Some of Our Sources
- Slashdot
- Techcrunch
- Just Creative
- Spoon Graphics
- TutsPlus - Design
- You The Designer
- Inspiredology
- Naldz Graphics
- Willems Lab
- Dev To
Help Webnuz
Referal links:
July 24, 2018 01:25 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/1UH8s9hyo1w/russian-hackers-reach-us-utility-control-rooms-homeland-security-officials-say
Russian Hackers Reach US Utility Control Rooms, Homeland Security Officials Say
"Russian hackers [...] broke into supposedly secure, "air-gapped" or isolated networks owned by utilities (Warning: source may be paywalled; alternative source) with relative easy by first penetrating the networks of key vendors who had trusted relationships with the power companies," reports The Wall Street Journal, citing officials at the Department of Homeland Security. "They got to the point where they could have thrown switches" and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS. The hacking campaign started last year and likely is continuing. From the report: DHS has been warning utility executives with security clearances about the Russian group's threat to critical infrastructure since 2014. But the briefing on Monday was the first time that DHS has given out information in an unclassified setting with as much detail. It continues to withhold the names of victims but now says there were hundreds of victims, not a few dozen as had been said previously. It also said some companies still may not know they have been compromised, because the attacks used credentials of actual employees to get inside utility networks, potentially making the intrusions more difficult to detect. The attackers began by using conventional tools -- spear-phishing emails and watering-hole attacks, which trick victims into entering their passwords on spoofed websites -- to compromise the corporate networks of suppliers, many of whom were smaller companies without big budgets for cybersecurity. Once inside the vendor networks, they pivoted to their real focus: the utilities. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks. Then they began stealing confidential information. For example, the hackers vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled. They also familiarized themselves with how the facilities were supposed to work, because attackers "have to learn how to take the normal and make it abnormal" to cause disruptions, said Mr. Homer. Their goal, he said: to disguise themselves as "the people who touch these systems on a daily basis."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/1UH8s9hyo1w/russian-hackers-reach-us-utility-control-rooms-homeland-security-officials-say
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot