Electric Grids Targeted For Cyber Attacks

Uploaded on 2020-01-24 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Energy

Some of the world's most dangerous hackers have zeroed in on the US power sector. Currently the electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems and operations technology for a variety of purposes.

 Attacks on electric systems, like attacks on other critical infrastructure sectors, can further an adversary’s criminal, political, economic, or geopolitical goals. 

As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases.

A power disruption event from a cyberattack can occur from multiple components of an electric system including disruptions of the operational systems, targeting enterprise environments to achieve an enabling attack through interconnected and interdependent IT systems, or through a direct compromise of cyber digital assets. According to a report by dragos.com, an Iranian-sponsored hacking group called Magnallium has been trying to get access to American electric utilities for at least a year. 

Also another hacking group called Xenotime has been spotted hitting US electric utilities with "reconnaissance and potential initial access operations" since late last year.The hacking group, infamous for infecting the safety systems of a Saudi petrochemical plant with highly specialised, life-threatening malware two years ago, isn't known to have broken through to the sensitive controls of US power plants or substations.

The hackers have been trying to guess passwords for hundreds of accounts linked to US electric utilities, plus oil and gas firms, a technique known as “password-spraying.” This chimes with findings from Microsoft, which revealed it had seen a similar campaign in November 2019.

According to industry sources It’s unlikely the hackers currently have the ability to cause blackouts in the US, but they could potentially still disrupt a power station’s computer network. 

In March 2019, hackers did use firewall vulnerabilities to cause periodic “blind spots” for grid operators in the western US for about 10 hours. It was the first known time a cyberattack has caused that kind of disruption, which, did not affect the actual flow of electricity, at a US power grid company. 

Infrastructure owners need to be constantly vigilant about cybersecurity and make sure their employees are following basic security advice, such as using strong, unique passwords, as well as adopting more sophisticated protection.

E&ENews:           ZDNet:           I-HLS:

You Might Also Read:

Iran's Cyberwar Response To Its General's Killing:

Foreign Cyber Intrusions On The USA:

 

 

« US Cyber Command Hacked ISIS
US Cyber Command Is A Tool Of Foreign Policy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Device Authority

Device Authority

Device Authority specialises in security automation for the Internet of Things (IoT).

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

Praetorian

Praetorian

Praetorian is an offensive cybersecurity company whose mission is to prevent breaches before they occur.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

Shorebreak Security

Shorebreak Security

Shorebreak Securioty specialize in conducting highly accurate, safe, and reliable Information Security tests to determine the risks posed to your business.

Privacy Compliance Hub

Privacy Compliance Hub

Privacy Compliance Hub provide an easy to use platform with a comprehensive data protection compliance programme including training, information, templates and reporting.

CyberUp

CyberUp

CyberUp is a nonprofit organization created to strengthen the cybersecurity workforce. We help employers reimagine how they grow and scale their cybersecurity workforce.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.

Airbus Protect

Airbus Protect

Airbus Protect is an Airbus subsidiary bringing together the Company’s expertise in cybersecurity, safety and sustainability-related services.

EVVO LABS

EVVO LABS

EVVO Labs empower your business with the latest IT capabilities to get you ahead of your competitors. We are experts at converging technologies to build your digital transformation.

Compugen Systems Inc (CSI)

Compugen Systems Inc (CSI)

Compugen Systems is an IT service delivery company that focuses on enabling your business outcomes.

Bytium

Bytium

Bytium provides top-tier IT services and solutions designed to empower everyone, from individuals to global corporations. Specializing in cybersecurity and proactive IT management.