Russian Hackers Reach US Utility Control Rooms, Homeland Security Officials Say

"Russian hackers [...] broke into supposedly secure, "air-gapped" or isolated networks owned by utilities (Warning: source may be paywalled; alternative source) with relative easy by first penetrating the networks of key vendors who had trusted relationships with the power companies," reports The Wall Street Journal, citing officials at the Department of Homeland Security. "They got to the point where they could have thrown switches" and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS. The hacking campaign started last year and likely is continuing. From the report: DHS has been warning utility executives with security clearances about the Russian group's threat to critical infrastructure since 2014. But the briefing on Monday was the first time that DHS has given out information in an unclassified setting with as much detail. It continues to withhold the names of victims but now says there were hundreds of victims, not a few dozen as had been said previously. It also said some companies still may not know they have been compromised, because the attacks used credentials of actual employees to get inside utility networks, potentially making the intrusions more difficult to detect.

The attackers began by using conventional tools -- spear-phishing emails and watering-hole attacks, which trick victims into entering their passwords on spoofed websites -- to compromise the corporate networks of suppliers, many of whom were smaller companies without big budgets for cybersecurity. Once inside the vendor networks, they pivoted to their real focus: the utilities. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks. Then they began stealing confidential information. For example, the hackers vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled. They also familiarized themselves with how the facilities were supposed to work, because attackers "have to learn how to take the normal and make it abnormal" to cause disruptions, said Mr. Homer. Their goal, he said: to disguise themselves as "the people who touch these systems on a daily basis."

At some point...

[toonces33]

They just ought to sever all internet connections in and out of Russia.

Air-Gapped

[Kobun]

You keep using that word. I don't think it means what you think it means.

Re:lies

[toonces33]

Maybe you should read the article.

Re: lies

[phantomfive]

The vagueness of the article only gives it more the appearance of a lie. There is no evidence there, just vague allusions and scare threats.

Re: Quick Change Topics!

[Archangel+Michael]

https://www.cnn.com/2017/01/05...

That is a bit of news from the time it happened, not a few days ago, after they needed to show they did have access to the server.

Washington (CNN)The Democratic National Committee "rebuffed" a request from the FBI to examine its computer services after it was allegedly hacked by Russia during the 2016 election, a senior law enforcement official told CNN Thursday.

SO, which story do you actually believe? The one where they rebuffed attempts to inspect the server, or the one that they're using now, that they had the servers the whole time?

Personally, if you believe ANYTHING coming from the "Intel Community" either way you're an idiot. They lie. They lie straight faced in front of congress about all sorts of things, spying on Americans to there were weapons of mass destruction in Iraq. This isn't a "Right vs Left" issue, because both sides have been on both sides of hating and defending the "intel community"

And until people grow up, and see that, we're never going to get anywhere. So, please stop with the re-written history, it is embarrassing .

Re:Suppose that were true

The Uranium bit was a red herring. It was signed off by a ton of people and overblown.

As for as Russian attacks go, I think people need to segregate issues a bit.

1. Russia did manipulate our elections with propaganda and it is plausible but not proven that those manipulations were enough to cause enough voters to vote for Trump or not for Hillary where it mattered. That is the simple truth, though it isn't spoken much. Usually people say the outcome wasn't changed, and you can no more 100% know that than know that it wasn't. The numbers were close, and there was a lot of manipulation.

2. Russia is going to do it again, but that is almost totally irrelevant. Now that we've shown we will bend over and take it, particularly if it benefits one party, it likely won't be limited to Russia.

3. We need to be on a (cyber) wartime footing with respect to these things. Foreign manipulation needs to be addressed and mitigated. Voting machine secured. Voting registrations roles not carelessly purged, etc, etc. If we have to fight cyber attacks with cyber attacks we must do so, since the alternative is worse. We can't, however, lie, though exposing actual illegal dealings in Russia's politicians is fair game at this point. The emails uncovered were technically not lies. They just uncovered every rock they could find while the republican side got to skim by with revealing nothing. Basically it was a bit like a set of scales. Each side has things that perhaps don't show them in the best light. One side gets everything loaded on the scale, while the other side gets almost nothing, while ten times as much is hidden behind the curtain. That kind of disparity is bound to make the results less than ideal. Also you gotta assume the Russian's didn't alter the emails since if alterations could have been proved they might not have been accepted as well.

4. Most importantly we need an attitude from every elected official that the truth matters. If your representative or senator has acted in a way that indicates its okay to lie if it benefits their party, and you know someone else on the ballot who is at least honest, then seriously consider voting for them, regardless of party.

5. In addition to 4, we need a constitutional amendment, or maybe a law that states if you run for at least national office all confidentiality agreements protecting you are null and void and attempting to silence a story about a candidate with money is itself a felony. Furthermore all your government records are automatically made available. And just in case someone whines that it wouldn't be fair, well why wouldn't it? It would be the same for everyone. Don't like the spotlight, don't run for public office.

Re:Long-term narrative

[GrimSavant]

That's a remarkable bit of denial, an excellent exemplar of why I have decreasing faith that this will end well. There is plenty of evidence that the Russians were involved in all sorts of various hacking and active measures and whatnot, but if you simply refuse to believe that evidence, then you can just deny everything and believe whatever you want to believe or whatever you are told to believe. That is one of the end goals of the concerted campaign of propaganda that the Russians been running since the Soviet era: true information no longer matters anymore and the ability to assess facts and adjust beliefs in response to facts is utterly withered.

