St. Paul, MN was hacked so badly that the National Guard has been deployed
- Thread starter JournalBot
- Start date
If I could double upvote this comment I would.
Let's focus on the simple stuff. That would go a long way towards preventing these sorts of attacks. Sure, Golden Dome may save our asses, but me thinks "losing" the war will be a lot more mundane. Like, we have no expertise left in the US due to brain drain. Or, our economy is in shambles due to the commander in grift and his ilk. Or, we slowly cook and die from climate change. Or, we get wiped out from the next plague thanks to worm boy and his posse. Not headline material, but odds are in my mind that's how it's going to go down.
It's just so frustrating because of how stupid and preventable a lot of this is.
Upvote
32
(33
/
-1)
I don't actually have to, because your screenshot says it already. Actually READ Title 32. Federally funded but they remain under State control, not federal.
Upvote
13
(17
/
-4)
Or as we in the Navy liked to call them, the JV Navy, or just the junior varsity squad ;p
Upvote
2
(5
/
-3)
Former 9-1-1 dispatcher, EMT, and firefighter. Our dispatch center could always rely on another center to take over in case we were down; likewise we could do the same for them. This included phone calls and radio traffic and was 20 years ago.
Additionally, you have those working in emergency services that are also HAM trained. They typically have additional radios that could be used if communications were to completely go down.
Dispatching with only a radio, paper, and pen isn’t the funnest when the computer systems are down, but it isn’t impossible.
Upvote
22
(22
/
0)
Any word on how the attack was carried out, and can it be prevented from reoccurring?
Upvote
17
(17
/
0)
Well, in WWII it was the Navy Seebees who went in and built the runways while under fire so the Marines could fly in.
Upvote
11
(11
/
0)
Naw, we're all too busy arguing about the National Guard to actually discuss things more pertinent to the story.
Upvote
48
(48
/
0)
Insurance Corps do have some best practices things one has to implement before they will insure.
The depth of most people's, company's, and government's threat surface to attacks is incredible. There are times I'm amazed computers and the internet operate as well as they do.
Sometimes the breach is an old fashioned attack against a poorly coded .php page, or a pretty boneheaded SQL injection. Or an unpatched server somewhere that gave them a foothold. Or a system that somebody had physical access to who shouldn't have who had a USB drive.
Sometimes the threat actor is more insidious than that and has managed to get into one's infrastructure, like a switch, in a way that just applying common patches wouldn't have solved.
Upvote
10
(10
/
0)
So, my earlier statement to somebody else about 'every previous time the Guard has been unilaterally federalized without the governor's consent was illegal. No exceptions.' ...has exceptions. I'm not perfect, and I don't remember everything. All of those exceptions come down to the Insurrection Act and, more importantly in my mind, protecting constitutional rights when the state governor actively refused to do so. Taking the list you so helpfully provided, and refreshing my memory on the details of each of those entries, here is my hot-take on each:
For each of the No's, they were either a valid invocation of the Insurrection Act, or the governor gave their authorization to federalize their National Guard troops. Those "Yes" entries might surprise you, especially with two of them having the governor's authorization, but the reason I believe those actions to be illegal are not because I think it was an invalid invocation of the Insurrection Act, or because the POTUS didn't have permission from the State. It's because the POTUS also deployed federal military forces against US civilians in violation of the Posse Comitatus Act. Well, except for that last one. That last one is a stand out for 1) Not invoking the Insurrection Act, though he wouldn't have been justified in doing so if he had, 2) not having the state's authorization to federalize the Guard, and 3) also violating Posse Comitatus Act. It was an Authoritarian Trifecta. This one took me a while, but it was actually kind of fun.
Upvote
18
(23
/
-5)
6 year olds have state-issued IDs in your city? Is it free, like a library card?
Upvote
17
(17
/
0)
If the fed wanted to prove it is vaguely competent they would build a hardened database to centralize city data. Sadly another yahoo like Trump is likely to show up and decide that infrastructure is a scam and gut it. Still it is nice to dream of a future with a competent government.
Upvote
-14
(0
/
-14)
Will be interesting to see what caused this. The USA really needs to start focusing on cyber security help for business and state entities. The budgets are so crazy tight that even if all the right decisions are made at the tech level, they are rarely ever funded well enough to be properly implemented. Then on top of it we have systems that are so full of holes that you need secondary and tertiary systems to plug those holes...only to find those have holes as well.
