When the Bee Gees sang that ‘the lights all went out in Massachusetts’, they probably weren’t referring to a cyber attack on the US power grid. Fifty years later, if the predictions of security firm Symantec are correct, this may soon become a regular occurrence. Hackers have recently succeeded in seizing control of major utilities operations – particularly non-nuclear, due to their less stringent security.
Inevitably, there is circumstantial evidence to suggest that Russia is involved. The attacks on the Ukrainian power supply system in December 2015 were traced to Moscow and Symantec suggests that the new threat, dubbed Dragonfly 2.0, has links with the Kremlin. The attackers used phishing and waterhole attacks to harvest credentials; giving them remote operational access to the interfaces that control circuit breakers and, through this, the ability to sabotage the system and cause blackouts.
Hackers have been eyeing up critical infrastructure as an attractive target for several years, but these latest developments allow them to penetrate further and more frequently. Symantec has alerted a number of potential utility targets, recommending that they purge any malware on their systems and change staff login details.