A recent deep dive by The Wall Street Journal reconstructs the worst hack into the US power systems, revealing attacks on hundreds of small contractors. Rather than strike the utilities head on, the hackers went after hundreds of contractors and sub-contractors and worked their way up the supply chain. Industry experts have said that Russian government hackers likely remain inside some systems undetected.
Andrea Carcano, Co-Founder and Chief Product Office at Nozomi Networks:
“Recent reporting that deconstructs long-term hacking campaigns by sophisticated hacking groups like Dragonfly and Energetic Bear demonstrates some of the successful tactics used against utility companies in an attempt to hack the U.S. electric grid. Utility companies can learn a lot from the from what happened during these campaigns in order to protect themselves from future attempts by bad actors – and from the groups that may have already gained access into their systems and are waiting undetected.
One key tactic
used was to infiltrate third-party supply chain vendors, which is a well-known
APT tactic. Utilities must have their own protections to monitor their
SCADA/ICS operations not only for known attack signatures, but also for
anomalous behaviours that would indicate that third parties might have been
compromised by attackers that are using them to gain access into the utility’s
We can learn a
lot from these campaigns and utility companies should feel empowered knowing
that technology exists that can protect from tactics such as these. The more we
understand about attackers’ playbooks, the easier we can keep pace and
hopefully put ourselves in a position to be one step ahead.”
No tags for this post.
Based Blockchain Network