- Russian hackers infiltrated US power companies and had the ability to cause widespread blackouts.
- While the hack appears to have been first reported by Symantec in 2017, this is the first time the Department of Homeland Security has provided detailed, unclassified information.
- Attacks began in 2016 and are likely to still be ongoing, said DHS.
Russian hackers infiltrated US electric utilities last year and had the ability to cause widespread blackouts, the Department of Homeland Security (DHS) said in a briefing on Monday.
Symantec first reported on a hacking campaign by the state-sponsored group Dragonfly targeting dozens of victims in the US energy sector in 2017. But this is the first time the DHS has provided detailed information about an incident in an unclassified setting and said the hack affected “hundreds of victims.”
Attacks began in 2016 and continued through 2017, and DHS officials said it’s likely the campaign is still ongoing.
By first penetrating the networks of power companies’ trusted vendors, hackers for Dragonfly, also known as Energetic Bear, were able to access utility networks, The Wall Street Journal reported Monday, citing officials at the DHS.
Russians used email phishing scams and fake websites to gain access to corporate networks.
“They got to the point where they could have thrown switches” and caused power outages, said Jonathan Homer, chief of industrial-control-system analysis for DHS.
Experts told The Journal it was unclear whether the attack was done in isolation or in preparation for a larger operation.
The DHS confirmation comes amid increasingly tense relations between Moscow and Washington. Earlier this month, 12 Russian intelligence agents were indicted in relation to the hacking of the Democratic National Committee before the 2016 US election.
The post Russian hackers infiltrated US power networks and had the ability to trigger massive blackouts appeared first on Business Insider.