Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Have Penetrated Energy Grid, Symantec Warns (fortune.com)

Posted by BeauHD on from the root-access dept.

An anonymous reader quotes a report from Fortune: Hackers have been burrowing their way inside the critical infrastructure of energy and other companies in the U.S. and elsewhere, warns cybersecurity giant Symantec. In a new report, Symantec claims that the threat of cyberattack-induced power outages in the west has elevated from a theoretical concern to a legitimate one in recent months. "We're talking about activity we're seeing on actual operational networks that control the actual power grid," Eric Chien, technical director of security technology and response at Symantec, told Fortune on a call. Reports surfaced over the summer of hackers targeting staff at nuclear energy facilities with phishing attacks, designed to steal login credentials or install malware on machines. The extent of the campaign as well as the question of whether the attackers had breached operational IT networks, rather than merely administrative ones, was unclear at the time. Symantec is now erasing all doubt. "There are no more technical hurdles for them to cause some sort of disruption," Chien said of the hackers. "All that's left is really motivation." Symantec detailed its findings in a report released Wednesday morning. The paper tracks the exploits of a hacker group that Symantec has dubbed DragonFly 2.0, an outfit that the company says it has linked to an earlier series of attacks perpetrated between 2011 and 2014 by a group it dubbed DragonFly.

1 of 69 comments (clear)

  1. Re:they by Mr+D+from+63 · · Score: 4, Informative

    More hyperbole with little substance. With the obligatory mention of NUCLEAR! even though no nuclear plant was involved in the referenced attack. And now some generic reference to 'operational networks' which tells me they were not control networks, so any 'disruption' as claimed still isn't going to turn off power anywhere.

    Maybe there is a reason, despite these continuously 'escalating attacks', that we are not seeing any power outages in the US. Maybe it is because our methods to prevent them from being successful are effective. Maybe because we know about all these attacks before they are doing any harm is also a sign our methods are effective.

    We can't let our guard down, but we don't have to fall for the hype.