Category Archives: energy grid

Today’s Biggest Threats Against the Energy Grid

Posted on by

Without the U.S. energy grid, life as we know it simply grinds to a halt. Businesses can’t serve customers. Homes don’t have power. Traffic lights no longer work. We depend on the grid operating reliably each and every day for business and personal tasks. That makes it even more crucial to defend our energy grid […]

The post Today’s Biggest Threats Against the Energy Grid appeared first on Security Intelligence.

Continue reading Today’s Biggest Threats Against the Energy Grid

Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks

Posted on by

The United States Senate has passed a bill to help strengthen the defenses of the U.S. energy grid against digital attacks. On 27 June, the Senate passed the Securing Energy Infrastructure Act. Introduced by U.S. Senators Angus King (I-Maine) and Jim R… Continue reading Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks

Mock grid, real threats: DARPA borrows an island for a cyberattack drill

Posted on by

Over the last 120 years, Plum Island, a forbidding swath of sand off Long Island, has been at the edge of U.S national security. The island housed gun batteries during the Spanish-American War, a torpedo storage facility during the First World War, and in recent decades it has been the government’s home for studying animal-borne diseases. In the first week of November, the military found yet another way for Plum Island to serve as a guinea pig. This time, though, it was for a decidedly 21st-century threat: cyberattacks that could hamstring the power grid. The fictional scenario saw contractors with the Pentagon’s R&D arm — the Defense Advanced Research Projects Agency (DARPA) — team up with engineers from prominent utilities to try to restore power that had been out for weeks following a hypothetical cyberattack. Their tall task: use a generator to gradually restart the power system, substation by substation — a process known as “black start” — all […]

The post Mock grid, real threats: DARPA borrows an island for a cyberattack drill appeared first on Cyberscoop.

Continue reading Mock grid, real threats: DARPA borrows an island for a cyberattack drill

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

Posted on by

In testing, an Internet of Things (IoT) botnet of large, power-consuming appliances was used to carry out coordinated attacks on the energy grid. Continue reading BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

DHS prepares cross-sector strategy to limit domino effects from big cyberattacks

Posted on by

The Department of Homeland Security will soon release a “how-to manual” for the cybersecurity support it offers to federal, state and local government agencies, as well as operators of critical infrastructure, Secretary Kirstjen Nielsen told reporters Tuesday. The nation’s interconnectivity means a cyberattack on the financial sector, for example, could quickly affect the electric grid, Nielsen said at the RSA Conference in San Francisco. “We must be more aware of single points of failure [and] concentrated dependencies,” she said. A DHS official said the strategy could be released next week. The goal of the new cyber strategy is to curb “systemic risk” by helping to secure digital tools used across sectors, Nielsen said. The document will also focus on mitigating the consequences of cyberattacks. “Whether it is common tools such as GPS or payment and settlement systems, our cyber risk assessments need to factor in shocks to the system that could have untold, cascading […]

The post DHS prepares cross-sector strategy to limit domino effects from big cyberattacks appeared first on Cyberscoop.

Continue reading DHS prepares cross-sector strategy to limit domino effects from big cyberattacks

Department of Energy would get new cybersecurity office under White House proposal

Posted on by

A new office would be created in the Department of Energy to monitor and improve energy sector cybersecurity under the president’s proposed budget for fiscal 2019. Named the the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), the office would “focus on energy infrastructure security and support the expanded national security responsibilities assigned to the Department of Energy.” CESER would take over responsibilities covered elsewhere in the Energy Department budget: the Cybersecurity for Energy Delivery System (CEDS) and the Infrastructure Security and Energy Restoration (ISER) programs. Those programs would see their expected spending go up by about 42 percent collectively and would be folded into CESER. CEDS and ISER have about $45 million and $10 million, respectively, in expected spending in fiscal 2018. Under CESER, spending on those accounts would increase to $70 million and $18 million, respectively. An additional $8 million would go toward “program direction,” which describes efforts to manage the […]

The post Department of Energy would get new cybersecurity office under White House proposal appeared first on Cyberscoop.

