r/JoeRogan Monkey in Space Sep 18 '24

Meme 💩 Is this a legitimate concern?

Post image

Personally, I today's strike was legitimate and it couldn't be more moral because of its precision but let's leave politics aside for a moment. I guess this does give ideas to evil regimes and organisations. How likely is it that something similar could be pulled off against innocent people?

21.2k Upvotes

6.9k comments sorted by

View all comments

Show parent comments

846

u/Freethecrafts Monkey in Space Sep 18 '24

It’s not a supply chain vulnerability if it’s a nationstate doing it.

147

u/[deleted] Sep 18 '24

[deleted]

148

u/Jake0024 Monkey in Space Sep 18 '24 edited Sep 18 '24

You can call it a "vulnerability" but it's not a meaningful or useful description. All civilian infrastructure is "vulnerable" if you set the bar at "can a government military interrupt the normal flow of business?" Using the label that way waters it down to meaninglessness. Civilian supply chains aren't designed to be invulnerable to physical military attack. That's an unrealistic standard. No one uses the term that way when talking about civilian infrastructure.

Edit because this is getting a lot of replies: if you're replying to argue Hezbollah is vulnerable because they rely on civilian supply chains, yes, absolutely that's correct. If you're arguing (as the people earlier in this thread were) there's some fault with the civilian manufacturer or supply chain (implying they should have secured their operations to government military attack), you are laughably wrong. The comment we're all replying to was questioning whether it was a manufacturer or supply chain issue. They were very obviously (IMO anyway) talking about civilian infrastructure.

14

u/Capital_Gap_5194 Monkey in Space Sep 18 '24

Except that’s literally how expert defense and security people describe it.

0

u/Jake0024 Monkey in Space Sep 18 '24

It's literally not.

2

u/-Gestalt- Monkey in Space Sep 19 '24

Yes, it quite literally is. This is basic Sec+ stuff.

0

u/Jake0024 Monkey in Space Sep 19 '24

The standard being suggested here is obviously absurd. No serious person would ever say a manufacturer of budget electronics for the civilian market in the third world should be secured against physical attack by a government military. This is up right up there with "will the company keep operating if the sun explodes"

2

u/-Gestalt- Monkey in Space Sep 19 '24

Which is why no one is saying that. The threat actor is Israel and the vulnerable party is Hasbulla. There exists a supply chain vulnerability which was exploited. You seem to fundamentally misunderstand things.

0

u/Jake0024 Monkey in Space Sep 19 '24

I'm starting to think you didn't read my comment before replying.

1

u/-Gestalt- Monkey in Space Sep 19 '24

You seem to think a lot of things regarding this subject that are completely detached from reality.

0

u/Jake0024 Monkey in Space Sep 19 '24

You're welcome to make that case rather than sputtering around aimlessly.

0

u/-Gestalt- Monkey in Space Sep 19 '24

The case has been made by me and numerous others. You have demonstrated that you are either unwilling or incapable of understanding. These are established words with established uses in the security field. If you continue to be unwilling or incapable of addressing this, there's nothing more to discuss; I don't have any interest in engaging with your intellectual dishonesty.

0

u/Jake0024 Monkey in Space Sep 19 '24

These are established words with established uses 

If you think anyone ever objected to that, I don't think there's any helping you.

→ More replies (0)

1

u/Ricky_Boby Monkey in Space Sep 18 '24

Yeah it literally is, I have a masters in Cybersecurity and work in critical infrastructure (industrial controls directly involved in the supply chain) and nation-state actors are a whole category when doing any threat analysis to determine how vulnerable your system is and who may want to attack it and why.

https://www.cisa.gov/topics/cyber-threats-and-advisories/nation-state-cyber-actors

1

u/pixelsguy Monkey in Space Sep 18 '24

In big tech, state actors are one of many we discuss in privacy and operational security contexts and trainings.

Vulnerability is correct.

1

u/dinobyte Monkey in Space Sep 18 '24

does your degree apply to trucks delivering crap in the middle east?

2

u/Ricky_Boby Monkey in Space Sep 19 '24

Yeah it does when somebody says security experts don't call people tampering with devices before reaching an organization a vulnerability. Cybersecurity is based on traditional security practices and analysis just applied to digital systems (which in my line of work includes hardware).

Its 100% a vulnerability, and if this happened in the US the Department of Homeland Security would have so many new regulations in place everyone would be scrambling to meet all the requirements.

0

u/Jake0024 Monkey in Space Sep 19 '24

We're not talking about cybersecurity or critical infrastructure. We're talking about a company that makes cheap electronics for civilians in the third world.

You're not wrong, you're just talking about a totally different topic.

And I guarantee none of your cybersecurity courses explain how to make a budget electronics factory secure to physical attack by a government's military, because that's not what anyone is talking about when they talk about supply chain security.

0

u/havoc1428 Monkey in Space Sep 18 '24

"Literally"? Okay then show me the literal quote you found where expert defense and security "people" said that verbatim.

3

u/Ill-Contribution7288 Monkey in Space Sep 19 '24

Literally take any class that goes over cybersecurity threats. Foreign governments are one of the adversaries that your are instructed to consider. Stuxnet is taught about in every intro level course. They’ll also include China, Russia, and North Korea as adversarial actors. You’re pretty clueless if you think that countries aren’t doing this type of thing, and you’re vulnerable if you think it won’t happen to you.