Hackers Gain Direct Access to US Power Grid Controls
Posted: September 8, 2017 Filed under: Crime & Corruption, Russia, Science & Technology, Self Defense, War Room | Tags: Dragonfly 2.0, Hackers, Power Grid, Security, Symantec Leave a comment
Hackers had the power to cause blackouts, Symantec says. And yes, most signs point to Russia.
Andy Greenberg writes: In an era of hacker attacks on critical infrastructure, even a run-of-the-mill malware infection on an electric utility’s network is enough to raise alarm bells. But the latest collection of power grid penetrations went far deeper: Security firm Symantec is warning that a series of recent hacker attacks not only compromised energy companies in the US and Europe but also resulted in the intruders gaining hands-on access to power grid operations—enough control that they could have induced blackouts on American soil at will.
Symantec on Wednesday revealed a new campaign of attacks by a group it is calling Dragonfly 2.0, which it says targeted dozens of energy companies in the spring and summer of this year. In more than 20 cases, Symantec says the hackers successfully gained access to the target companies’ networks. And at a handful of US power firms and at least one company in Turkey—none of which Symantec will name—their forensic analysis found that the hackers obtained what they call operational access: control of the interfaces power company engineers use to send actual commands to equipment like circuit breakers, giving them the ability to stop the flow of electricity into US homes and businesses.
“There’s a difference between being a step away from conducting sabotage and actually being in a position to conduct sabotage … being able to flip the switch on power generation,” says Eric Chien, a Symantec security analyst. “We’re now talking about on-the-ground technical evidence this could happen in the US, and there’s nothing left standing in the way except the motivation of some actor out in the world.”
Never before have hackers been shown to have that level of control of American power company systems, Chien notes. The only comparable situations, he says, have been the repeated hacker attacks on the Ukrainian grid that twice caused power outages in the country in late 2015 and 2016, the first known hacker-induced blackouts.
The Usual Suspects
Security firms like FireEye and Dragos have pinned those Ukrainian attacks on a hacker group known as Sandworm, believed to be based in Russia. But Symantec stopped short of blaming the more recent attacks on any country or even trying to explain the hackers’ motives. Chien says the company has found no connections between Sandworm and the intrusions it has tracked. Nor has it directly connected the Dragonfly 2.0 campaign to the string of hacker intrusions at US power companies—including a Kansas nuclear facility—known as Palmetto Fusion, which unnamed officials revealed in July and later tied to Russia.
Chien does note, however, that the timing and public descriptions of the Palmetto Fusion hacking campaigns match up with its Dragonfly findings. “It’s highly unlikely this is just coincidental,” Chien says. But he adds that while the Palmetto Fusion intrusions included a breach of a nuclear power plant, the most serious DragonFly intrusions Symantec tracked penetrated only non-nuclear energy companies, which have less strict separations of their internet-connected IT networks and operational controls. Read the rest of this entry »
Cybersecurity Expert Confirms Pundit Planet’s Full-Scale Non-Stop Global Panic Warnings
Posted: October 14, 2015 Filed under: China, Russia, Science & Technology, Think Tank, War Room | Tags: Antivirus software, Computer crime, Cyber Warfare, cybersecurity, Global Panic, Grid, Hacking, Industrial Control Systems, Infrastructure, Internet Protocol, Internet service provider, Malware, Power Plants, Security, software 2 Comments
‘Be Afraid, America. Be Very Afraid’
Joseph Weiss writes:
…I’m talking about seizing control of industrial control systems. These ubiquitous hidden computers have gradually and quietly been put in charge of all manner of critical infrastructure—including nuclear 
power plants, the grid, water and gas pipelines, refineries, air traffic control, trains, factories, you name it.
[Also see – Cyberwar Ignites a New Arms Race]
Unlike the computers we use in our daily lives, these computers are largely invisible. They don’t have screens or keyboards. Most people aren’t aware that they exist. And yet they are embedded in low-level processes. They are everywhere because they create tremendous efficiencies and cost savings, and because they exist almost as an afterthought, they are often completely insecure. They often don’t run anti-virus software and by and large no one bothers to scan them to see if they might be infected with malicious software. And guess what? They often are connected to the Internet where a clever hacker half a world away can get access to them!
The threat is not hypothetical. There have been almost 750 control system cyber events (including both malicious and unintentional incidents). They’ve had a global impact. Industries have included power companies, pipelines, dams, planes, and trains. Why hasn’t the public heard about them? Most often because the victims didn’t realize it since they didn’t have the right forensics….(read more)
Source: The Daily Beast
Leading cybersecurity expert Joseph Weiss writes about how vulnerable America’s computer systems are. He features in the NOVA documentary ‘CyberWar Threat,’ premiering Oct. 14 on PBS.
[VIDEO] Apple’s App Store Hacked in China
Posted: September 22, 2015 Filed under: Asia, China, Science & Technology | Tags: App Store (iOS), Apple Inc, Associated Press, Beijing, China, Chinese language, Malware, Security, software, WeChat Leave a comment
Some of the most popular Chinese apps in Apple’s App Store were found to be infected with malicious software in what is being described as a first-of-its-kind security breach. Here’s how it happened.
