US Power Grid Attack – No Harm Done. This Time

Uploaded on 2019-09-16 in FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy

A cybersecurity incident that impacted a US power grid entity earlier this year was not as dangerous as initially thought, the North American Electric Reliability Corporation (NERC) has said. 

In a report highlighting the "lessons learned" from a past incident, NERC said hackers repeatedly caused firewalls to reboot for about ten hours, on March 5, 2019. The incident impacted firewalls deployed at multiple power generation sites operated by a "low-impact" operator and did not cause any disruption in the electric power supply.

The incident only impacted network perimeter firewalls, which, on March 5, were mysteriously going down for periods of up to five minutes. The firewall reboots continued for hours, prompting the power grid operator to start an investigation. 

"Subsequent analysis determined that the reboots were initiated by an external entity exploiting a known firewall vulnerability," NERC said.

The power grid operator eventually discovered that they had failed to apply firmware updates for the firewalls that were under attack. The reboots stopped after the operator deployed the proper patches. 

The operator blamed its failure to apply the firewall security updates on the lack of a proper firmware review process to vet security updates before being deployed. 

Work was being done on standardising such process, but the procedure had not been ready in time, resulting in a bottleneck of firmware updates not being reviewed and deployed. The incident didn't result in a major intrusion; however, NERC intentionally highlighted the March 2019 attacks in order to draw attention to the fact that many companies may not be deploying firmware updates in a timely manner, resulting in security holes being opened on their networks. NERC lays out a series of recommendations on dealing with firewalls and patches in its private report.

Wired:        NERC EENews:

You Might Also Read: 

UK Power Outage - The Cyber Effect?:

Improving Electric Power-Grid Security:

 

 

« 10 Predictions For The IoT Future
EU Crackdown On Cyber Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Prosperon Networks

Prosperon Networks

Prosperon Networks support SMB to Enterprise networks through the provisioning of network monitoring software, customisation, consultancy and installation.

Bugcrowd

Bugcrowd

As leaders in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities.

Cybersecurity Association of Maryland (CAMI)

Cybersecurity Association of Maryland (CAMI)

CAMI’s mission is to create a global cybersecurity marketplace in Maryland and generate thousands of high-pay jobs through the cybersecurity industry.

Vehere

Vehere

Vehere specialises in mission critical signals aquisition and analytics platform and cyber defence systems.

Danish Maritime Cybersecurity Unit

Danish Maritime Cybersecurity Unit

The Danish Maritime Cybersecurity Unit is tasked with delivering the initiatives set out in the Cyber and Information Security Strategy for the Maritime Sector.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

ConnectWise

ConnectWise

The Unified ConnectWise Platform offers intelligent software and expert services to easily run your business, deliver your services, secure your clients, and build your staff.

Kinetic Investments

Kinetic Investments

Kinetic Investments is a venture capital firm dedicated to early-stage companies that are transforming the digital landscape.

CloudBolt Software

CloudBolt Software

CloudBolt provide solutions for your toughest cloud challenges. From automation, to cost and security, and hybrid IT governance — we have you covered.

Cardonet

Cardonet

Cardonet is an IT Support and IT Services business offering end-to-end IT services, 24x7 IT Support to IT Consultancy, Managed IT and Cyber Security.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

CSIOS Corp.

CSIOS Corp.

At CSIOS we help our customers achieve and sustain information and cyberspace superiority through a full range of defensive and offensive cyberspace operations and cybersecurity consulting services.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

Rhodian Group

Rhodian Group

Rhodian Group (formerly Adar) specialize in providing Technology, Cybersecurity, and Compliance services to the insurance industry.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.