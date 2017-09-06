Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Hackers Have Penetrated Energy Grid, Symantec Warns

Posted by BeauHD
An anonymous reader quotes a report from Fortune: Hackers have been burrowing their way inside the critical infrastructure of energy and other companies in the U.S. and elsewhere, warns cybersecurity giant Symantec. In a new report, Symantec claims that the threat of cyberattack-induced power outages in the west has elevated from a theoretical concern to a legitimate one in recent months. "We're talking about activity we're seeing on actual operational networks that control the actual power grid," Eric Chien, technical director of security technology and response at Symantec, told Fortune on a call. Reports surfaced over the summer of hackers targeting staff at nuclear energy facilities with phishing attacks, designed to steal login credentials or install malware on machines. The extent of the campaign as well as the question of whether the attackers had breached operational IT networks, rather than merely administrative ones, was unclear at the time. Symantec is now erasing all doubt. "There are no more technical hurdles for them to cause some sort of disruption," Chien said of the hackers. "All that's left is really motivation." Symantec detailed its findings in a report released Wednesday morning. The paper tracks the exploits of a hacker group that Symantec has dubbed DragonFly 2.0, an outfit that the company says it has linked to an earlier series of attacks perpetrated between 2011 and 2014 by a group it dubbed DragonFly.

      by Mr D from 63 ( 3395377 ) on Wednesday September 06, 2017 @05:30PM
      More hyperbole with little substance. With the obligatory mention of NUCLEAR! even though no nuclear plant was involved in the referenced attack. And now some generic reference to 'operational networks' which tells me they were not control networks, so any 'disruption' as claimed still isn't going to turn off power anywhere.

      Maybe there is a reason, despite these continuously 'escalating attacks', that we are not seeing any power outages in the US. Maybe it is because our methods to prevent them from being successful are effective. Maybe because we know about all these attacks before they are doing any harm is also a sign our methods are effective.

      We can't let our guard down, but we don't have to fall for the hype.

        by zlives ( 2009072 )

        also, the only way symantec is going to detect/know about anything is if a snail mail letter is delivered to their headquarters from the self aware botnetwork.

        by Pascoea ( 968200 )
        I didn't read the article (I know, right?), but it theoretically isn't that difficult to "hack" an airgapped system to drop off some sort of time-bombed attack. I've worked on generation facilities' DCS systems, the ones that are connected to a network but not the internet. Every Workstation/Server/switch in the system is COTS hardware, every one of them has USB ports on them that they use to apply patches/etc. All it takes is one system engineer with a hacked PC plugging a USB stick into his computer th

          by zlives ( 2009072 )

          yes it also takes that same dumbass to hit the off switch, no hacking required.

        • Well, they were not talking about air gapped systems (although their vagueness leaves much to assume). There are what can be called 'operational networks' that are not part of any plant or grid control, but merely places where operational data is stored. This is most likely what they are talking about because you can bet if a plant control system had been breached it would have been spelled out. They specifically avoid the term 'control' network.

          Yes, there are ways to breach air gaps, and the human eleme
  • Now Symantec will just sell them their AV crap!

  • electrical grids to switch to McAfee security products.

    by StormReaver ( 59959 ) on Wednesday September 06, 2017 @05:26PM

    I would need to see this confirmed by a competent, reliable source.

  • "There are no more technical hurdles for them to cause some sort of disruption,"

    But maybe, they're here to help. IT COULD HAPPEN !!! :-)

  • Any power outages caused by the recent CME eruption from our sun might scare people into purchasing 'protection'.

    http://spaceweather.com/ [spaceweather.com]

  • While there are a few North Koreans hacking the grid, it's mostly been Russian state hackers and Chinese state hackers. In point of fact, we made a deal with China to hold off on that, so now it's mostly just the Russians.

    Source: various agencies. No, not linking it.

    On the plus side, residential and commercial building solar and wind power systems are mostly not hacked.

    Far more risk factor from fires, quakes, floods, and storms, actually.

  • I've argued in favor of decentralized off-grid solar power because centralized power is vulnerable to attack. People either don't grasp what I mean or write it off as paranoia but this is a prime example of the vulnerability that centralized power systems create.

    Be it a tree or hacker, centralized power systems a vulnerable to attack. (We shouldn't have pissed off the trees.)

    • I've argued in favor of decentralized off-grid solar power because centralized power is vulnerable to attack.

      It seems every time solar is brought up there is a mention of a "smart grid" to address issues of this thing called "night" that keeps solar collectors from providing 24/7 power. So, which is it? Do we get cheap solar energy from a "smart grid" or do we have expensive decentralized power?

      If you want energy that is cheap, reliable, and decentralized then solar power cannot make any significant portion of the grid. Solar is only cheap if it is connected, and that means there's some centralized utility. If

  • According to http://cybersquirrel1.com/ [cybersquirrel1.com] there have been 1049 successful grid attacks YTD by squirrels, although raccoons pose a significant threat. Grid operators track outage causes, and human attacks are paltry compared to natural causes. A ton of strategically placed sunflower seeds could be bought for about the cost of 20 Symantec licenses. I for one quake in fear of our bushy tailed nemesis.
  • Our government is behind this in order to make everyone afraid and give up more rights and to justify their cyber warfare initiatives.

  • i need more than just Symantec saying so, since they themselves verge on malware.