CHILL: The Veiled Mannequins of Mosul
Posted: July 22, 2014 Filed under: Global, War Room | Tags: Christian, Iraq, Islamic state, Mannequin, Mosul, Nineveh, Security, Washington Times 1 CommentISIL now forcing shopkeepers to veil mannequins in Mosul http://t.co/4i4rdS9vRG #Iraq #world pic.twitter.com/OQqZL1VDb2
— The Washington Times (@WashTimes) July 22, 2014
Creator of Passwords Says They’ve Gotten Out of Hand. ‘It’s Become Kind of a Nightmare’
Posted: May 22, 2014 Filed under: Mediasphere, Think Tank, U.S. News | Tags: eBay, MIT, Password, Passwords, PayPal, Security, Social Networking, Wall Street Journal 1 CommentCreator of passwords says they’ve gotten out of hand. “It’s become kind of a nightmare.” http://t.co/KPHBVeCPTB (MIT) pic.twitter.com/CwsMVCEpjT
— Wall Street Journal (@WSJ) May 22, 2014
No Respect
Posted: January 22, 2014 Filed under: Breaking News, Diplomacy, The Butcher's Notebook, White House | Tags: Arms race, Breaking news, CNN, Diplomacy, Foreign Minister, iPhone, Iran, media, Middle East, nuclear, nuclear enrichment, Obama, Security, White House Leave a comment
‘Winners and Losers’: 90,000 patients affected by UW Medicine security breach
Posted: December 2, 2013 Filed under: Health and Social Issues, Mediasphere, U.S. News | Tags: Harborview Medical Center, Patient, Security, Social Security number, University of Washington School of Medicine, UW Medicine 1 Comment
SEATTLE — UW Medicine officials are alerting roughly 90,000 patients that their personal data was compromised in an October security breach.
Early last month, a UW Medicine employee opened an email attachment that contained malicious software. The malware took control of the computer, which happened to be storing personal information from approximately 90,000 UW Medicine and Harborview Medical Center patients, according to a UW Medicine news release.
The compromised patient data included names, phone numbers, addresses, medical record numbers and Social Security numbers, among other information.
UW Medicine is now reaching out to the affected patients and has also set up a call center to work with victims.
Google to Soldiers: Malware is the Enemy
Posted: October 27, 2013 Filed under: Science & Technology, Think Tank, War Room | Tags: Charles Croom, Computer security, DARPA, Google, Jim Young, Lockheed Corporation, Malware, Security Leave a comment
BRYANT JORDAN writes: Getting the military’s cyber forces to focus more on the most serious threats to U.S. national security means getting away from a whack-a-mole-like strategy now used to find and remove malware in the system, officials from Google and Lockheed told a crowd of soldiers Wednesday.
Most of what cyber soldiers deal with is malware living in a system that can be exploited by an enemy, according to Jim Young, U.S. Army Account Executive for Google Enterprise Transformation.
It’s a common problem, but one that should not happen, he said at the last panel session at the Association of the U.S. Army’s annual conference in Washington D.C.
“This notion that persistent malware can stay on your machine should not happen,” he said. “The technology is out there today to erase it, or not make it an attack factor. So I encourage you … to start looking at opportunities that fundamentally change how you probe cyber security. Do not do incremental. It will not get you where you need to be.”
CHILLED: Why reporters fear phones, email, arrange meetings with sources in person, one-on-one
Posted: October 7, 2013 Filed under: Censorship, Mediasphere, White House | Tags: 1917 Espionage Act, Associated Press, Barack Obama, Edward Snowden, journalism, New York Times, NSA, Obama administration, Security, United States, Washington Post 4 Comments
Many reporters covering national security and government policy in Washington these days are taking precautions to keep their sources from becoming casualties in the Obama administration’s war on leaks. They and their remaining government sources often avoid phone conversations and e-mail exchanges, arranging furtive one-on-one meetings instead.
“We have to think more about when we use cellphones, when we use e-mail and when we need to meet sources in person,” said Michael Oreskes, senior managing editor of the Associated Press. “We need to be more and more aware that government can track our work without talking to our reporters, without letting us know.” Read the rest of this entry »
In The Very Best Hands
Posted: October 1, 2013 Filed under: Mediasphere | Tags: AHCA, Crime, Navigator, Obamacare, Privacy, Security, White House, zombie apocalypse 2 Comments
What We Lose if We Give Up Privacy
Posted: August 18, 2013 Filed under: Mediasphere | Tags: Civil liberties, Edward Snowden, National Security Agency, PEGGY NOONAN, Privacy, Security, Surveillance state, United States Leave a commentA civil libertarian reflects on the dangers of the surveillance state
By PEGGY NOONAN
What is privacy? Why should we want to hold onto it? Why is it important, necessary, precious?
Is it just some prissy relic of the pretechnological past?
We talk about this now because of Edward Snowden, the National Security Agency revelations, and new fears that we are operating, all of us, within what has become or is becoming a massive surveillance state. They log your calls here, they can listen in, they can read your emails. They keep the data in mammoth machines that contain a huge collection of information about you and yours. This of course is in pursuit of a laudable goal, security in the age of terror.
Is it excessive? It certainly appears to be. Does that matter? Yes. Among other reasons: The end of the expectation that citizens’ communications are and will remain private will probably change us as a people, and a country.
pundit from another planet 