Advertisements

Hackers Gain Direct Access to US Power Grid Controls 

PALO ALTO, CA -JULY 12: Power line towers are shown July 12, 2002 in Palo Alto, California. The Federal Energy Regulatory Commission boosted the maximum price of electricity from $55.26 per megawatt hour to $91.87 in the wake of record-breaking temperatures for the week, including 112 degrees in Redding, California today. One megawatt is enough to power about 750 homes. (Justin Sullivan/Getty Images)

Hackers had the power to cause blackouts, Symantec says. And yes, most signs point to Russia.

Andy Greenberg writes: In an era of hacker attacks on critical infrastructure, even a run-of-the-mill malware infection on an electric utility’s network is enough to raise alarm bells. But the latest collection of power grid penetrations went far deeper: Security firm Symantec is warning that a series of recent hacker attacks not only compromised energy companies in the US and Europe but also resulted in the intruders gaining hands-on access to power grid operations—enough control that they could have induced blackouts on American soil at will.

Symantec on Wednesday revealed a new campaign of attacks by a group it is calling Dragonfly 2.0, which it says targeted dozens of energy companies in the spring and summer of this year. In more than 20 cases, Symantec says the hackers successfully gained access to the target companies’ networks. And at a handful of US power firms and at least one company in Turkey—none of which Symantec will name—their forensic analysis found that the hackers obtained what they call operational access: control of the interfaces power company engineers use to send actual commands to equipment like circuit breakers, giving them the ability to stop the flow of electricity into US homes and businesses.

“There’s a difference between being a step away from conducting sabotage and actually being in a position to conduct sabotage … being able to flip the switch on power generation,” says Eric Chien, a Symantec security analyst. “We’re now talking about on-the-ground technical evidence this could happen in the US, and there’s nothing left standing in the way except the motivation of some actor out in the world.”

Never before have hackers been shown to have that level of control of American power company systems, Chien notes. The only comparable situations, he says, have been the repeated hacker attacks on the Ukrainian grid that twice caused power outages in the country in late 2015 and 2016, the first known hacker-induced blackouts.

The Usual Suspects

Security firms like FireEye and Dragos have pinned those Ukrainian attacks on a hacker group known as Sandworm, believed to be based in Russia. But Symantec stopped short of blaming the more recent attacks on any country or even trying to explain the hackers’ motives. Chien says the company has found no connections between Sandworm and the intrusions it has tracked. Nor has it directly connected the Dragonfly 2.0 campaign to the string of hacker intrusions at US power companies—including a Kansas nuclear facility—known as Palmetto Fusion, which unnamed officials revealed in July and later tied to Russia.

Chien does note, however, that the timing and public descriptions of the Palmetto Fusion hacking campaigns match up with its Dragonfly findings. “It’s highly unlikely this is just coincidental,” Chien says. But he adds that while the Palmetto Fusion intrusions included a breach of a nuclear power plant, the most serious DragonFly intrusions Symantec tracked penetrated only non-nuclear energy companies, which have less strict separations of their internet-connected IT networks and operational controls. Read the rest of this entry »

Advertisements

Cybersecurity Expert Confirms Pundit Planet’s Full-Scale Non-Stop Global Panic Warnings

In classified cyberwar against Iran, trail of Stuxnet leak leads to White House - Washington Times

‘Be Afraid, America. Be Very Afraid’

Joseph Weiss writes:

…I’m talking about seizing control of industrial control systems. These ubiquitous hidden computers have gradually and quietly been put in charge of all manner of critical infrastructure—including nuclear power plants, the grid, water and gas pipelines, refineries, air traffic control, trains, factories, you name it.

[Also see – Cyberwar Ignites a New Arms Race]

Unlike the computers we use in our daily lives, these computers are largely invisible. They don’t have screens or keyboards. Most people aren’t aware that they exist. And yet they are embedded in low-level processes. They are everywhere because they create tremendous efficiencies and cost savings, and because they exist almost as an afterthought, they are often completely insecure. They often don’t run anti-virus software and by and large no one bothers to scan them to see if they might be infected with malicious software. And guess what? They often are connected to the Internet where a clever hacker half a world away can get access to them!

drstrangelove

The threat is not hypothetical. There have been almost 750 control system cyber events (including both malicious and unintentional incidents). They’ve had a global impact. Industries have included power companies, pipelines, dams, planes, and trains. Why hasn’t the public heard about them? Most often because the victims didn’t realize it since they didn’t have the right forensics….(read more)

Source: The Daily Beast

Leading cybersecurity expert Joseph Weiss writes about how vulnerable America’s computer systems are. He features in the NOVA documentary ‘CyberWar Threat,’ premiering Oct. 14 on PBS.


