DHS: Russian Actors Infiltrated Electric Grids, Possibly Causing Blackouts – Attack Might Be Ongoing
The Department of Homeland Security (DHS) said state-sponsored Russian actors could have infiltrated electric utilities across the U.S., possibly causing blackouts and that the campaign might be ongoing.
The Russian actors, under the shadowy groups Dragonfly or Energetic Bear, were able to break into electric networks with relative ease, The Wall Street Journal reports — although they did not confirm power outages occurred as a result of Russian tampering.
“They got to the point where they could have thrown switches” and affect the flow of power, said DHS Chief of Industrial-Control-System Analysis, Jonathan Homer.
The DHS warned that American utilities were vulnerable to Russian meddling since at least December of 2014, The Daily Caller News Foundation reported. A Freedom of Information Act request showed that hackers from the nation also successfully infiltrated the Department of Energy’s (DOE) computer system more than 150 times between 2010 and 2014.
“They’ve been intruding into our networks and are positioning themselves for a limited or widespread attack,” said former deputy assistant secretary of defense, Michael Carpenter. “They are waging a covert war on the West.”
Russia, The WSJ reported, denied the attacks on the infrastructure. (RELATED: Bernie’s Chief Strategist Contacted Former Russian Spy Right Before Joining Campaign)
By using a trick called “spearhead phishing” or simply “phishing,” the Russians sent emails asking for login information disguised as a request to reset passwords from key officials with the clearance to, eventually, hack the electric grid remotely.
The Russian hackers familiarized themselves with how the facilities worked normally in order to “take the normal and make it abnormal” in order to cause disruptions, Homer said.
Homer added that the Russian’s goal was to disguise themselves as “the people who touch these systems on a daily basis.”
“You’re seeing an uptick in the way government is sharing threats and vulnerabilities,” said a cybersecurity expert for Edison Electric Institute, Scott Aaronson.
DHS added that some electric utility companies may still not know they’re compromised.
Send tips to firstname.lastname@example.org