Tag: energy grid

Posted on

Microsoft says attackers are hacking energy grids by exploiting decades-old software

Microsoft has warned that malicious hackers are exploiting a discontinued web server found in common Internet of Things (IoT) devices to target organizations in the energy sector.

In an analysis published on Tuesday, Microsoft researchers said they had discovered a vulnerable open-source component in the Boa web server, which is still widely used in a range of routers and security cameras, as well as popular software development kits (SDKs), despite the software’s retirement in 2005. The technology giant identified the component while investigating a suspected Indian electric grid intrusion first detailed by Recorded Future in April, where Chinese state-sponsored attackers used IoT devices to gain a foothold on operational technology (OT) networks, used to monitor and control physical industrial systems.

Microsoft said it has identified one million internet-exposed Boa server components globally over the span of a one-week period, warning that the vulnerable component poses a “supply chain risk that may affect millions of organizations and devices.”

The company added that it continues to see attackers attempting to exploit Boa flaws, which include a high-severity information disclosure bug (CVE-2021-33558) and another arbitrary file access flaw (CVE-2017-9833).

“The known [vulnerabilities] impacting such components can allow an attacker to collect information about network assets before initiating attacks, and to gain access to a network undetected by obtaining valid credentials,” Microsoft said, adding that this can allow the attackers to have a “much greater impact” once the attack is initiated.

Microsoft said the most recent attack it observed was the compromise of Tata Power in October. This breach resulted in the Hive ransomware group publishing data stolen from the Indian energy giant, which included sensitive employee information, engineering drawings, financial and banking records, client records, and some private keys.

“Microsoft continues to see attackers attempting to exploit Boa vulnerabilities beyond the timeframe of the released report, indicating that it is still targeted as an attack vector,” Microsoft said.

The company has warned that mitigating these Boa flaws is difficult due to both the continued popularity of the now-defunct web server and the complex nature of how it is built into the IoT device supply chain. Microsoft recommends that organizations and network operators patch vulnerable devices where possible, identify devices with vulnerable components, and to configure detection rules to identify malicious activity.

Microsoft’s warning again highlights the supply chain risk posed by flaws in widely-used network components. Log4Shell, a zero-day vulnerability that was last year identified in Log4j, the open-source Apache logging library, is estimated to have potentially affected upwards of three billion devices.

Tata Power, a top power producer in India, confirms cyberattack

Microsoft says attackers are hacking energy grids by exploiting decades-old software by Carly Page originally published on TechCrunch

Posted on

Bitcoin miners are dusting off Kentucky coal towns, spurred by state crypto tax incentives

Bitcoin mining rigs have been arriving in Kentucky by the truckload ever since Governor Andy Beshear passed two laws in March 2021 to incentivize bitcoin miners to establish roots in the southeastern state.

Senate Bill 255 extends the commonwealth’s clean energy-based incentives to miners who provide a minimum capital investment of $1 million, while Kentucky House Bill 230 provides miners a number of tax breaks.

In the year since their passage, Kentucky and mining-focused businesses alike have reaped benefits from the legislation. As of October 2021, Kentucky accounted for 18.7% of the United States’ total Bitcoin hashrate, second to 19.9% in New York, according to data from Foundry Digital, a subsidiary of the crypto giant Digital Currency Group.

Bitcoin mining is a decentralized computational process that allows miners to add new blocks of verified bitcoin transactions to the Bitcoin blockchain. Over the years, bitcoin mining has become more competitive and resulted in miners typically needing expensive equipment and low-cost electricity to profit from their efforts. Out of the 21 million total bitcoin supply, about 90% of bitcoin (about 19 million) has been mined in the past 13 years.

Blockware Solutions, a blockchain infrastructure and cryptocurrency mining firm, announced on Tuesday that it opened its flagship mining facility in Belfry, Kentucky, a town with fewer than 500 people right near the West Virginia border.

“It is my hope that a region known for mining coal will now benefit from this different type of mining,” Kentucky State Representative Angie Hatton said in a statement. “I also hope that its significant electricity needs will help stabilize our steep residential rates. It would mean the world if our families could save money while Blockware Solutions is literally creating it.”

Its Kentucky flagship location is comparable to the size of a Costco and is one of Blockware’s three planned sites in the state, Blockware CEO Mason Jappa told TechCrunch.

“In the economy and region we’re in, the fact that an energy grid exists is awesome, but there aren’t many energy consumers like us in the region, so if we can take down large amounts of energy, we’re adding stability to the grid,” Jappa said.

The data center is repurposing a coal mining site that has been abandoned for decades and will launch with 20 megawatts, which is equivalent to powering a small rural town of 5,000 people annually, he added.

“We found the perfect cocktail of everything we needed: political sustainability, low-cost energy and support in the local economy, as well as it being in an environmentally safe, sound and cool environment,” Jappa said.

