The ever-growing threat of state-sponsored cyberattacks against the U.S. is a clear indication that cyber warfare will more than likely play a big role in the next big global conflict.
In fact, a weaponized cyberattack can quickly take down critical utilities and infrastructures like the electrical power grid, leaving millions of people vulnerable to the elements, and the U.S. economy vulnerable to ruin. The aftermath of such an attack can be so severe that it can take years before the U.S. can recover (if ever) from such a catastrophe.
This may sound like a frightening Hollywood movie plot but make no mistake about it, the seeds of a massive attack on our electrical power utilities have already been planted. Read on and see how state-sponsored hackers have already infiltrated U.S. electrical companies and what can you do about it.
Russians are at it again
State-sponsored hackers from Russia were able to infiltrate and gain access to control rooms of key U.S. electric utilities last year, Department of Homeland Security (DHS) officials recently told The Wall Street Journal.
The hackers reportedly work for a group known as Dragonfly or Energetic Bear and they were able to break into the said utilities' systems to the point where they could have caused blackouts and disruptions to the power service.
Due to security reasons, the DHS officials have not disclosed the companies that were affected by the breach but they said that the campaign has already claimed hundreds of victims. Some of the affected companies may not even be aware that they were hacked because the attackers have used the credentials of real employees to infiltrate the networks.
The DHS has been warning utility companies about hacking attempts since 2014 and said that while earlier campaigns focused on smaller commercial facilities, the hackers have a grander goal of working their way up to infiltrate larger energy companies. The agency also noted it's not over yet and the campaign is likely to continue.
Listen to this Komando On Demand podcast for more on what the Russian hackers are after and how you can stop them. You’ll want to share this important information with your family and friends.
Critical utilities are vulnerable via third parties
But how do these hackers manage to gain their way into the systems of these critical facilities in the first place?
Well, they exploit the weakest links - smaller third-party companies.
First, the attackers use spear-phishing emails and watering hole attacks to trick employees of third-party vendors who may have relationships with the electric companies into entering their corporate username and password credentials on spoofed websites. The problem? Many of these smaller third-party companies don't have big budgets for cybersecurity so hacking their systems is easier.
Note: A spear-phishing attack is a form of a targeted email scam aimed specifically at an individual or organization. By sending out carefully crafted emails with identifiable personal data, the attackers make it appear that the messages are coming from legitimate and trusted sources.
A watering hole attack, on the other hand, is an attempt to compromise a group of users by planting malware on websites that they are known to visit regularly (for example, a company's Wiki page or web portal).
Once the attackers gain a foothold within the vendor networks, they move on to their ultimate goal - gaining access to the critical utilities. By tapping a company's confidential files, the hackers can then steal the credentials used by the vendors to gain direct access to the utility networks.
With this level of privilege, they begin pilfering information about how the utility networks are configured, what equipment is in use and how the equipment is controlled. The attackers also familiarize themselves with how the facilities work so they can cause disruptions without detection.
How employees can protect themselves
Third-party companies without adequate cybersecurity measures are definitely vulnerable to these attacks. Don't let your company be the springboard for much larger attacks. To protect against spear-phishing and watering hole attacks, here are few suggestions:
- Don't download unsolicited email attachments, especially from unknown sources.
- Don't click on links in suspicious emails.
- Don't trust "official" emails from companies you don't do business with.
- Take a second to look at any "official" emails before you follow any instructions.
- Company webmasters should regularly scan their websites for malware.
- Make sure that all systems are properly patched and updated.
It's also critical to educate company staff on how to spot phishing emails and provide them with information on how to prevent such attacks. Lastly, reliable security software is a must for stopping malware before it does damage.
Preparing for power blackouts
What would you do if cyberattackers shut down your water and electricity for a few days or weeks, or months? Are you prepared? Make sure you have a plan in place for your family if there is an extended blackout. Here are a few things you can do to keep your family safe:
- Make sure you have emergency cash on hand.
- Have an emergency supply of food and water.
- Keep supplies like candles, matches, batteries, and flashlights around the house.
- Have a power source handy in case you need to charge your gadgets.
- Be informed at all times. A battery-powered radio is essential during a blackout.
If you're concerned about malware attacks on our power grid and key government facilities, make sure you let your U.S. representatives know and ask them what the government is doing about it. You can contact your Congressperson with this link: Find Your Representative.
Microsoft warns of hackers targeting the U.S. midterm elections
In related news, Microsoft stated that hackers have already started targeting the 2018 mid-term elections. How safe is our electoral process? Click here to find out.