches to launch a full-on grid attack.

“Evidence of a phish attempt and probably infection is one step in a ladder,” says Mike Assante, a power-grid security expert and instructor at the SANS Institute, asecurity-focused training organization. “Scrapes from an HMI is a few rungs up the access scale,” Assante says, contrasting the recent North Korean phishing with the Dragonfly 2.0 attack.

In theory, OT systems are “air-gapped” from IT systems, with no network connections between the two. But with the exception of nuclear power plants, which strictly regulate their operational systems’ disconnection from outside networks, that air-gap is often more permeable than it ought to be, says Galina Antova, a co-founder of the industrial control system security firm Claroty. She says that Claroty has never analyzed an industrial control facility’s setup and not found a “trivial” way in to its OT systems. “Just by mapping the network, we can see the pathway from IT to OT,” she says. “There are ways of getting in.”

But Dragos’ Lee counters that given the small proportion of hackers that actually do manage to cross that gap, it’s hardly a trivial distinction. That’s in part because while IT systems are somewhat standardized, OT systems are more customized and esoteric, making them far less familiar. “They can basically practice and train so that they can completely compromise IT networks,” Lee says. “If they want to get to operations networks, it’s going to be weird equipment and weird setups, and they’re going to have to learn that.”

Step Three: Coordinated Attack

Even when intruders have “hands-on-the-switches” access to grid control systems, Lee says, using that access effectively is far harder than it might seem. In fact, he argues that all actions ahead of flipping that switch are just a preparatory stage that represents only about 20 percent of the hackers’ work.

Beyond the obscurity of whatever equipment setup a utility may have, Lee points out that its physical processes can require real expertise to manipulate, as well as months more effort and resources—not just opening a few circuit breakers to cause a blackout. Even after hackers gain access to those controls, “I can confidently say they’re still not at a stage to turn off the power,” Lee says. “They could turn off some [circuit] breakers, but they’d have no understanding of the effect. They might be stopped by a safety system. They don’t know.”

In the Ukrainian blackout of late 2015, the first-ever confirmed case of hackers causing a power outage, for instance, the intruders manually opened dozens of circuit breakers at three different facilities across the country, using remote access to electric distribution stations’ control systems—in many cases by literally hijacking the mouse controls of the stations’ operators. Analysts who responded to the attack believe it likely required months of planning and a team of dozens working in coordination. Even so, the blackout it caused lasted just six hours, for roughly a quarter-million Ukrainians.

Hackers essentially have to chose between the scope and duration of a blackout, Lee says. “If they wanted to do the full Eastern Interconnect, that’s exponentially more resources,” he says, referring to the grid that covers nearly the full eastern half of the US. “And if they want to take it down for a full week, that’s an exponential of an exponential.”

Some grid hackers do appear to be putting in the work to plan a wider, more disruptive operation. The second Ukrainian blackout attack used a piece of malware known as Crash Override, or Industroyer, capable of automating the process of sending sabotage commands to grid equipment, and built to be adapted to different countries’ setups so that it could be deployed broadly across multiple targets.

That specimen of ultra-advanced grid hacking malware is troubling. But it’s also extraordinarily rare. And there’s a significant gap between a piece of Black Swan malware and the dozens number of grid-penetration incidents that often amount to little more than spearphishing. No power grid breach is a good thing. But better to recognize the difference between a dress rehearsal and the main event—especially when there are more of those events on the horizon.

[ad_2]

Source link