Pentagon: Energy grid open to cyberattack

[MindWars]

Pentagon: Energy Grid Open to Cyberattack
Energy at risk?

------------------------------------------------------------------------------

Most people are aware of this, but has anything really been done nope.
This could easily be pulled off a lot easier than most realize.

 

[waltky]

Uncle Ferd says if dey can cut our power, dey can cut our water off - den what ya gonna do?...

US Warns Nuclear, Energy Firms of Hacking Campaign
July 01, 2017 — The U.S government warned industrial firms this week about a hacking campaign targeting the nuclear and energy sectors, the latest event to highlight the power industry’s vulnerability to cyberattacks.

Since at least May, hackers used tainted “phishing” emails to “harvest credentials” so they could gain access to networks of their targets, according to a joint report from the U.S. Department of Homeland Security and Federal Bureau of Investigation. The report provided to the industrial firms was reviewed by Reuters Friday. While disclosing attacks, and warning that in some cases hackers succeeded in compromising the networks of their targets, it did not identify any specific victims.

Industry looking into intrusions

“Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said. Homeland Security and FBI officials could not be reached for comment on the report, which was dated June 28. The report was released during a week of heavy hacking activity.

A virus dubbed “NotPetya” attacked Tuesday, spreading from initial infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupting activity at ports, law firms and factories. On Tuesday the energy-industry news site E&E News reported that U.S. investigators were looking into cyber intrusions this year at multiple nuclear power generators. Reuters has not confirmed details of the E&E News report, which said there was no evidence safety systems had been compromised at affected plants.

Worry since 2016

Industrial firms, including power providers and other utilities, have been particularly worried about the potential for destructive cyber attacks since December 2016, when hackers cut electricity in Ukraine. U.S. nuclear power generators PSEG, SCANA Corp and Entergy Corp said they were not affected by the recent cyberattacks. SCANA’s V.C. Summer nuclear plant in South Carolina shut down Thursday because of a problem with a valve in the non-nuclear portion of the plant, a spokesman said. Another nuclear power generator, Dominion Energy, said it does not comment on cyber security. Two cyber security firms said June 12 that they had identified the malicious software used in the Ukraine attack, which they dubbed Industroyer, warning that it could be easily modified to attack utilities in the United States and Europe.

Industroyer is the second piece of malware uncovered to date that is capable of disrupting industrial processes without the need for hackers to manually intervene. The first, Stuxnet, was discovered in 2010 and is widely believed by security researchers to have been used by the United States and Israel to attack Iran’s nuclear program. The U.S. government report said attackers conducted reconnaissance to gain information about the individuals whose computers they sought to infect so that they create “decoy documents” on topics of interest to their targets. In an analysis, it described 11 files used in the attacks, including malware downloaders and tools that allow the hackers to take remote control of victims’ computers and travel across their networks. Chevron Corp, Exxon Mobil Corp and ConocoPhillips, the three largest U.S. oil producers, declined to comment on their network security.

US Warns Nuclear, Energy Firms of Hacking Campaign

See also:

US government warns energy sector of hacking
Sun, Jul 02, 2017 - The US government this week warned industrial firms about a hacking campaign targeting the nuclear and energy sectors.

Since at least May, hackers used tainted “phishing” e-mails to “harvest credentials” so they could gain access to networks of their targets, a joint report from the US Department of Homeland Security and FBI said. The report provided to the industrial firms was reviewed by reporters on Friday. While disclosing attacks and warning that in some cases hackers succeeded in compromising the networks of their targets, it did not identify any specific victims. “Historically, cyberactors have strategically targeted the energy sector with various goals ranging from cyberespionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.

On Tuesday the energy-industry news Web site E&E News reported that US investigators were looking into cyberintrusions this year at multiple nuclear power generators. There was no evidence safety systems had been compromised at affected plants, the report said.

The US government report said attackers conducted reconnaissance to gain information about the individuals whose computers they sought to infect so that they create “decoy documents” on topics of interest to their targets. In an analysis, it described 11 files used in the attacks, including malware downloaders and tools that allow the hackers to take remote control of victims’ computers and travel across their networks.

US government warns energy sector of hacking - Taipei Times

 

[waltky]

Russia Hacked Energy Grid...

US Says Russia Hacked Energy Grid, Punishes 19 for Meddling
15 Mar 2018 | WASHINGTON — Pushing back harder on Russia, the Trump administration accused Moscow on Thursday of a concerted hacking operation targeting the U.S. energy grid, aviation systems and other infrastructure, and also imposed sanctions on Russians for alleged interference in the 2016 election.

