• 12 hours Trump Signs Executive Order To Protect Private Moon Miners
  • 1 day Renters Are Striking As COVID Reshapes Real Estate
  • 1 day Nothing Can Stop The Tesla Boom
  • 2 days 9 Ways The Lockdown Is Playing Out Around The World
  • 2 days WeWork Sues SoftBank For Withdrawing $3 Billion Insider Payoff
  • 3 days Solving Transportation’s Biggest Problem
  • 3 days Big Banks Could Win Big On Fed Small Business Bailout
  • 3 days Trump Increases Pressure On Venezuela
  • 3 days Researchers Create Organic Battery
  • 4 days Gold Is Still A Safe Haven, But Not Very Alluring
  • 4 days China Is Buying Up Billions Of Barrels Of Cheap Crude Oil
  • 5 days Are Gold Stocks Going To Bounce Back?
  • 5 days The Politics Of A Pandemic
  • 6 days What Does CHina’s EV Slowdown Mean For The Battery Metals Sector?
  • 7 days COVID Report Cards Will Brand Businesses Forever
  • 7 days Trump Tweet Sends Oil Soaring 25%
  • 8 days Why The Coronavirus Economic Crash Is Worse Than You Think
  • 8 days Is A Global Currency Necessary?
  • 9 days America Has Shed 500,000 Millionaires Since The Coronavirus Lockdown Began
  • 9 days Trump Wants Another $2 Trillion Economic Intervention
Huawei Given The Green Light To Build 5G Network In The UK

Huawei Given The Green Light To Build 5G Network In The UK

Britain will allow Chinese telecom…

How Blockchain Tech Could Make Mergers And Acquisitions More Efficient

How Blockchain Tech Could Make Mergers And Acquisitions More Efficient

Blockchain technology is shaping and creating…

Mobile Bank Startup Is Bent On Disrupting Big Finance

Mobile Bank Startup Is Bent On Disrupting Big Finance

European mobile bank startup N26…

  1. Home
  2. Tech
  3. Tech News

Hackers Tap Into The U.S. Electric Grid

Electric Grid

Hackers broke into the U.S. electric grid with spearphishing techniques targeting contractors with system access.

The Wall Street Journal has a detailed report out regarding a sophisticated, and successful attack by hackers into the U.S. electric grid. The hackers could have temporarily shut off power.

The Journal claims Russia is responsible. I hate such assumptions. In the absence of hard proof, the hack could have come from China, North Korea, Israel, or even the US. Even if Russian hackers did this, there is a difference between "Russian" and "Russia".

Please consider America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It.

Early victims

In the summer of 2016, U.S. intelligence officials saw signs of a campaign to hack American utilities, says Jeanette Manfra, assistant secretary of Homeland Security’s cybersecurity and communications program. The tools and tactics suggested the perpetrators were Russian. Intelligence agencies notified Homeland Security, Ms. Manfra says.

Mr. Vitello of All-Ways Excavating has no idea how the hackers got into his email account. He doesn’t recall reading CFE’s websites or clicking on tainted email attachments. Nonetheless, the intrusion was part of the Russian campaign, according to the security companies that studied the hack.

On March 2, 2017, the attackers used Mr. Vitello’s account to send the mass email to customers, which was intended to herd recipients to a website secretly taken over by the hackers. Related: Investors Turn Bullish On Gold ETFs

Once Mr. Vitello realized his email had been hijacked, he tried to warn his contacts not to open any email attachments from him. The hackers blocked the message.

Sneak Attack

Hackers sent bogus emails from the account of Oregon construction contractor Mike Vitello to herd recipients to a website they had secretly taken over, called imageliners.com. Hackers then used the site to seek access to contractors that do business with U.S. power utilities.

All-Ways Excavating is a government contractor and bids for jobs with agencies including the U.S. Army Corps of Engineers, which operates dozens of federally owned hydroelectric facilities.

One [email] went to Dan Kauffman Excavating Inc., in Lincoln City, Ore., with the subject line: “Please DocuSign Signed Agreement—Funding Project.”

Office manager Corinna Sawyer thought the wording was strange and emailed Mr. Vitello: “Just received this from your email, I assume you have been hacked.”

Back came a response from the intruders who controlled Mr. Vitello’s account: “I did send it.”

Ms. Sawyer, still suspicious, called Mr. Vitello, who told her the email, like the earlier one, was fake.

Federal officials say the attackers looked for ways to bridge the divide between the utilities’ corporate networks, which are connected to the internet, and their critical-control networks, which are walled off from the web for security purposes.

The bridges sometimes come in the form of “jump boxes,” computers that give technicians a way to move between the two systems. If not well defended, these junctions could allow operatives to tunnel under the moat and pop up inside the castle walls.

In briefings to utilities last summer, Jonathan Homer, industrial-control systems cybersecurity chief for Homeland Security, said the Russians had penetrated the control-system area of utilities through poorly protected jump boxes. The attackers had “legitimate access, the same as a technician,” he said in one briefing and were positioned to take actions that could have temporarily knocked out power.

Attack Still Ongoing

The hack started in 2016 and is still ongoing. The Journal cited many other contractors who were hacked the same way as Vitello. Here's a recent hack.

Related: Yellow Vests Plan Demonstrations Against Financial Institutions

Vello Koiv, president of VAK Construction Engineering Services in Beaverton, Ore., which does subcontracting for the Army Corps, PacifiCorp, Bonneville and Avista Corp., a utility in Spokane, Wash., says someone at his company took the bait from one of the tainted emails, but his computer technicians caught the problem, so “it was never a full-blown event.” Avista says it doesn’t comment on cyberattacks.

Mr. Koiv says he continued to get tainted emails in 2018. “Whether they’re Russian or not, I don’t know. But someone is still trying to infiltrate our server.”

Last fall, All-Ways Excavating was again hacked.

Battlefield Prepared

Industry experts say Russian government hackers likely remain inside some systems, undetected and awaiting further orders.

“What Russia has done is prepare the battlefield without pulling the trigger,” says Robert P. Silvers, former assistant secretary for cyber policy at Homeland Security and now a law partner at Paul Hastings LLP.

Assumptions

Once again, we have assumptions that "Russia is Responsible".

The excuse: "The tools and tactics suggested the perpetrators were Russian."

It's a bit of a leap to go from that assumption to the WSJ headline.

Scary Bottom Line

Assumptions aside, someone was able to hack into companies responsible for the US electric grid, gaining technical abilities to shut it down.

By Zerohedge

More Top Reads From Safehaven.com

Back to homepage

Leave a comment

Leave a comment