So… yes, it technically is a type 2 VPN as you’ve listed, but it technically isn’t a type 1 VPN, which is what 95% of people think a VPN is.
Sure. But VPNs were around long before the consumer-oriented VPNs were a thing.
spooked
Or they just had one person handling their IT and needed help, and didn’t want to pay an outside contractor.
I’m honestly surprised the National Guard was called at all. If anything, that shows how backwards Minnesota is, or at least the mayor of St. Paul. I’d expect that if my state government got hacked, they’d call in a local cyber security firm to come audit things, and we have plenty of them here (I’m in Utah, so not even a big state). This isn’t a National Guard situation, it’s an independent cyber security audit and FBI situation.
Here’s how I expect this happened:
St. Paul’s small IT team escalated the issue to the mayor because they were overwhelmed
Minnesota Governor (Tim Walz) didn’t know what to do, so he called everyone, including the National Guard
Sure. But VPNs were around long before the consumer-oriented VPNs were a thing.
No argument there, you’re right.
(technically =P)
Or they just had one person handling their IT and needed help, and didn’t want to pay an outside contractor.
Nah, read the links I provided.
It went from the normal IT department, to the city level Emergency Response Team, to the Nat Guard and FBI.
Cities, larger ones anyway … often have their own sort of local mini-FEMA, who have their own capacities to order around other local agencies, but also have a whole bunch of protocols for… who to contact when something exceeds the capacity of everything they can more or less order around with their own authority.
I’m honestly surprised the National Guard was called at all. If If anything, that shows how backwards Minnesota is, or at least the mayor of St. Paul.
I am not in particular familiar with St.Paul specifically… but …
It could overall make sense given the capacities of the city (the Twin Cities, St. Paul + Minneapolis), and them knowing their own constraints.
It could also make sense if they rather rapidly at least suspected a very sophisticated, foreign threat actor.
That second half is kinda most of my argument:
Why would you start up the Military chain of escalation unless you either suspected a potential foreign nation state actor, and/or, critical infrastructure systems were breached, so critical that they’d been previously deemed an actual national security risk, should that happen?
I am not certain of what happened, nor certain of the validity of this logic… but this is my logic, from the original comment.
Sure, they could have just panicked. I don’t know that they did or did not.
But I have worked with people who’ve been employed by, led things like FEMA and DHS and City level emergency response teams, their specialities being the cybersec/netsec variety, and… this seems like actually following a previously outlined set of steps to me.
I’d expect that if my state government got hacked, they’d call in a local cyber security firm to come audit things, and we have plenty of them here (I’m in Utah, so not even a big state).
Ahahah, two things here:
Basically, see what I just wrote above.
Really? Utah, prime recruiting ground for the CIA, Utah, with the largest NSA data center complex in the country, possibly the world, that is archiving essentially all US internal communications they can so they can search through them later if need be, Utah, with more and more corporate datacenters all the time… you don’t class Utah as a big state, in terms of the tech sector?
Perhaps I am misunderstanding you, but I just find that silly.
you don’t class Utah as a big state, in terms of the tech sector?
In terms of military, we have:
one major Air Force base (Hill)
some storage and testing facilities
refueling facility for the Army
That’s it. We have ~3.5M people (~1/100 of US population), and only ~3 metros that matter (SLC, Utah County, St. George). Minnesota has ~5.7M people, so it’s almost twice as big, and the Twin Cities cities area (includes St. Paul) is bigger than the entire population of Utah.
So while Utah punches above its weight in tech, St. Paul area absolutely dwarfs it in population. Surely they have a robust cybersecurity industry there…
The National Guard just seems like a desperate move. When they’re deployed, they take orders from the the federal military, and at peace, monitoring foreign threats seems like a federal thing. You call in the National Guard to put down a riot or something where you just need bodies, not for anything niche. The only way that makes sense is if they think there will be an invasion (angsty/Canadians?) and they need boots on the ground for physical protection. Otherwise, just call a local cybersecurity firm to trace the attack and assess damage.
Sure. But VPNs were around long before the consumer-oriented VPNs were a thing.
Or they just had one person handling their IT and needed help, and didn’t want to pay an outside contractor.
I’m honestly surprised the National Guard was called at all. If anything, that shows how backwards Minnesota is, or at least the mayor of St. Paul. I’d expect that if my state government got hacked, they’d call in a local cyber security firm to come audit things, and we have plenty of them here (I’m in Utah, so not even a big state). This isn’t a National Guard situation, it’s an independent cyber security audit and FBI situation.
Here’s how I expect this happened:
No argument there, you’re right.
(technically =P)
Nah, read the links I provided.
It went from the normal IT department, to the city level Emergency Response Team, to the Nat Guard and FBI.
Cities, larger ones anyway … often have their own sort of local mini-FEMA, who have their own capacities to order around other local agencies, but also have a whole bunch of protocols for… who to contact when something exceeds the capacity of everything they can more or less order around with their own authority.
I am not in particular familiar with St.Paul specifically… but …
It could overall make sense given the capacities of the city (the Twin Cities, St. Paul + Minneapolis), and them knowing their own constraints.
It could also make sense if they rather rapidly at least suspected a very sophisticated, foreign threat actor.
That second half is kinda most of my argument:
Why would you start up the Military chain of escalation unless you either suspected a potential foreign nation state actor, and/or, critical infrastructure systems were breached, so critical that they’d been previously deemed an actual national security risk, should that happen?
I am not certain of what happened, nor certain of the validity of this logic… but this is my logic, from the original comment.
Sure, they could have just panicked. I don’t know that they did or did not.
But I have worked with people who’ve been employed by, led things like FEMA and DHS and City level emergency response teams, their specialities being the cybersec/netsec variety, and… this seems like actually following a previously outlined set of steps to me.
Ahahah, two things here:
Basically, see what I just wrote above.
Really? Utah, prime recruiting ground for the CIA, Utah, with the largest NSA data center complex in the country, possibly the world, that is archiving essentially all US internal communications they can so they can search through them later if need be, Utah, with more and more corporate datacenters all the time… you don’t class Utah as a big state, in terms of the tech sector?
Perhaps I am misunderstanding you, but I just find that silly.
In terms of military, we have:
That’s it. We have ~3.5M people (~1/100 of US population), and only ~3 metros that matter (SLC, Utah County, St. George). Minnesota has ~5.7M people, so it’s almost twice as big, and the Twin Cities cities area (includes St. Paul) is bigger than the entire population of Utah.
So while Utah punches above its weight in tech, St. Paul area absolutely dwarfs it in population. Surely they have a robust cybersecurity industry there…
The National Guard just seems like a desperate move. When they’re deployed, they take orders from the the federal military, and at peace, monitoring foreign threats seems like a federal thing. You call in the National Guard to put down a riot or something where you just need bodies, not for anything niche. The only way that makes sense is if they think there will be an invasion (angsty/Canadians?) and they need boots on the ground for physical protection. Otherwise, just call a local cybersecurity firm to trace the attack and assess damage.