Using smart meter data constitutes a search, but court allows them anyway

US cities using smart meters narrowly escaped a legal problem this month when a court decided that the benefits of these IoT devices outweighed the privacy issues created by collecting detailed home energy data. Continue reading Using smart meter data constitutes a search, but court allows them anyway

Middle Eastern energy sector at risk, top target of Iranian hackers

Iranian hackers might be the next criminal group to be worried about, after the country has joined the ranks of Russia, North Korea, the US and African countries when it comes to cyberespionage operations. Research carried out by Accenture Security iDe… Continue reading Middle Eastern energy sector at risk, top target of Iranian hackers

Building a sound security strategy for an energy sector company

As more and more attacks against companies working in the energy sector become public, it is becoming increasingly clear that those systems are far from impermeable. And it’s not just state-sponsored attackers that are looking for a way in: oppor… Continue reading Building a sound security strategy for an energy sector company

Russian hackers are ready to disrupt US energy utilities, says DHS

Jonathan Homer says Russian hackers have snared “hundreds of victims” in the utilities and equipment sectors and “got to the point where they could have thrown switches” in a way that could have caused power blackouts. Continue reading Russian hackers are ready to disrupt US energy utilities, says DHS

Trisis has the security world spooked, stumped and searching for answers

At first, technicians at multinational energy giant Schneider Electric thought they were looking at the everyday software used to manage equipment inside nuclear and petroleum plants around the world. They had no idea that the code carried the most dangerous industrial malware on the planet. More than four months have passed since a novel, highly sophisticated piece of malware forced an important oil and gas facility in the Middle East to suddenly shut down, but cybersecurity analysts still don’t know who wrote the code. Since last August, multiple teams of researchers in the public and private sectors have been examining what the perpetrators planted inside a nondescript Saudi computer network. It’s a rare case involving a computer virus specially engineered to sabotage industrial control systems (ICS) — the gear that keeps factories and refineries running. Manipulating these systems can have a destructive impact far beyond the network. Today, the incident’s magnitude and implications are […]

The post Trisis has the security world spooked, stumped and searching for answers appeared first on Cyberscoop.

Continue reading Trisis has the security world spooked, stumped and searching for answers

Hackers linked to North Korea targeted U.S. ICS companies, breached energy firm

Hackers possibly linked to North Korea were able to successfully gain access to the corporate network of at least one U.S.-based energy company in recent months, according to multiple sources with knowledge of a recent intelligence report on the matter. Six sources tell CyberScoop the report notes that hackers were found actively targeting a handful of U.S. companies that rely on industrial control systems. Less than 10 companies were targeted with phishing emails as part of this apparent information gathering campaign — including one known breach — leading analysts to believe the effort is targeted and well-organized, a person with knowledge of the malicious cyber activity said. The activity was originally identified by at least two different private cybersecurity companies. The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is aware of the activity and in recent weeks shared information with some partners. NBC News obtained […]

The post Hackers linked to North Korea targeted U.S. ICS companies, breached energy firm appeared first on Cyberscoop.

Continue reading Hackers linked to North Korea targeted U.S. ICS companies, breached energy firm

Dragonfly: Western energy sector targeted by sophisticated attack group

Resurgence in energy sector attacks, with the potential for sabotage, linked to re-emergence of Dragonfly cyber espionage groupRead More Continue reading Dragonfly: Western energy sector targeted by sophisticated attack group

Senator calls for review of energy infrastructure cybersecurity policy

The top Democrat on the Senate Energy and Natural Resources Committee is calling on two government agencies to review current policies that guide how America’s power grids and pipelines defend against cyberattacks. The request comes in the form of two letters demanding a review of U.S. energy infrastructure by the Government Accountability Office and Transportation Security Administration from Maria Cantwell, D-Wash., the ranking member of the Senate Energy and Natural Resources Committee. The GAO is the investigative office of Congress, and the TSA has oversight over pipelines in addition to its core transportation responsibilities. The requests come amid reports that Russian hackers have organized phishing email campaigns targeted at U.S. energy providers within the private sector, including at least one nuclear plant. “There have been multiple attacks on all of our grids,” said Ret. Brig. Gen. Stephen Cheney, who leads the nonpartisan American Security Project, during a committee hearing Tuesday. “And if we just put our heads in […]

The post Senator calls for review of energy infrastructure cybersecurity policy appeared first on Cyberscoop.

Continue reading Senator calls for review of energy infrastructure cybersecurity policy