Electric Grids Targeted For Cyber Attacks

Uploaded on 2020-01-24 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Energy

Some of the world's most dangerous hackers have zeroed in on the US power sector. Currently the electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems and operations technology for a variety of purposes.

 Attacks on electric systems, like attacks on other critical infrastructure sectors, can further an adversary’s criminal, political, economic, or geopolitical goals. 

As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases.

A power disruption event from a cyberattack can occur from multiple components of an electric system including disruptions of the operational systems, targeting enterprise environments to achieve an enabling attack through interconnected and interdependent IT systems, or through a direct compromise of cyber digital assets. According to a report by dragos.com, an Iranian-sponsored hacking group called Magnallium has been trying to get access to American electric utilities for at least a year. 

Also another hacking group called Xenotime has been spotted hitting US electric utilities with "reconnaissance and potential initial access operations" since late last year.The hacking group, infamous for infecting the safety systems of a Saudi petrochemical plant with highly specialised, life-threatening malware two years ago, isn't known to have broken through to the sensitive controls of US power plants or substations.

The hackers have been trying to guess passwords for hundreds of accounts linked to US electric utilities, plus oil and gas firms, a technique known as “password-spraying.” This chimes with findings from Microsoft, which revealed it had seen a similar campaign in November 2019.

According to industry sources It’s unlikely the hackers currently have the ability to cause blackouts in the US, but they could potentially still disrupt a power station’s computer network. 

In March 2019, hackers did use firewall vulnerabilities to cause periodic “blind spots” for grid operators in the western US for about 10 hours. It was the first known time a cyberattack has caused that kind of disruption, which, did not affect the actual flow of electricity, at a US power grid company. 

Infrastructure owners need to be constantly vigilant about cybersecurity and make sure their employees are following basic security advice, such as using strong, unique passwords, as well as adopting more sophisticated protection.

E&ENews:           ZDNet:           I-HLS:

You Might Also Read:

Iran's Cyberwar Response To Its General's Killing:

Foreign Cyber Intrusions On The USA:

 

 

« US Cyber Command Hacked ISIS
US Cyber Command Is A Tool Of Foreign Policy »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TNO Cyber Security Lab

TNO Cyber Security Lab

TNO Cyber Security Lab is a dedicated facility for innovative and experimental research with the goal of a safe and resilient cyberspace.

SK-CERT

SK-CERT

SK-CERT National Computer Computer Emergency Response Team of Slovakia.

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

Buglab

Buglab

The Buglab contest and Vigilante Protocol help companies all over the world to discover and fix vulnerabilities on their digital solutions or assets.

Encore Media Group

Encore Media Group

Encore Media Group provide an international enterprise technology event series exploring IoT, Blockchain AI, Big Data, 5G, Cyber Security and Cloud.

Zerodium

Zerodium

Zerodium is the leading exploit acquisition platform for premium zero-days and advanced cybersecurity research.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

Root9B (R9B)

Root9B (R9B)

R9B offers advanced cybersecurity products, services, and training to enhance the way organizations protect their networks.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Bit Sentinel

Bit Sentinel

Bit Sentinel is an information security company. We help companies like yours discover, prioritize, and effectively remediate potential cybersecurity risks.

eMudhra

eMudhra

eMudhra is a leader in Identity and Transaction Management Solutions.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

Hughes Network Systems

Hughes Network Systems

Hughes are industry leaders in networking technologies and services, innovating constantly to deliver the global solutions that power a connected future for people, enterprises and things everywhere.

Rite-Solutions

Rite-Solutions

Rite-Solutions is an award-winning software development, systems engineering, and information technology firm.

ThreatMon

ThreatMon

Gain insights into emerging threats with real-time data and AI-driven analysis to stay ahead of cyber risks. Detect, analyze, and respond to threats before they happen.