Electric Grids Targeted For Cyber Attacks

Uploaded on 2020-01-24 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Energy

Some of the world's most dangerous hackers have zeroed in on the US power sector. Currently the electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems and operations technology for a variety of purposes.

 Attacks on electric systems, like attacks on other critical infrastructure sectors, can further an adversary’s criminal, political, economic, or geopolitical goals. 

As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases.

A power disruption event from a cyberattack can occur from multiple components of an electric system including disruptions of the operational systems, targeting enterprise environments to achieve an enabling attack through interconnected and interdependent IT systems, or through a direct compromise of cyber digital assets. According to a report by dragos.com, an Iranian-sponsored hacking group called Magnallium has been trying to get access to American electric utilities for at least a year. 

Also another hacking group called Xenotime has been spotted hitting US electric utilities with "reconnaissance and potential initial access operations" since late last year.The hacking group, infamous for infecting the safety systems of a Saudi petrochemical plant with highly specialised, life-threatening malware two years ago, isn't known to have broken through to the sensitive controls of US power plants or substations.

The hackers have been trying to guess passwords for hundreds of accounts linked to US electric utilities, plus oil and gas firms, a technique known as “password-spraying.” This chimes with findings from Microsoft, which revealed it had seen a similar campaign in November 2019.

According to industry sources It’s unlikely the hackers currently have the ability to cause blackouts in the US, but they could potentially still disrupt a power station’s computer network. 

In March 2019, hackers did use firewall vulnerabilities to cause periodic “blind spots” for grid operators in the western US for about 10 hours. It was the first known time a cyberattack has caused that kind of disruption, which, did not affect the actual flow of electricity, at a US power grid company. 

Infrastructure owners need to be constantly vigilant about cybersecurity and make sure their employees are following basic security advice, such as using strong, unique passwords, as well as adopting more sophisticated protection.

E&ENews:           ZDNet:           I-HLS:

You Might Also Read:

Iran's Cyberwar Response To Its General's Killing:

Foreign Cyber Intrusions On The USA:

 

 

« US Cyber Command Hacked ISIS
US Cyber Command Is A Tool Of Foreign Policy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

RIVA Solutions

RIVA Solutions

RIVA provides innovative best practices in IT and management consulting, program support services and emerging technologies.

Infosecurity Europe

Infosecurity Europe

Infosecurity Europe is Europe’s number one information security conference and exhibition.

FlashRouters

FlashRouters

FlashRouters offers DD-WRT compatible router models with improved performance, privacy/security options, and advanced functionality.

Ministry of Defence Georgia - Cyber Security Bureau

Ministry of Defence Georgia - Cyber Security Bureau

The aim of the Cyber Security Bureau is to establish and develop stable, effective and secure Information and Communication Technology systems for the Civil Office of MoD of Georgia.

TechDefence Labs

TechDefence Labs

TechDefence Labs provide pentesting and security assessment services for networks, web apps, mobile apps and source code reviews.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

RCDevs

RCDevs

RCDevs is an award-winning Software company providing security solutions designed for modern enterprise technologies and suited for SMEs to large corporations.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Cyberi

Cyberi

Cyberi provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance to incident management and response, and technical security research.

Factmata

Factmata

Factmata is an social and news media monitoring and analytics product that uses AI to identify and track narratives online, highlighting those most likely to cause brand harm or misinform the public.

Central Intelligence Agency (CIA)

Central Intelligence Agency (CIA)

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

IDVerse

IDVerse

IDVerse is focused on making user verification effortless through technology. We build intelligent tools that protect users from identity fraud while enabling a seamless user experience.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.