The Department of Homeland Security (DHS) has claimed that Russian hackers have breached the control rooms of multiple U.S. power suppliers via remote access.
Over “hundreds of victims” have been affected by a ‘giant and long-running’ hacking campaign instigated by Russian hackers who have gained access to control rooms of U.S. electric utilities, granting them the power to initiate mass blackouts, federal officials told the WSJ.
“They got to the point where they could have thrown switches” and caused sweeping power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS, speaking to the publication.
The state-sponsored group behind the hackers, known as Energetic Bear or Dragonfly, has been traced back to Russia. DHS officials have been warning utility giants’ executives with security privileges of the Russian group’s threat since 2014. However, a Monday briefing was the first time the agency gave out information in an open, unclassified setting with such detail, the report added.
The hackers used emails sent to senior staff for phishing attacks, using them to visit spoofed or hacked social media pages. After gaining access, the groups carried reconnaissance to learn the ways in which power systems and plants worked.
Michael Carpenter, former deputy assistant secretary of defense said:
“They’ve been intruding into our networks and are positioning themselves for a limited or widespread attack. They are waging a covert war on the West.”
Russia has been frequently accused of masterminding attacks against foreign state infrastructure. For instance, Ukraine suffered two attacks on its power grid – one in 2015 and the other in 2016. The first attack impacted 225,000 Ukrainians while the second blackout saw about a fifth of Kiev’s total power consumption disrupted. Both attacks have been linked to Russian state-sponsored hackers.
Russia has also been heavily implicated in the alleged hack during the 2016 US presidential elections.
Image credit: Pexels.