Slashdot Mirror
Hackers Have Penetrated Energy Grid, Symantec Warns (fortune.com)
An anonymous reader quotes a report from Fortune: Hackers have been burrowing their way inside the critical infrastructure of energy and other companies in the U.S. and elsewhere, warns cybersecurity giant Symantec. In a new report, Symantec claims that the threat of cyberattack-induced power outages in the west has elevated from a theoretical concern to a legitimate one in recent months. "We're talking about activity we're seeing on actual operational networks that control the actual power grid," Eric Chien, technical director of security technology and response at Symantec, told Fortune on a call. Reports surfaced over the summer of hackers targeting staff at nuclear energy facilities with phishing attacks, designed to steal login credentials or install malware on machines. The extent of the campaign as well as the question of whether the attackers had breached operational IT networks, rather than merely administrative ones, was unclear at the time. Symantec is now erasing all doubt. "There are no more technical hurdles for them to cause some sort of disruption," Chien said of the hackers. "All that's left is really motivation." Symantec detailed its findings in a report released Wednesday morning. The paper tracks the exploits of a hacker group that Symantec has dubbed DragonFly 2.0, an outfit that the company says it has linked to an earlier series of attacks perpetrated between 2011 and 2014 by a group it dubbed DragonFly.
I would need to see this confirmed by a competent, reliable source.
More hyperbole with little substance. With the obligatory mention of NUCLEAR! even though no nuclear plant was involved in the referenced attack. And now some generic reference to 'operational networks' which tells me they were not control networks, so any 'disruption' as claimed still isn't going to turn off power anywhere.
Maybe there is a reason, despite these continuously 'escalating attacks', that we are not seeing any power outages in the US. Maybe it is because our methods to prevent them from being successful are effective. Maybe because we know about all these attacks before they are doing any harm is also a sign our methods are effective.
We can't let our guard down, but we don't have to fall for the hype.
also, the only way symantec is going to detect/know about anything is if a snail mail letter is delivered to their headquarters from the self aware botnetwork.
While there are a few North Koreans hacking the grid, it's mostly been Russian state hackers and Chinese state hackers. In point of fact, we made a deal with China to hold off on that, so now it's mostly just the Russians.
Source: various agencies. No, not linking it.
On the plus side, residential and commercial building solar and wind power systems are mostly not hacked.
Far more risk factor from fires, quakes, floods, and storms, actually.
-- Tigger warning: This post may contain tiggers! --
According to http://cybersquirrel1.com/ there have been 1049 successful grid attacks YTD by squirrels, although raccoons pose a significant threat. Grid operators track outage causes, and human attacks are paltry compared to natural causes. A ton of strategically placed sunflower seeds could be bought for about the cost of 20 Symantec licenses. I for one quake in fear of our bushy tailed nemesis.
Just the washing instructions on life's rich tapestry
I've argued in favor of decentralized off-grid solar power because centralized power is vulnerable to attack.
It seems every time solar is brought up there is a mention of a "smart grid" to address issues of this thing called "night" that keeps solar collectors from providing 24/7 power. So, which is it? Do we get cheap solar energy from a "smart grid" or do we have expensive decentralized power?
If you want energy that is cheap, reliable, and decentralized then solar power cannot make any significant portion of the grid. Solar is only cheap if it is connected, and that means there's some centralized utility. If you take solar off the grid then you need storage, and that costs money.
I've argued in favor of decentralized off-grid solar power because centralized power is vulnerable to attack.
I live in the US Midwest, and we have a lot of "attacks" on the power grid. It was quite interesting to work the late shift at a call center in the middle of a rainstorm when a nearby lightning strike took out the grid power. We sat in the dark for a few seconds until the backup diesel generators started up. If that call center had decentralized solar power then the lightning strike would not have taken out the power, but that's because we'd have been running on the diesel generators since sundown.
I'm not too concerned about attacks on the power grid since we get them all the time and people have the means to deal with them. If a hacker wants to shut down a grid for a while then what does that mean in the end? Not much really.
I remember some idiot in California tried shooting up a large transformer with a rifle and was almost successful in creating a pretty big blackout. It was only because the guy goofed and missed out on cutting all the control wires for diverting power that he was not successful in making the substation go up in sparks and flames. Of course you then had some US senators call for more gun control (because in California the gun ban didn't work so we have to ban them again) and to armor up all substations (because utility prices aren't high enough already).
How do you protect solar panels from an attack? Wouldn't an idiot with a rifle be even more successful in attacking solar panels than a coal, nuclear, or natural gas power plant? I mean we can (and do) put a nuclear power plant in a big concrete dome to protect it from attack but we can't do that to solar panels. What of a hail storm? Wouldn't that turn your precious decentralized solar panels into a worthless (and toxic) busted up mess? Without a tie to the grid then how are these people supposed to get power until the solar panels are repaired? I know the answer, on site diesel generators, kind of like how we deal with grid outages now.
I'm sure that there's a lot of things we could do to secure our electrical supply. I'm also sure that solar power isn't one of those things.
I am armed because I am free. I am free because I am armed.
USB ports are usually disabled.
Probably in some cases, not the ones I worked on.
You are not allowed to bring laptops into the facility.
False. I (and every other contractor, including those that actually applied the programming to DCS.) brought our laptops on-site every day. One particular facility required you to get a permit to have a computer, but it was literally just a piece of paper saying you are authorized to bring it on-site.
Your laptop would not get any access to the network, as it has an unknown MAC.
To the managed network, you are likely correct. That's not what I was implying as the attack vector.