Researchers Found a Hacking Tool that Targets Energy Grids on the Dark Web (vice.com)

← Back to Stories (view on slashdot.org)

Researchers Found a Hacking Tool that Targets Energy Grids on the Dark Web (vice.com)

Posted by msmash on Tuesday July 12, 2016 @08:05AM from the security-threats dept.

An anonymous reader writes: A sophisticated piece of government-made malware, designed to do reconnaissance on energy grid's system ahead of an eventual cyberattack on critical infrastructure, was found on a dark web hacking forum. SentinelOne's researchers believe the malware was created by a team of hackers working for a government, likely from eastern Europe, according to a report published on Tuesday. Udi Shamir, chief security officer at SentinelOne, said that it's normal to find reused code and malware on forums because "nobody tries to reinvent the wheel again and again and again." But in this case, "it was very surprising to see such a sophisticated sample" appear in hacking forums, he told Motherboard in a phone interview.

35 comments

Min score:

Reason:

Sort:

Black Market Electrons by Anonymous Coward · 2016-07-12 08:08 · Score: 1

Why are energy grids on the dark web?
1. Re:Black Market Electrons by GuB-42 · 2016-07-12 08:33 · Score: 2
  
  Probably to power dark bulbs.
2. Re:Black Market Electrons by NotInHere · 2016-07-12 08:36 · Score: 1
  
  They are made of dark energy, which forms most of the energy in our universe! This means, hacking dark energy power grids brings most space dollars.
3. Re:Black Market Electrons by Anonymous Coward · 2016-07-12 08:39 · Score: 0
  
  Do those also come in a flashlight version? When I'm leaving the basement there is always so much light everywhere, I am blinded by it. Probably I should be sleeping during the day, but sometimes I can't sleep.
4. Re:Black Market Electrons by Anonymous Coward · 2016-07-13 00:22 · Score: 0
  
  One million space bucks, we could pay off Pizza!
haxxy haxx0rz at it again wif de haxx!!!1! by Anonymous Coward · 2016-07-12 08:09 · Score: 0

Guise, keep up the breathless bullshit and continue to be vapid idiots and not "researchers" doing "research".
1. Re:haxxy haxx0rz at it again wif de haxx!!!1! by Anonymous Coward · 2016-07-12 08:23 · Score: 0
  
  Guise: noun, disguise, under the appearance of.
LOLWUT? by Anonymous Coward · 2016-07-12 08:11 · Score: 0

"nobody tries to reinvent the wheel again and again and again"
That is the ESSENCE of the software industry!
1. Re: LOLWUT? by Anonymous Coward · 2016-07-12 08:30 · Score: 0
  
  the wheel was invented over and over again
2. Re: LOLWUT? by sysrammer · 2016-07-12 11:28 · Score: 1
  
  the wheel was invented over and over again
  Yeah. Saw another version of one the other day. Some kind of big screw-like pneumatic thingy.
  
  --
  His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
Wait, the GRIDS are on the Dark Web? by Anonymous Coward · 2016-07-12 08:15 · Score: 0

Why would the energy grids be plugged into the Dark Web?
1. Re:Wait, the GRIDS are on the Dark Web? by Phusion · 2016-07-12 08:50 · Score: 1
  
  *sigh* just in case you're serious, they found the tool on a hacking forum HOSTED on the dark net. It's not a story about accessing energy grids via TOR... But you're probably just trolling, so, hats off to you I guess.
  
  --
  640k ought to be enough for anyone.
2. Re:Wait, the GRIDS are on the Dark Web? by OzPeter · 2016-07-12 09:23 · Score: 1
  
  Why would the energy grids be plugged into the Dark Web?
  Because when all the evil hackers are looking for energy grids on the Normal Web, what better place to hide your energy grid than putting it on the Dark Web!
  Sheer brilliance.
  
  --
  I am Slashdot. Are you Slashdot as well?
3. Re:Wait, the GRIDS are on the Dark Web? by Anonymous Coward · 2016-07-12 09:24 · Score: 0
  
  Your grasp of english is as bad as the "editors" here.
4. Re:Wait, the GRIDS are on the Dark Web? by sysrammer · 2016-07-12 11:23 · Score: 1
  
  Truthfully, that's why I clicked this story. I too wanted to see how energy grids were associated with the dark web. Poor editing, or bait and switch?
  
  --
  His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
5. Re:Wait, the GRIDS are on the Dark Web? by sysrammer · 2016-07-12 11:31 · Score: 1
  
  Why would the energy grids be plugged into the Dark Web?
  ...what better place to hide your energy grid than putting it on the Dark Web!
  Sheer brilliance.
  Wouldn't sheer brilliance cause it to become Web Lite?
  
  --
  His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
too many secrets by Joe_Dragon · 2016-07-12 08:16 · Score: 3, Insightful

too many secrets
Tool that targets energy grids on the dark web by KitFox · 2016-07-12 08:19 · Score: 1

I for one am surprised to discover that the dark web has enough energy grids to make them worth targeting.
</deadpan>

--
@Whee
Was it possibly .... by PPH · 2016-07-12 08:19 · Score: 2

... derived from Nitro Zeus? This is why one has to be careful about weapons proliferation. Even if you go in thinking that only the 'good guys' will get them.

