As a nation, we always need to be on guard for cyberattacks. They are becoming more and more frequent and dangerous these days.
The threat of state-sponsored cyberattacks against the U.S. is a clear indication that cyber warfare will more than likely play a huge role in the next global conflict. That’s why it’s critical to have systems in place that will fend off any attempt at a cyberattack.
But that doesn’t mean bad actors aren’t trying to hack those systems. In fact, Russian hackers have been attacking America’s infrastructure for some time, and are still at it.
Russian hackers attacking U.S. power grids
The idea of cybercriminals attacking power grids isn’t anything new. Russian hackers successfully took down Ukraine power grids a couple years ago, causing two large-scale blackouts.
Now, researchers at FireEye are warning that Russian actors are constantly working on breaking into U.S. power grids. They spoke of the threat last week at the CyberwarCon forum in Washington, D.C.
FireEye analyst Alex Orleans said, “There’s still a concentrated Russian cyber espionage campaign targeting the bulk of the U.S. electrical grid. The grid is still getting hit.” The hacking group targeting the U.S. is called TEMP.Isotope.
The Department of Homeland Security has also been warning utility companies about hacking attempts since 2014. It said that while earlier campaigns focused on smaller commercial facilities, their ultimate goal is to infiltrate larger energy companies.
Spear-phishing email attacks are being used to trick employees of third-party vendors who may have relationships with the electric companies into entering their corporate username and password credentials on spoofed websites. The problem? Many of these smaller third-party companies don’t have big budgets for cybersecurity, so hacking their systems is easier to infiltrate.
Note: A spear-phishing attack is a form of a targeted email scam aimed specifically at an individual or organization. By sending out carefully crafted emails with identifiable personal data, the attackers make it appear that the messages are coming from legitimate and trusted sources.
Once the attackers gain a foothold within the vendor networks, they move on to their ultimate goal – gaining access to the critical utilities. By tapping a company’s confidential files, the hackers can then steal the credentials used by the vendors to gain direct access to the utility networks.
With this level of privilege, they begin pilfering information about how the utility networks are configured, what equipment is in use and how the equipment is controlled. The attackers also familiarize themselves with how the facilities work so they can cause disruptions without detection.
What can we do now?
What would you do if a cyberattack shut down your water and electricity for a few days or weeks, or months? Are you prepared?
Make sure you have a plan in place for your family if there is an extended blackout. Here are a few things you can do to keep your family safe:
- Make sure you have emergency cash on hand.
- Have an emergency supply of food and water.
- Keep supplies like candles, matches, batteries, and flashlights around the house.
- Have a power source handy in case you need to charge your gadgets.
- Be informed at all times. A battery-powered radio is essential during a blackout.
If you’re concerned about malware attacks on our power grid and key government facilities, make sure you let your U.S. representatives know and ask them what the government is doing about it. You can contact your Congressperson with this link: Find Your Representative.
Tap or click below to listen to this free Komando on Demand podcast!
Almost 3 years ago, Russia dropped a cyber-bomb on Ukraine, hacking energy companies and wiping out power to hundreds of thousands. Government security agents say that was just the beginning. A test of sorts for possibly a much bigger plan. Listen to this Komando on Demand podcast as Kim takes you through the history of cyber warfare and share things you should be doing now to prepare for a possible cyber attack.