New standards for companies in this industry to actually stand by, and OS systems need to be on there, as well as financial help to get them in place and funded ongoing to prevent issues. Otherwise it will always come down to a boss looking at the bottom line, not listening when a tech says their security has an issue, or they need more help, and then boom.
New standards for companies in this industry to actually stand by, and OS systems need to be on there, as well as financial help to get them in place and funded ongoing to prevent issues. Otherwise it will always come down to a boss looking at the bottom line, not listening when a tech says their security has an issue, or they need more help, and then boom.
Upvote
11
(12
/
-1)
The original post was claiming that the reason the NG shouldn’t be deployed overseas was that it interferes with the only duties they really have, which are domestic ones. I pointed out that that is an entirely false understanding of both the history and intent of the NG. If someone is claiming that the role of the NG should be changed, then they should say that, and not merely make counter factual claims about the NG’s actual role.
Upvote
-2
(3
/
-5)
Upvote
-18
(1
/
-19)
I'm not even familiar with the military but once I had a coast guard dude leave his phone in my car. I brought it to the armory the next morning and the gate was open with no one in the guard shack. I just drove into the base without even stopping.
Upvote
-6
(1
/
-7)
We love our coasties up here in Western Oregon...amazing the things they do on a daily basis in the Pacific
Upvote
13
(13
/
0)
WW3 isn’t going to start with a mushroom cloud, it’ll start with everyone saying “why’d the power go out, hmmm waters stopped too” etc.
Upvote
21
(22
/
-1)
They undoubtably do, it would be financially suicidal not to.
Upvote
4
(4
/
0)
Yes... But if the US or EU took that path we would have been in a hot war with NK, China, and Russia for close to a decade and more in some instances. We know state actors involved but no one wants to pull triggers because of the escalation
Upvote
0
(3
/
-3)
This is one of many reasons to boost taxes on the wealthy so that our governments have the funds to do what they need to do. Failures in cybersecurity have the potential to really damage businesses and that will hurt those rich guys. MAGA wants to go back to the 1950s? Let’s go back to the 1950s much higher taxe rates on upper incomes.
Upvote
23
(24
/
-1)
Why does each city have to have its own cybersecurity plan/software?
This sounds more expensive and bound to be innefective for poorer/smaller coties/towns.
Why not have a state/nation wide top of the line solution that each city can buy into for a fraction of the cost?
This sounds more expensive and bound to be innefective for poorer/smaller coties/towns.
Why not have a state/nation wide top of the line solution that each city can buy into for a fraction of the cost?
Upvote
8
(10
/
-2)
They should have used gopher! https://meincmagazine.com/tech-policy/2009/11/the-web-may-have-won-but-gopher-tunnels-on/
Upvote
8
(9
/
-1)
An opinion, but ahistorical. The Congress established the Guard, by law, as available for service in overseas forever wars in the National Defense Act of 1916.
Last edited:
Upvote
-9
(2
/
-11)
They don't. NIST publishes a whole raft of security guidelines that states/cities/businesses are free to use. They're not perfect, but they do point projects in a generally better direction and at least get people thinking about the need and costs associated with reasonable security. Unfortunately, Federal space is the only place where I think FISMA compliance is mandated. Would like to be wrong though.
Upvote
21
(21
/
0)
Upvote
7
(7
/
0)
Upvote
0
(1
/
-1)
It is not all clear that presidential deployment of the CA Guard without the governor's permission is illegal.U.S. Code
Title 10
Subtitle E
PART II
CHAPTER 1211
§ 12406
"Whenever—
(1) the United States, or any of the Commonwealths or possessions, is invaded or is in danger of invasion by a foreign nation;
(2) there is a rebellion or danger of a rebellion against the authority of the Government of the United States; or
(3) the President is unable with the regular forces to execute the laws of the United States;
the President may call into Federal service members and units of the National Guard of any State in such numbers as he considers necessary to repel the invasion, suppress the rebellion, or execute those laws. Orders for these purposes shall be issued through the governors of the States or, in the case of the District of Columbia, through the commanding general of the National Guard of the District of Columbia.