--
Have gnu, will travel.
Why are energy grids on the dark web? by Anonymous Coward · 2016-07-12 08:21 · Score: 0

The dark web is a very bad place to have our energy grids located but the headline says they are there. That's bad grammar.
1. Re:Why are energy grids on the dark web? by Anonymous Coward · 2016-07-12 09:01 · Score: 0
  
  "The dark web" is, strictly, the part that's not indexed by ("well-known") search engines. So, it's not in google's index, it's "dark web".
  So it's still a poor show to have your SCADA whatnots steering the energy grids' thingumies connected to intarwebz anything, but it's a step up from having them be lucky on google.
Repeat after me.... by Lumpy · 2016-07-12 08:44 · Score: 4, Informative

If a power control system or any other important infrastructure has it's SCADA system connected over the internet or even TO the internet....
The people in charge of it are MORONS.
There is ZERO reason to use the internet as your data systems for control interconnected. quit being cheap assholes and use private point to point. on an air gapped network.. And while you are at it HIRE COMPETENT ITSEC PEOPLE. Not Ex cops, those guys dont know shit about computer security...

--
Do not look at laser with remaining good eye.
1. Re:Repeat after me.... by cstdenis · 2016-07-12 13:17 · Score: 2
  
  But then the CEO can't look at pretty real-time graphics on his cell phone. Not going to happen.
  
  --
  1984 was not supposed to be an instruction manual.
2. Re:Repeat after me.... by DNS-and-BIND · 2016-07-12 17:42 · Score: 2
  
  They tried having two systems, the workers wouldn't use them correctly because it was too much of a pain in the ass for them. Then, the managers bitched because they had to use a separate system to view the production statistics. Nobody liked it and the IT department was forced to comply. Cheering was heard as the second air-gapped systems were eliminated and the executives celebrated the cost-cutting with a round of bonuses for virtuous behavior.
  
  --
  Shutting down free speech with violence isn't fighting fascism. It IS fascism!
3. Re:Repeat after me.... by Lumpy · 2016-07-13 05:16 · Score: 1
  
  "They tried having two systems, the workers wouldn't use them correctly"
  The simple solution is to fire those workers and hire some that have an IQ over 100 that are competent enough to do the job?
  The United states military seems to be able to do this, hell even the ARMY is able to.
  
  --
  Do not look at laser with remaining good eye.
The grid could be hacked but not significantly by Anonymous Coward · 2016-07-12 08:46 · Score: 0

Sure, I have no doubt the electric grid could be hacked to a point. But it would not be a widespread attack and would maybe affect a region at best. If it would be that effective I would almost guarantee someone would have already tried it. Much of this stuff comes from questionable sources who would create something but then find it goes nowhere and isn't useful. Makes everyone worried the end is near or its Armageddon. I would worry more about a virus infection getting into a nuclear plant then a grid.
Poor Title... by Anonymous Coward · 2016-07-12 09:02 · Score: 0

Should be something like this "Researchers Found a Hacking Tool on the Dark Web that Targets Energy Grids".
1. Re:Poor Title... by Anonymous Coward · 2016-07-12 09:45 · Score: 0
  
  Or something like this "There's an energy grid on the dark net that researchers hacked with a found tool."
2. Re:Poor Title... by Anonymous Coward · 2016-07-12 11:26 · Score: 0
  
  Should be something like this "Researchers Found a Hacking Tool on the Dark Web that Targets Energy Grids".
  qft
Energy grids shouldn't have connectivity. by Anonymous Coward · 2016-07-12 09:09 · Score: 0

Problem solved.
Kudos to the guys @ SentinelOne... apk by Anonymous Coward · 2016-07-12 09:18 · Score: 0

See subject: It's a serious threat to everyone really & it's good to know those guys @ SentinelOne found such machinations exist - knowing that, you can prepare yourself (even to the point of using it to 'portscan' yourself IF you are the entities under potential attack vs. exploit/breakin etc. - these tools CAN even be used "for the good" once you know they're there in other words (even when they're meant "for the bad")).
APK
P.S.=> It's good to know folks like them are out there doing a good job is all... apk
Article mistakes by Anonymous Coward · 2016-07-12 10:17 · Score: 0

Vice does this a lot and runs fake titles, but nowhere in the SentinelOne report does the company say they found the malware on the DarkWeb. But hey, if DarkWeb attracts users that click on ads... why not lie to your users: https://sentinelone.com/blogs/...
Do you have to post this cyber BS on a tech forum? by tetraverse · 2016-07-12 11:38 · Score: 1

Who is going to protect our critical infrastructure from these no good commie atheist salo eaters.
NOTHING DARK ABOUT IT, it is encrypted that is all by Anonymous Coward · 2016-07-12 12:19 · Score: 0

To even call .onion a dark web is demonization.
The thing about it now, is to intrigue you into using unsafe Tor practice for greater honeypot traps.
Tails is completely compromised by the CIA and has been since after Tails 1.4.1.
The only place you can get the correct .sig and hash that I know of is on kat.cr.
https://kat.cr/tails-1-4-1-i386-iso-multilang-tntvillage-t10922671.html
If you use it or any other Tor client and care a lot, you will change your clock to as inaccurate as possible and add these two lines to your torrc.
StrictNodes 1
ExcludeNodes {us}
This keeps you off the American .onion totally. Peace.
Guess what? Electric grids were already hacked! by vityok · 2016-07-12 20:36 · Score: 1

Guess what? Electric grids were already hacked in what appears to be one of the first more or less real cyber-wars (previous - Estonia 2007, Georgia 2008 - were primarily powerful DDoS attacks to either disrupt services or cut off the country from the rest of the world).
The hacking happened in December 2015, in Ukraine. The attack was a sophisticated APT attack from Russia.
You can find more by following description in IR-ALERT-H-16-056-01 or reading the Wired article by Kim Zetter.
And, by the way, malware did find its way into nuclear power plants (though not control systems).