Tuesday, October 23, 2018
  • DerbyCon 2018, Amanda Berlin’s ‘Hackers, Hugs, & Drugs: Mental Health In Infosec’
  • Introducing Data Guardrails and Behavioral Analytics: Understand the Mission
  • Masscan as a lesson in TCP/IP
  • Plusses and Pitfals of Repo.stream
  • AWS FreeRTOS Riddled with Security Vulnerabilities | Avast

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Security Bloggers Network 

Home » Security Bloggers Network » Russian Hacking Campaign Targeting U.S. Electric Utilities

Russian Hacking Campaign Targeting U.S. Electric Utilities

by David Bisson on July 24, 2018

Homeland security officials said that individuals working for Russia are currently targeting electric utilities located in the United States.

The Department of Homeland Security told The Wall Street Journal that persons working for a state-sponsored hacking group called “Dragonfly” or “Energetic Bear” compromised “hundreds of victims” in 2017. They did so through the use of spear-phishing techniques and watering hole attacks designed to steal users’ passwords. With those credentials, they gained access to the networks of suppliers of many U.S. electric utilities. They then stole information that allowed them to infiltrate the utilities themselves. Once inside, they reportedly had the ability to cause blackouts, meaning they would have had access to the control centers themselves.

“They got to the point where they could have thrown switches” said Jonathan Homer, chief of industrial-control-system analysis for DHS.

But Robert M. Lee, CEO and Founder of the industrial cyber security company Dragos, Inc., said on Twitter that some of the language used by the DHS to describe the campaign is misleading.

And language such as “throwing switches” and noting it would cause “black outs” is in no way representative of what was seen in these intrusions. In these cases the adversary was taking screenshots of HMIs.

— Robert M. Lee (@RobertMLee) July 24, 2018

This isn’t the first time homeland security officials warned of Russian actors targeting power companies. In March 2018, DHS and the Federal Bureau of Investigation (FBI) publicly blamed Russia for attempting to hack U.S. energy infrastructure. They said that campaign also attempted to compromise suppliers’ networks before hacking into the power companies themselves.

Investigators cited by The Wall Street Journal said it’s unclear whether Dragonfly conducted this latest campaign in preparation for a larger attack. As a result, DHS said it intends to hold four briefings (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/off-topic/russian-hacking-campaign-targeting-u-s-electric-utilities/

July 24, 2018July 24, 2018 David Bisson electric, Hacking, Off Topic, Russia
  • ← UK university domains spoofed in massive fraud campaign targeting suppliers
  • Hackers breach Singapore’s largest healthcare provider; steal records of 1.5 million patients, including the Prime Minister →
Featured Blog

Fortinet All Blogs

Fortinet Acquires ZoneFox

Fortinet All Blogs

Fortinet Recognized as a Challenger in the First Gartner WAN Edge MQ

Fortinet All Blogs

How CISOs Can Maintain Corporate Privacy as Employees Adopt Emerging Technologies

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

6 DevOps Security Challenges to Overcome
New Attacks Reuse Malware Code from Dormant APT1
Schneier: Security Tough in the ‘Computerization of Everything’
Insider Threat: FinCEN Insider Bares Treasury Secrets
FireEye Focuses on Email Security Analysis with Free Offering
How Are You Celebrating National Security Awareness Month?
Fighting mobile banking threats with threat intelligence | Avast
Scraping Social Security Numbers on the Web
Here are all the countries where the government is trying to ban VPNs
MikroTik routers targeted by cryptomining campaign | Avast

Upcoming Webinars

Wed 31

Beyond S3 Buckets – Effective Countermeasures for Emerging Cloud Threats

October 31 @ 11:00 am - 12:00 pm
Nov 07

Operationalizing Data For Fraud Investigations

November 7 @ 1:00 pm - 2:00 pm
Nov 13

The State of Open Source Vulnerabilities Management

November 13 @ 1:00 pm - 2:00 pm
Nov 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The Main Application Security Technologies to Adopt by 2018

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Cybersecurity Best Practices Calls for Penetration Testing
Cybersecurity Industry Spotlight Network Security Security Boulevard (Original) 

Cybersecurity Best Practices Calls for Penetration Testing

October 23, 2018 Min Pyo Hong | Yesterday 0
ASan and Beyond: Harnessing the Potential of the Masses to Fight Cybercrime
Cybersecurity Industry Spotlight Security Boulevard (Original) Threat Intelligence 

ASan and Beyond: Harnessing the Potential of the Masses to Fight Cybercrime

October 22, 2018 Ronen Slavin | 1 day ago 0
6 DevOps Security Challenges to Overcome
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

6 DevOps Security Challenges to Overcome

October 19, 2018 Gilad David Maayan | 4 days ago 0

Top Stories

Drupal Patches Critical Remote Code Execution Flaws
DevOps Featured Malware News Security Boulevard (Original) Spotlight Vulnerabilities 

Drupal Patches Critical Remote Code Execution Flaws

October 23, 2018 Lucian Constantin | Yesterday 0
FreeRTOS Flaws Puts Many IoT, ICS Devices at Risk
DevOps Featured IoT & ICS Security News Security Boulevard (Original) Spotlight 

FreeRTOS Flaws Puts Many IoT, ICS Devices at Risk

October 22, 2018 Lucian Constantin | 1 day ago 0
FireEye Focuses on Email Security Analysis with Free Offering
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

FireEye Focuses on Email Security Analysis with Free Offering

October 22, 2018 Michael Vizard | 1 day ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.