US utility’s control systems hit by advanced cyber attack – DHS

Reuters / Thomas Peter RT News

An advanced group of hackers recently attacked a US public utility, compromising its control system network without affecting the utility’s operations, according to the US Department of Homeland Security.

The Department of Homeland Security (DHS) did not name the utility in a report released this week by the agency’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).  

“While unauthorized access was identified, ICS-CERT was able to work with the affected entity to put in place mitigation strategies and ensure the security of their control systems before there was any impact to operations,” a DHS official told Reuters.

The agency report said that investigators had determined the utility was likely a victim of previous attacks, though it did not elaborate.

Cyber-attacks of this kind are rarely disclosed by ICS-CERT, which is often secretive about its investigations in order to encourage businesses to offer information to the government, according to Reuters. In addition, companies are often hesitant to share information with the public should the attacks result in negative publicity.

DHS said the hacking group may have launched the latest attack via an internet portal that allowed workers to access the utility’s control systems. DHS added that the utility’s system employed a simple password mechanism that could have been compromised by “brute forcing,” when hackers digitally force their way into a system using a variety of password combinations.

In the report, DHS also described another hack of a control system server connected to “a mechanical device.” DHS offered few details about the case, except that the attacker had access over an extended period, yet no attempts were made to manipulate the system.

“Internet facing devices have become a serious concern over the past few years,” the agency said in the report.

Utility companies’ vulnerability to cyber threats has been a point of concern for the US government and susceptible businesses. A particular worry is for the electric grid, as power companies employ Supervisory Control and Data Acquisition (SCADA) networks to control their systems. SCADA networks are made to keep the grid completely efficient, but not necessarily secure, according to DailyTech.

Earlier this month, the Federal Bureau of Investigation said it will aggressively crack down on cyber crime over the next few weeks, with a bureau official advising the public to anticipate indictments, searches, and multiple arrests.

On Monday, the US indicted five members of the Chinese military with hacking into American computer networks and engaging in cyber espionage for a foreign government. Among the entities targeted were nuclear technology developer Westinghouse and a large integrated specialties metal company headquarters in Pittsburgh, according to the Department of Justice.

Beijing reacted to Washington’s industrial espionage accusations by publishing its latest data on US cyber-attacks against China.

The 2013 ICS-CERT responded to 256 cyber-incident reports, with more than half in the energy sector. Though that is nearly double the number in 2012, there was not one incident that caused a major problem.

The 2013 incidents include hacking into systems via internet portals exposed over the web, using malicious software through thumb drives, and exploitation of software vulnerabilities.

http://rt.com/usa/160328-utility-cyber-attack-hack/

4 thoughts on “US utility’s control systems hit by advanced cyber attack – DHS

  1. Watch them use this incident as an excuse to implement more Internet control and censorship. All for our security and protection, of course. 😉

  2. The “Smart Grid” was designed so hackers could take it down. Engineered False Flag.

  3. Agreed, 100%, Farmer.

    I seriously doubt that any US utility’s control systems are connected to the internet at all, simply because there’s no need for it, and it would open them up to unnecessary risk.

    They’ve been pushing this cyber-attack and electrical grid attack nonsense for a while now, so I too think this is all part of the process of setting us up for a false-flag, but I think this one should be watched closely by all Patriots.

    If the power and/or internet goes down, I would expect that it’s the beginning of their attack on Patriots. As they say in Hollywood movies, “man your battle stations” if communications go down, because that’s how their assault will begin.

    Assume that the war has begun, until you can reliably confirm that it hasn’t.

  4. Good thing the NSA is busy monitoring all the cell phone calls the general populous make. It has really paid off well…just liek the TSA, yeah, that’s it, yeah.

Join the Conversation

Your email address will not be published. Required fields are marked *


*