US Electric Grid Hacked: Perpetrators Could Have Shut Down The System 

9Shares



 

 

US Electric Grid Hacked: Perpetrators Could Have Shut Down The System

Authored by Mike Shedlock via MishTalk,

 

Hackers broke into the US electric grid with spearphishing techniques targeting contractors with system access.

 

The Wall Street Journal has a detailed report out regarding a sophisticated, and successful attack by hackers into the US electric grid. The hackers could have temporarily shut off power.

 

The Journal claims Russia is responsible. I hate such assumptions. In the absence of hard proof, the hack could have come from China, North Korea, Israel, or even the US. Even if Russian hackers did this, there is a difference between “Russian” and “Russia”.

 

Please consider America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It.

Early victims

In the summer of 2016, U.S. intelligence officials saw signs of a campaign to hack American utilities, says Jeanette Manfra, assistant secretary of Homeland Security’s cybersecurity and communications program. The tools and tactics suggested the perpetrators were Russian. Intelligence agencies notified Homeland Security, Ms. Manfra says.

Mr. Vitello of All-Ways Excavating has no idea how the hackers got into his email account. He doesn’t recall reading CFE’s websites or clicking on tainted email attachments. Nonetheless, the intrusion was part of the Russian campaign, according to the security companies that studied the hack.

On March 2, 2017, the attackers used Mr. Vitello’s account to send the mass email to customers, which was intended to herd recipients to a website secretly taken over by the hackers.

Once Mr. Vitello realized his email had been hijacked, he tried to warn his contacts not to open any email attachments from him. The hackers blocked the message.

 

Sneak Attack

 

Hackers sent bogus emails from the account of Oregon construction contractor Mike Vitello to herd recipients to a website they had secretly taken over, called imageliners.com. Hackers then used the site to seek access to contractors that do business with U.S. power utilities.

 

All-Ways Excavating is a government contractor and bids for jobs with agencies including the U.S. Army Corps of Engineers, which operates dozens of federally owned hydroelectric facilities.

 

One [email] went to Dan Kauffman Excavating Inc., in Lincoln City, Ore., with the subject line: “Please DocuSign Signed Agreement—Funding Project.”

 

Read the rest of this article 

 




9Shares