"California is correct that there must be some role for the state in issuing federal orders under § 12406. And it is certainly correct that, on Saturday, when the authority was invoked, there was not plausibly a rebellion in Los Angeles, under any reasonable interpretation of the term. But the state likely overstates the governor’s legally required role in this process. And it remains unclear whether courts will have the appetite to adjudicate the substantive meaning of “rebellion” under the act.
"This brings us to 10 U.S.C. § 12406, a mobilization authority provided in Chapter 1211 of Title 10. Recall that this statute authorizes the president to call members of the National Guard into federal service in three circumstances:
- Actual or threatened foreign invasion.
- Actual or threatened rebellion “against the authority of the Government of the United States[.]
- When the President is unable with the regular forces to execute the laws of the United States."
https://www.lawfaremedia.org/articl...zing-the-national-guard-under-10-u.s.c.-12406
"SUBJECT: Department of Defense Security for the Protection of Department of Homeland Security Functions
"Numerous incidents of violence and disorder have recently occurred and threaten to continue in response to the enforcement of Federal law by U.S. Immigration and Customs Enforcement (ICE) and other United States Government personnel who are performing Federal functions and supporting the faithful execution of Federal immigration laws. In addition, violent protests threaten the security of and significant damage to Federal immigration detention facilities and other Federal property. To the extent that protests or acts of violence directly inhibit the execution of the laws, they constitute a form of rebellion against the authority of the Government of the United States.
"In light of these incidents and credible threats of continued violence, by the authority vested in me as President by the Constitution and the laws of the United States of America, I hereby call into Federal service members and units of the National Guard under 10 U.S.C. 12406 to temporarily protect ICE and other United States Government personnel who are performing Federal functions, including the enforcement of Federal law, and to protect Federal property, at locations where protests against these functions are occurring or are likely to occur based on current threat assessments and planned operations."
https://www.whitehouse.gov/presiden...of-department-of-homeland-security-functions/
TLDR: By Title 10 of federal law, there are cases in which the president can "federalize" the Guard without a Governor's permission. It's unlikely that that today's federal courts will weigh in to find that what Presidnet Trump has done here was illegal.
Last edited:
Upvote
-18
(2
/
-20)
By "Coasties" I guess you mean the Coastguard?
(The UK doesn't have an equivalent - our Coastguard is purely civilian and don't carry guns. Sort of an official adjunct to the Lifeboat Service (wholly non-Governmental and funded by the public. True heroes who save people at sea because it's the right thing to do. Got into hot water recently amongst the frothing RWNJs for daring so save some illegal immigrants whose boat was sinking)
Upvote
17
(19
/
-2)
Bar code? How terribly modern!
When I was using the library, the librarian would take the cards from the front pocket of the book, stamp them with my card number then put them into the appropriate date section of their filing system (two weeks per book..)
At one point (somewhere round 1980-84) I was visiting most of the libraries in the Borough of Barnet and taking my maximum of 6 books from each - the libraries didn't cross-check card use between libraries because everything was a manual process. Lot of cycling involved!
Upvote
5
(6
/
-1)
Past episodes of Burning and Looting during power outages, social unrest, natural disasters, etc. Not outside the realm of possibility that a hack like this could be a planned prelude to stealing something(s).
Oh, and try to convince the owners of businesses and homes burned and looted after Police were ordered out of several square miles of LA after the Rodney King events that Police leaving weren't a contributing factor to the loss of their property.
Upvote
-14
(3
/
-17)
I've known quite a few people that work in the OKNG's J6 and Cyber teams (I used to be the Automations NCO for the 45IBCT years ago) and, while I can't speak for MNNG, I can say that a lot of the full timers up there could've easily got better paying jobs in the civilian sector, but the benefits package for being AGR and/or state techs is nothing to be trifled with. Between double-dipping and paying to transfer time, those folks can easily have two retirement pensions by the time they are 50 and be actively pulling them instead of waiting until they are 65, not to mention health care premiums that are astonishingly cheap. Hell, my old supervisor has been in the same role for the last decade mostly because of the healthcare premiums (he's got, like, a half dozen kids).
Upvote
14
(14
/
0)
I don't know about Minnesota, but there is a NG unit specifically trained for cybersecurity response in our state. They've been deployed to cleanup ransomware attacks at state agencies, K-12 schools and higher-ed.
Upvote
17
(17
/
0)