Hackers Can Now Cause Blackouts On America’s Electrical Grid, Report

Saturday, September 9, 2017
By Paul Martin

by Rick Moran via AmericanThinker.com,
ZeroHedge.com
Sep 9, 2017

It was inevitable that someday, hackers would have the ability to exert control over the U.S. electrical grid. According to the computer security firm Symantec, someday is today.

Hacking attacks over the last several months that targeted U.S. energy companies have been able to gain “operational control” over systems, thus threatening blackouts across the U.S., says Symantec.

The hacker group known as DragonFly 2.0 was able to gain control in at least 20 places, according to the firm.

Wired:

Symantec on Wednesday revealed a new campaign of attacks by a group it is calling Dragonfly 2.0, which it says targeted dozens of energy companies in the spring and summer of this year. In more than 20 cases, Symantec says the hackers successfully gained access to the target companies’ networks. And at a handful of US power firms and at least one company in Turkey – none of which Symantec will name – their forensic analysis found that the hackers obtained what they call operational access: control of the interfaces power company engineers use to send actual commands to equipment like circuit breakers, giving them the ability to stop the flow of electricity into US homes and businesses.

“There’s a difference between being a step away from conducting sabotage and actually being in a position to conduct sabotage … being able to flip the switch on power generation,” says Eric Chien, a Symantec security analyst. “We’re now talking about on-the-ground technical evidence this could happen in the US, and there’s nothing left standing in the way except the motivation of some actor out in the world.”

Never before have hackers been shown to have that level of control of American power company systems, Chien notes. The only comparable situations, he says, have been the repeated hacker attacks on the Ukrainian grid that twice caused power outages in the country in late 2015 and 2016, the first known hacker-induced blackouts.

Security firms like FireEye and Dragos have pinned those Ukrainian attacks on a hacker group known as Sandworm, believed to be based in Russia. But Symantec stopped short of blaming the more recent attacks on any country or even trying to explain the hackers’ motives. Chien says the company has found no connections between Sandworm and the intrusions it has tracked. Nor has it directly connected the Dragonfly 2.0 campaign to the string of hacker intrusions at US power companies – including a Kansas nuclear facility – known as Palmetto Fusion, which unnamed officials revealed in July and later tied to Russia.

Chien does note, however, that the timing and public descriptions of the Palmetto Fusion hacking campaigns match up with its Dragonfly findings. “It’s highly unlikely this is just coincidental,” Chien says. But he adds that while the Palmetto Fusion intrusions included a breach of a nuclear power plant, the most serious DragonFly intrusions Symantec tracked penetrated only non-nuclear energy companies, which have less strict separations of their internet-connected IT networks and operational controls.

The first question I would want answered is, if they have that sort of control, why not exercise it? Why no blackouts or service interruptions in the U.S.?

The Rest…HERE

Leave a Reply

Join the Revolution - Enter Any Donation Amount Below to Revolution Radio!