To the particular point, the prior indictments against the Russian nationals are far more detailed than standard indictments, they are so called "speaking indictments." The most recent one this month against the GRU hackers detailed the particular methods they used and quite a bit of the timing of the attacks. And it sounds like western intelligence had high end source in the Russian government that Trump was told about prior to the inauguration confirming that the top levels of the Russian government, including Putin, were orchestrating the attacks. But again, if you can simply deny that information out of hand, and call it "fake news", then what point is there in providing any more information? What will be believed short of reality providing a swift kick to the groin?

Re: Quick Change Topics!

[PopeRatzo]

Personally, if you believe ANYTHING coming from the "Intel Community" either way you're an idiot. They lie. They lie straight faced in front of congress about all sorts of things, spying on Americans to there were weapons of mass destruction in Iraq. This isn't a "Right vs Left" issue, because both sides have been on both sides of hating and defending the "intel community"

The FBI is not the "Intel Community". They're law enforcement, no less than your local cops. They have about the same record of integrity, too, which is saying, "so-so". But they take the whole, "national security" thing pretty seriously. And that includes all the Trump appointments, and his director of national intelligence and his attorney general. And while you're being Inspector Gadget finally trying to get the dirt on Hillary Clinton, there is a legal noose tightening around Trump's neck. Indictments, convictions, guys in jail.

And yes, there are at least three copies of the forensically-imaged DNC server in the FBI's possession. We know this because the Trump Justice Department has told us so.

So, the question you have to ask yourself is if you believe Donald Trump or people appointed by Republicans to be FBI director, attorney general, FISA judges, etc etc. You can either trust people that have actually earned trust or a guy who changes his story about what he actually said on live fucking camera four times between Monday and Thursday.

Not you, ArchMike. It's too late for you. The question is for other people reading this. You're already too far gone down the 4chan hole looking for pizza and crisis actors. The question is for the grown folks.

Stuxnet

[scsirob]

Kinda odd to see the outrage over this. A few years ago USA used the exact same tactics to penetrate Iranian nuclear facilities, releasing the Stuxnet virus which damaged a lot of critical infrastructure. Back then there were plenty of people here gloating over this and being proud of the accomplishments.

My guess is that this is happening all over the world, by all major regimes, in all vulnerable areas. Anger or pride only depends on if your country is the hacker or the victim.

Re: lies

[AmiMoJo]

Seems quite specific to me.

The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure, âoeair-gappedâ or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies, said officials at the Department of Homeland Security.

We have who, where, how and by what method. Interestingly it's similar to the technique used by the US to sabotage Iranian enrichment facilities.

Re:You know you're joking

[sjbe]

and maybe trolling but Trump's poll numbers didn't budge an inch even after that downright terrifying display in Helsinki.

That's because he is down to more or less just his psycho base supporters. An alarmingly large group but they support him no matter how crazy he gets. He could start a nuclear war and they would cheer him on the whole way and probably try to find some way to blame Obama or Clinton for it.

What I find especially odd is most of his supporters are old enough to have been cold warrior types.

His supporters are not that old as a general proposition. He has too many of them for that to be the case though certainly a fair number of them are older. Heck I'm old enough to have been around during the later decades of the cold war and the people that really lived through the middle of it are drawing social security now. Trumps supporters are more diverse than just old people.

US/Russia relations

[sjbe]

What are you so afraid of?

If you have to ask that question then you know fuck-all about US/Russia relations over the last 80 years.

What is so terrifying about the US and Russia improving relations and bringing a little more piece to the world?

What's terrifying is HOW Trump is trying to do it. Peaceful cooperation with Russia is a reasonable goal but not at any cost or by abandoning countries that actually are friendly to the US. Russia is NOT a friend to the US and pretending that the interests of those two countries have somehow magically aligned because Trump is in the White House is absurd.

Re:Unpossible!

[chill]

Congratulations! You just described one of the main reasons for NAFTA, the TPP, and other global, multilateral trade deals. The simple fact is the more countries are tied by trade, the fewer wars they have. Another "peace dividend" that President Orange Bumblefuck doesn't even remotely grasp, and hence, pissed all over.

Re:Long-term narrative

[swb]

I'm always curious why contemporary Russia wants to be so adversarial with the United States. It made sense with the Soviet Union given the ideological nature of the Soviet Union and Communism, but makes much less sense with a basically capitalist economy and the dismantling of the Party ideological machine.

India and Brazil have more people and comparable GDPs to Russia, yet they don't have the kind of adversarial relationship with the US Russia does. Sure, there are disagreements and diplomatic conflict, but not "plotting-to-destabilize" levels of conflict.

It's not even like the Russians are operating from a position of parity with the US. A vastly smaller and weaker economy, a much less capable and weaker military force, not to mention an entire laundry list of internal problems.

From a rational perspective, you would think that the Russians would want to be allies given some level of European-ish cultural overlap, the value of US trade and investment, and the relative benefits of security cooperation, especially given Russia's exposure to the Middle East and various central Asian nations of a dubious nature.

I know there are some shop-worn explanations about Russia's "need for security", Putin's need for an enemy to justify a strong-man state and so on, but these somehow seem trite or incomplete.