[VIDEO] Apple’s App Store Hacked in China

Some of the most popular Chinese apps in Apple’s App Store were found to be infected with malicious software in what is being described as a first-of-its-kind security breach. Here’s how it happened.

chinese-hacker-reuters

 


CHILL: The Veiled Mannequins of Mosul


Creator of Passwords Says They’ve Gotten Out of Hand. ‘It’s Become Kind of a Nightmare’


No Respect

dismantle

no-respect-obama

obama_alone_wh_photo-lrger

 


‘Winners and Losers’: 90,000 patients affected by UW Medicine security breach

UW-medicine-security-breach-620x336

SEATTLE — UW Medicine officials are alerting roughly 90,000 patients that their personal data was compromised in an October security breach.

Early last month, a UW Medicine employee opened an email attachment that contained malicious software. The malware took control of the computer, which happened to be storing personal information from approximately 90,000 UW Medicine and Harborview Medical Center patients, according to a UW Medicine news release.

The compromised patient data included names, phone numbers, addresses, medical record numbers and Social Security numbers, among other information.

UW Medicine is now reaching out to the affected patients and has also set up a call center to work with victims.

Read the rest of this entry »


Google to Soldiers: Malware is the Enemy

nsa-490x326

BRYANT JORDAN writes:  Getting the military’s cyber forces to focus more on the most serious threats to U.S. national security means getting away from a whack-a-mole-like strategy now used to find and remove malware in the system, officials from Google and Lockheed told a crowd of soldiers Wednesday.

Most of what cyber soldiers deal with is malware living in a system that can be exploited by an enemy, according to Jim Young, U.S. Army Account Executive for Google Enterprise Transformation.

It’s a common problem, but one that should not happen, he said at the last panel session at the Association of the U.S. Army’s annual conference in Washington D.C.

“This notion that persistent malware can stay on your machine should not happen,” he said. “The technology is out there today to erase it, or not make it an attack factor. So I encourage you … to start looking at opportunities that fundamentally change how you probe cyber security. Do not do incremental. It will not get you where you need to be.”

Read the rest of this entry »


CHILLED: Why reporters fear phones, email, arrange meetings with sources in person, one-on-one

intel-main

Many reporters covering national security and government policy in Washington these days are taking precautions to keep their sources from becoming casualties in the Obama administration’s war on leaks. They and their remaining government sources often avoid phone conversations and e-mail exchanges, arranging furtive one-on-one meetings instead.

“We have to think more about when we use cellphones, when we use e-mail and when we need to meet sources in person,” said Michael Oreskes, senior managing editor of the Associated Press. “We need to be more and more aware that government can track our work without talking to our reporters, without letting us know.” Read the rest of this entry »


In The Very Best Hands

O-CareNavigator


Panic at the top: Hollywood’s Elite Arming up, Fortified Weaponized Cars Selling Hot

Publicist Ronni Chasen was waiting at a red light in Beverly Hills in 2010 when she was shot five times through the car’s closed passenger window and killed.Christopher Wallace, aka Biggie Smalls, was leaving a party in L.A. when a gunman sprayed the door of the rap star’s Suburban with 9 mm bullets, striking Wallace four times and killing him.

The combination of guns, death and the particular vulnerability that a car on a public street presents to stars who are under siege from paparazzi and stalkers hits close to home for many in L.A.’s celebrity culture, where spending lavishly on personal security is a seldom-discussed necessity. Read the rest of this entry »


What We Lose if We Give Up Privacy

A civil libertarian reflects on the dangers of the surveillance state

By PEGGY NOONAN

What is privacy? Why should we want to hold onto it? Why is it important, necessary, precious?

Is it just some prissy relic of the pretechnological past?

We talk about this now because of Edward Snowden, the National Security Agency revelations, and new fears that we are operating, all of us, within what has become or is becoming a massive surveillance state. They log your calls here, they can listen in, they can read your emails. They keep the data in mammoth machines that contain a huge collection of information about you and yours. This of course is in pursuit of a laudable goal, security in the age of terror.

Is it excessive? It certainly appears to be. Does that matter? Yes. Among other reasons: The end of the expectation that citizens’ communications are and will remain private will probably change us as a people, and a country.

Read the rest of this entry »