Continue reading Department of Energy would get new cybersecurity office under White House proposal

Early evidence suggests ties between Russian hackers and ‘BadRabbit’ attack

Posted on by

A software toolkit used in an expansive cyberattack that affected hundreds of organizations across Eastern Europe Tuesday has been linked to a hacking group known as BlackEnergy APT or Telebots, security researchers tell CyberScoop. This threat actor was also responsible for a similar attack dubbed “NotPetya” which largely affected Ukraine and was designed to wipe data from computers rather than collect ransoms when it was executed in June. Experts say BlackEnergy APT acts in the interests of the Kremlin. In the past, the group has repeatedly attacked Ukrainian organizations, including the country’s critical infrastructure sector. The latest variant of ransomware flooding across Europe is named “BadRabbit.” It requires that victims infected with the malware send bitcoin to an anonymous digital wallet in order to unlock their systems — until payment is received, affected computers remain largely unusable. “It appears that the two [ransomware] attacks are connected,” said Costin Raiu, director of the Global Research […]

The post Early evidence suggests ties between Russian hackers and ‘BadRabbit’ attack appeared first on Cyberscoop.

Continue reading Early evidence suggests ties between Russian hackers and ‘BadRabbit’ attack

Security researchers call for calm after DHS warns of energy grid hacking

Posted on by

A government security alert about foreign hackers probing the networks of U.S. energy companies frightened casual observers, but security experts say the report provided little more than an update on relatively well-known activity and behavior. The alert, released late last week by the Department of Homeland Security, mentions evidence of a hacker group — originally identified by U.S. cybersecurity firm Symantec and codenamed “Dragonfly 2.0” — working to compromise the front office networks of industrial firms. This activity is confined to the targeting, and in some cases compromise, of business networks by hackers largely through the deployment of phishing emails and strategic website compromises; also known as watering hole style attacks. FBI & DHS: massive hacking campaign underway attacking American energy, nuclear, water, aviation, construction & manufacturing sectors. — Jose Pagliery (@Jose_Pagliery) October 21, 2017 Though the information offered by the government may be helpful for some cybersecurity professionals, it is far from […]

The post Security researchers call for calm after DHS warns of energy grid hacking appeared first on Cyberscoop.

Continue reading Security researchers call for calm after DHS warns of energy grid hacking

An old foe’s footprints muddle the mystery around group responsible for energy sector hacks

Posted on by

Though leading cybersecurity firms are closing in on the hackers responsible for a recent email phishing campaign and watering hole scheme designed to target U.S. energy companies, the available evidence points to an amorphous group that hasn’t been active for three years. It’s yet another mystery within an already complex case. The leading suspect behind this incident, according to cybersecurity experts and former U.S. intelligence officials, is a group associated with past operations tied to Russia. Known as “Energetic Bear,” “Koala Team” or “Crouching Yeti” to the information security community, the unit has a long history of targeting the energy sector and exploiting outdated vulnerabilities in Microsoft Word and Adobe Flash. “Koala Team is a prolific cyber espionage actor that has affected a comprehensive set of verticals using a combination of opportunistic and targeted tactics since at least 2011,” Cristiana Brafman Kittner, a senior analyst with U.S. cybersecurity firm FireEye, told CyberScoop. […]

The post An old foe’s footprints muddle the mystery around group responsible for energy sector hacks appeared first on Cyberscoop.

Continue reading An old foe’s footprints muddle the mystery around group responsible for energy sector hacks

Spearphishing attacks on energy firms tied to years-long global hacking operation

Posted on by

A recent barrage of well-crafted phishing emails aimed at employees at U.S. energy companies, including one nuclear facility, is tied to a years-long international campaign to steal user credentials and gather intelligence from the world’s largest energy firms. The New York Times and Bloomberg reported Thursday that the FBI and Department of Homeland Security had recently warned several U.S. energy companies about the threat of hackers attempting to break into their networks by using specially tailored spearphishing emails and watering hole-style attacks. John Hultquist, who leads U.S. cybersecurity firm FireEye’s cyberespionage analysis division, said that he’s been independently tracking this same operation and that FireEye customers were warned about it roughly five weeks ago. “We’ve tied this recent operation to a campaign that started all the way back in 2015, which extends beyond the U.S., and has targeted companies in the Middle East and Western Europe … specifically in Turkey […]

The post Spearphishing attacks on energy firms tied to years-long global hacking operation appeared first on Cyberscoop.

Continue reading Spearphishing attacks on energy firms tied to years-long global hacking operation