Wednesday, August 22, 2018
  • What Does GDPR Mean for Intelligent Video?
  • Malware Complacency: Time to Wake up
  • Get an open-source security multiplier
  • Inside the Judicial Challenges of When Ransomware Strikes a City
  • The Toxic Marketing Cloud

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Security Bloggers Network 

Home » Security Bloggers Network » Russian Hacking Campaign Targeting U.S. Electric Utilities

Russian Hacking Campaign Targeting U.S. Electric Utilities

by David Bisson on July 24, 2018

Homeland security officials said that individuals working for Russia are currently targeting electric utilities located in the United States.

The Department of Homeland Security told The Wall Street Journal that persons working for a state-sponsored hacking group called “Dragonfly” or “Energetic Bear” compromised “hundreds of victims” in 2017. They did so through the use of spear-phishing techniques and watering hole attacks designed to steal users’ passwords. With those credentials, they gained access to the networks of suppliers of many U.S. electric utilities. They then stole information that allowed them to infiltrate the utilities themselves. Once inside, they reportedly had the ability to cause blackouts, meaning they would have had access to the control centers themselves.

“They got to the point where they could have thrown switches” said Jonathan Homer, chief of industrial-control-system analysis for DHS.

But Robert M. Lee, CEO and Founder of the industrial cyber security company Dragos, Inc., said on Twitter that some of the language used by the DHS to describe the campaign is misleading.

And language such as “throwing switches” and noting it would cause “black outs” is in no way representative of what was seen in these intrusions. In these cases the adversary was taking screenshots of HMIs.

— Robert M. Lee (@RobertMLee) July 24, 2018

This isn’t the first time homeland security officials warned of Russian actors targeting power companies. In March 2018, DHS and the Federal Bureau of Investigation (FBI) publicly blamed Russia for attempting to hack U.S. energy infrastructure. They said that campaign also attempted to compromise suppliers’ networks before hacking into the power companies themselves.

Investigators cited by The Wall Street Journal said it’s unclear whether Dragonfly conducted this latest campaign in preparation for a larger attack. As a result, DHS said it intends to hold four briefings (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/off-topic/russian-hacking-campaign-targeting-u-s-electric-utilities/

July 24, 2018July 24, 2018 David Bisson 0 Comments electric, Hacking, Off Topic, Russia
  • ← UK university domains spoofed in massive fraud campaign targeting suppliers
  • Hackers breach Singapore’s largest healthcare provider; steal records of 1.5 million patients, including the Prime Minister →
Featured Blog

6 days ago

Zombies: Top 5 Open Source Vulnerabilities That Refuse To Die

1 week ago

Are DevOps and DevSecOps Headed in Opposite Directions?

2 weeks ago

Top 5 New Open Source Security Vulnerabilities in July 2018

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Manufacturing: A Rising Target for Cybercriminals
IKEv1 Vulnerabilities Break IPsec VPN Security in Cisco, Huawei, ZyXEL Gear
Signal Sciences Extends WAF Scope
CloudPassage Debuts Halo Cloud Secure, Delivering Unparalleled, Continuous Security of Public Cloud Infrastructure
4 Effective Targeted Techniques to Market GDPR – CISO/Security Vendor Relationship Series
Think Like an Attacker: Three Network Security Points to Identify and Protect
NIST Small Business Cybersecurity Act passed into law
7 Most Difficult Information Security Certifications
Potential BlackIT Botnet Attacks Can Bring down IoT Devices
Liar, liar, pants on fire! Barclays phish claims cards explode

Upcoming Webinars

Mon 27

Mastering Machine Learning for Security Professionals: A Discussion- Encore Presentation

August 27 @ 1:00 pm - 2:00 pm
Sep 13

Shifting Left…AND Right to Ensure Full Application Security Coverage

September 13 @ 1:00 pm - 2:00 pm
Sep 24

CISO/Security Vendor Relationship Roundtable

September 24 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Mastering Hybrid Cloud Security

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

What Does GDPR Mean for Intelligent Video?
Industry Spotlight Security Boulevard (Original) 

What Does GDPR Mean for Intelligent Video?

August 22, 2018 Andreas Pettersson | 8 minutes ago 0
Microsoft OneDrive: The Good, the Bad, and the Ugly
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Microsoft OneDrive: The Good, the Bad, and the Ugly

August 10, 2018 Bob Ertl | Aug 10 0
Launching a Digital Transformation? Make Security a Priority
Industry Spotlight Security Boulevard (Original) 

Launching a Digital Transformation? Make Security a Priority

August 7, 2018 John Aisien | Aug 07 0

Top Stories

Security Boulevard’s 5 Most Read Stories for the Week, August 13-17
Featured Governance, Risk & Compliance Identity & Access IoT & ICS Security Malware News Security Boulevard (Original) Spotlight Threats & Breaches Uncategorized 

Security Boulevard’s 5 Most Read Stories for the Week, August 13-17

August 20, 2018 Saleem Padani | 1 day ago 0
IKEv1 Vulnerabilities Break IPsec VPN Security in Cisco, Huawei, ZyXEL Gear
Featured IoT & ICS Security Network Security News Security Boulevard (Original) Spotlight Vulnerabilities 

IKEv1 Vulnerabilities Break IPsec VPN Security in Cisco, Huawei, ZyXEL Gear

August 20, 2018 Lucian Constantin | 1 day ago 0
Signal Sciences Extends WAF Scope
Application Security Cybersecurity Featured News Security Boulevard (Original) Spotlight 

Signal Sciences Extends WAF Scope

August 20, 2018 Michael Vizard | 1 day ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.