Electric Grids Targeted For Cyber Attacks

Uploaded on 2020-01-24 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Energy

Some of the world's most dangerous hackers have zeroed in on the US power sector. Currently the electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems and operations technology for a variety of purposes.

 Attacks on electric systems, like attacks on other critical infrastructure sectors, can further an adversary’s criminal, political, economic, or geopolitical goals. 

As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases.

A power disruption event from a cyberattack can occur from multiple components of an electric system including disruptions of the operational systems, targeting enterprise environments to achieve an enabling attack through interconnected and interdependent IT systems, or through a direct compromise of cyber digital assets. According to a report by dragos.com, an Iranian-sponsored hacking group called Magnallium has been trying to get access to American electric utilities for at least a year. 

Also another hacking group called Xenotime has been spotted hitting US electric utilities with "reconnaissance and potential initial access operations" since late last year.The hacking group, infamous for infecting the safety systems of a Saudi petrochemical plant with highly specialised, life-threatening malware two years ago, isn't known to have broken through to the sensitive controls of US power plants or substations.

The hackers have been trying to guess passwords for hundreds of accounts linked to US electric utilities, plus oil and gas firms, a technique known as “password-spraying.” This chimes with findings from Microsoft, which revealed it had seen a similar campaign in November 2019.

According to industry sources It’s unlikely the hackers currently have the ability to cause blackouts in the US, but they could potentially still disrupt a power station’s computer network. 

In March 2019, hackers did use firewall vulnerabilities to cause periodic “blind spots” for grid operators in the western US for about 10 hours. It was the first known time a cyberattack has caused that kind of disruption, which, did not affect the actual flow of electricity, at a US power grid company. 

Infrastructure owners need to be constantly vigilant about cybersecurity and make sure their employees are following basic security advice, such as using strong, unique passwords, as well as adopting more sophisticated protection.

E&ENews:           ZDNet:           I-HLS:

You Might Also Read:

Iran's Cyberwar Response To Its General's Killing:

Foreign Cyber Intrusions On The USA:

 

 

« US Cyber Command Hacked ISIS
US Cyber Command Is A Tool Of Foreign Policy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Black Duck Software

Black Duck Software

Black Duck Hub allows organizations to manage open source code security as well as license compliance risks.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

Salient CRGT

Salient CRGT

Salient CRGT is a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

ReconaSense

ReconaSense

ReconaSense helps protect people, assets, buildings and cities with its next-gen access control and converged physical security intelligence platform.

Red Points

Red Points

Red Points protects your brand and content in the digital environment.

YesWeHack

YesWeHack

YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered) to identify and report vulnerabilities in their systems.

Polaris Infosec

Polaris Infosec

Polaris Web Presence Protection (WPP) is powered by our proprietary artificial intelligence and machine learning engine to ensure that attacks are stopped before they affect your business.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

PixelQA

PixelQA

Are you looking for a security testing company to cross-check whether your software or mobile app has a possible security threat or not?

NeuroID

NeuroID

NeuroID combines the power of industry-leading behavioral analytics with advanced device and network intelligence to create your first line of defense against malicious bots, bad actors, and fraud.