It was the strongest action to date against Russia by the administration, which has long been accused of being too soft on the Kremlin, and the first punishments for election meddling since President Donald Trump took office. The sanctions list included the 13 Russians indicted last month by special counsel Robert Mueller, whose Russia investigation the president has repeatedly sought to discredit. U.S. national security officials said the FBI, Department of Homeland Security and intelligence agencies had determined that Russian intelligence and others were behind a broad range of cyberattacks beginning a year ago that have infiltrated the energy, nuclear, commercial, water, aviation and manufacturing sectors. The officials said the Russian hackers chose their targets, obtained access to computer systems, conducted "network reconnaissance" of systems that control key elements of the U.S. economy and then attempted to cover their tracks by deleting evidence of their infiltration. The U.S. government has helped the industries kick out the Russians from all systems currently known to have been penetrated, according to the officials, but the efforts continue. The officials, who briefed reporters on condition of anonymity to discuss sensitive national security information, left open the possibility of discovering more breaches, and said the federal government was issuing an alert to the energy industry to raise awareness about the threat and improve preparation.

That alert, published online by Homeland Security, said the hacking effort was a "multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities' networks" to gain access and plant malware, which was then used to monitor activity as well as to move laterally into other, larger industrial control systems. It also said the hackers exploited open-source material from companies' public websites to mine seemingly innocuous information that was later used to infiltrate networks. In one case, the alert said, hackers downloaded a small image from a company's human resources page that when blown up was actually "a high-resolution photo that displayed control systems equipment models and status information in the background." The accusations and accompanying Russian sanctions were the most severe yet by the Trump administration in connection with hacking and other efforts to sow discord in America's democracy and compromise its infrastructure. Also Thursday, President Donald Trump, who has been publicly skeptical of the election allegations, joined the leaders of Britain, France and Germany in a joint statement blaming Moscow for the poisoning of an ex-Russian spy who was living in England.

Reaction from Russia was swift.

Deputy Foreign Minister Sergei Ryabkov said Moscow was greeting the sanctions calmly, but he warned that Russia had already started "to prepare a response." He suggested the Trump administration had timed the sanctions to come ahead of this weekend's presidential election in Russia, in which President Vladimir Putin is expected to win an overwhelming victory. "It is tied to U.S. internal disorder, tied of course to our electoral calendar," Ryabkov was quoted as saying by the Russian state news agency Tass. The list of Russians now under U.S. sanctions includes the 13 indicted last month by U.S. special counsel Robert Mueller as part of his Russia-related investigation into alleged election interference. The sanctions are the first use of the new powers that Congress passed last year to punish Moscow for meddling in an election that Trump won over Democrat Hillary Clinton. "These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia," Treasury Secretary Steven Mnuchin said. He said others would face punishment in the future under the new sanctions law "to hold Russian government officials and oligarchs accountable for their destabilizing activities." Altogether, 19 Russians were cited. Also sanctioned were five Russian companies, including the Internet Research Agency, which is accused of orchestrating a mass online disinformation campaign to affect the presidential election result. The U.S. Treasury Department announced the sanctions amid withering criticism accusing Trump and his administration of failing to use its congressionally mandated authority to punish Russia. The sanction targets include officials working for the Russian military intelligence agency GRU.

Thursday's action freezes any assets the individuals and entities may have in the United States and bars Americans from doing business with them. The Treasury Department said the GRU and Russia's military both interfered in the 2016 election and were "directly responsible" for the NotPetya cyberattack that hit businesses across Europe in June 2017, causing billions of dollars in damage by disrupting global shipping, trade and medicine production. It noted that the attack caused several U.S. hospitals to be unable to create electronic medical records for more than a week. Among those affected was Yevgeny Prigozhin, who is known as "Putin's chef" and who ran the St. Petersburg-based Internet Research Agency, and 12 of the agency's employees. They were included in Mueller's indictment last month. The agency "tampered with, altered or caused a misappropriation of information with the purpose or effect of interfering with or undermining election processes and institutions," specifically the 2016 U.S. presidential race. "The IRA created and managed a vast number of fake online personas that posed as legitimate U.S. persons to include grass-roots organizations, interest groups and a state political party on social media," the Treasury Department statement said. "Through this activity, the IRA posted thousands of ads that reached millions of people online." The sanctions also affect the Russian Federal Security Service, or FSB, and six of its employees for cyberattacks more broadly, including those targeting Russian journalists, opposition figures, foreign politicians and U.S. officials. The Americans include members of the diplomatic corps, the military and White House staffers.

US Says Russia Hacked Energy Grid, Punishes 19 for Meddling

 

[whitehall]

Let's see, apparently during the stagnant eight year Hussein administration the Pentagon didn't think the "energy grid was open to cyber attack". What happened?

 

[DJT for Life]

This might be a tad off-topic, but I don't think it is. (It's at least, related)

Cyber War has to be defended against, but I don't know if I would engage
the enemy in returning the favor. I don't think I want them to know what
I can do in Cyber Warfare. I don't want them playing for it. Now, obviously
they will plan for anything that they are attempting to do and defend against,
but in a preemptive strike, using your subs, 5 minutes could degrade their
retaliatory options, if you can shut them down for those 5 minutes and your
subs are in close enough.

Let 'em play Cyber War and show us what they can do, but don't show them
what we can do. We only need to show them one time, when it is too
late for them to do anything about it.