Russian hackers have infiltrated US utility networks, DHS says

Shawn Knight

TechSpot Staff
Staff member

Russian hackers working for a shadowy state-sponsored group previously identified as Energetic Bear or Dragonfly infiltrated the control rooms of US electric utilities last year as part of a long-running and dangerous campaign that claimed “hundreds of victims” according to a recent report from The Wall Street Journal.

Officials with the Department of Homeland Security said the hackers broke into supposedly “air-gapped” networks by first penetrating the networks of key vendors that had trusted relationships with utility companies.

Jonathan Homer, chief of industrial-control-system analysis for DHS, said it got to a point where the hackers could have disrupted power flows.

Monday’s briefing was the first time that DHS officials have provided this level of detail to the public. While the department didn’t call out victims by name, it did confirm that there were hundreds of victims, not just a few dozen as had previously been reported.


Robert M. Lee, founder and CEO of cybersecurity firm Dragos, points out on Twitter that while warnings of threats are extremely important as they are becoming much more frequent, some of the language used in articles like those from The Wall Street Journal is not helpful and can be misleading.

Lee noted last September that “our adversaries are at the starting point of their journey to cause significant disruption to our power grid, not the finish line.”

Lee isn't wrong. The truth is, hardly any of us are familiar with the complexities of the US electric grid and the level of progress that hackers may or may not have achieved.

Permalink to story.

 

Reachable

TS Evangelist
I want to see evidence. Not claims -- evidence. I see no reason to take intelligence agencies at their word, because they have a history of lying.

Remember also that everything 'they' are doing to 'us', we are also doing to them. Such is the stupidity of conventional spycraft. But what's really insidious is when operations are conducted to get the public frightened and riled up. I don't know what the objectives are, but it's certainly not for the benefit of the general public.