Abandoned coal mines aren’t the only locations getting a face-lift. Empty real estate across the country, from steel mills in Illinois to forgotten warehouses in Oklahoma and parts of the Midwest, is being utilized, Nick Hansen, CEO of a Bitcoin hashrate management platform Luxor, told TechCrunch.

“Most of these places have the power capacity built-in by default, which is perfect for bitcoin miners to come in and start using them,” Hansen said. “These old manufacturing towns are turning into bitcoin towns.”

Posted on

Bill Gates offers direction, not solutions

Bill Gates has solved many problems in his (professional) life, and in recent decades, he’s been dedicated to the plight of the world’s poor and particularly their health. Through his foundation work and charitable giving, he’s roamed the world solving problems from malaria and neglected tropical diseases to maternal health, always with an eye toward the novel and typically cheap solution.

It’s that engineering brain and mode of thinking that he brings to bear on climate change in his book “How to Avoid a Climate Disaster: The Solutions We Have and the Breakthroughs We Need” (yes, it’s italicized on the cover — we really do need them). Gates describes a bit of his evolution from software mogul to global health wizard to concerned climate citizen. If you look at challenges like neglected tropical diseases, for instance, climate change abundantly affects the prevalence of mosquitos and other vectors for infection. No one can avoid climate change when analyzing food security in developing nations.

With this early narrative, Gates is attempting to connect perhaps not with climate change skeptics (it’s hard to connect with them on a good day anyway), but instead to build a bridge to the skeptical-but-ready-to-rethink crowd. He admits that he didn’t think much of the problem until he saw its effects first hand, opening the door to at least some readers who may be ready to undertake a similar intellectual journey.

From there, Gates delivers an extremely sober (one could easily substitute dry) analysis of the major components of greenhouse gas emissions and how we get to net zero by removing 51 billion tons of CO2-equivalent emissions per year, which in chapter order are energy production (27%), manufacturing (31%), agriculture (19%), transportation (16%), and air conditioning (7%).

Gates is an engineer, and it shows and it is marvelous. He places a great emphasis throughout the book on understanding scale, of constantly trying to disentangle the numbers and units we hear about in the press and actually trying to understand whether a particular innovation might make any difference whatsoever. Gates offers the example of an aviation program that will save “17 million tons” of CO2, but points out that the figure is really just 0.03% of global emissions and isn’t necessarily likely to scale up more than it already has. With this framing, he’s borrowing the approach of effective altruism, or the idea that charitable dollars should flow to the projects that can provide the biggest verifiable improvement to quality of life for the least cost.

Unsurprisingly, Gates is a capitalist, and his framework for judging each potential solution is to calculate a “Green Premium” for their use. For instance, a carbon-free cement manufacturing process might cost double the more normal carbon-emitting one. Compare those added costs with the actual savings these substitutions would have on greenhouse gas emissions, and voila: you have an instant guide on the most efficient means to solving climate change.

The answer he comes up with tends to be quite portable in the end. Electrify everything, decarbonize electricity, carbon capture what’s left, and be more efficient. If that sounds hard, that’s because it is, and Gates notes the challenges in an aptly-named chapter entitled “This Will Be Hard” which begins with the line “Please don’t let the title of this chapter depress you.” I’m not sure you needed to buy the book to figure that out.

Gates ends up being an end-to-end conservative figure throughout the book. It’s not just his general approach of protecting the status quo, which is obviously latent in solutions which are essentially substitutable tweaks to our way of life and shouldn’t be surprising given the messenger. It’s also the surprising conservatism of his views on the power of technology to solve these problems. For a person who has quite literally invested billions in clean energy and other green technologies, there is surprisingly little magic that Gates proposes. It’s probably realistic, but considering the source, it can feel like pessimism.

Climate Change Books Summer 2021

Read in concert with some of the other books in this group of climate change reviews, and one can’t help but feel a sort of calculated naiveté on the part of Gates, a sense that we should just keep playing our cards a little while longer and see if we get a last-minute royal flush. There are early signs of solutions, but most aren’t ready for scale. Some technologies are already available, but would require prodigious outlays to retrofit cars, homes, businesses, and more to actually impact our emissions numbers. Then there’s everyone outside of the West, who deserve access to modern amenities. It’s all so easy, and yet, so out of reach.

The book’s strengths — and simultaneously its weaknesses — is that it is apolitical, fact-laden and ready to be read by all but the most ardent climate change skeptics. But it also acts as a gateway drug of sorts: once you understand the scales of the problem, the scopes of the solutions, and the challenges of Green Premiums and policy implementation, you’re left with the feeling that there is no way we are going to do this in the next few years anyway, so what’s really the point?

Gates ends the book by saying that “We should spend the next decade focusing on the technologies, policies, and market structures that will put us on the path to eliminating greenhouse gases by 2050.” He’s not wrong, but it’s also an evergreen comment, in a world that won’t be evergreen for much longer.

How to Avoid a Climate Disaster: The Solutions We Have and the Breakthroughs We Need by Bill Gates
Alfred A. Knopf, 2021, 257 pages

See Also

Is the best way to solve climate change to “do nothing?”