Russian hackers penetrated networks of US electric utilities

Leroy Wright
July 26, 2018

Russian hackers working for a shadowy state-sponsored group previously identified as Energetic Bear or Dragonfly infiltrated the control rooms of U.S. electric utilities previous year as part of a long-running and unsafe campaign that claimed "hundreds of victims" according to a recent report from The Wall Street Journal.

According to the DHS officials, the attackers initiated the campaign by targeting employees of the utility companies' suppliers.

Russian hackers managed to infiltrate the control rooms of U.S. utility companies - where they could have easily "thrown switches" and caused power outages, according federal officials.

"They got to the point where they could have thrown switches", said a DHS official.

This is because Russian-linked hackers a year ago apparently gained access to the networks of U.S. electric utilities.

DHS did not immediately respond to CNBC's request for comment.

USA officials say cyberattackers penetrated the control rooms of some power companies. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks.

Michael Cohen Not Seeking Pardon From Donald Trump, Attorney Lanny Davis Says
Jones disclosed Monday that agents obtained 12 audio recordings in the Cohen raids - and those have been provided to prosecutors. One of Cohen's attorneys, Lanny Davis , appeared on CNN Tuesday night to claim responsibility for providing the tape.

The DHS, meanwhile, has been warning utility executives about the group since 2014. While the department didn't call out victims by name, it did confirm that there were hundreds of victims, not just a few dozen as had previously been reported.

Some companies that were compromised may not yet know they have become a victim in a Russian attack, according to the report.

Inside the utility networks, the hackers were able to harvest other sensitive information: how the networks were configured, what equipment was used, and normal operating procedures.

Their goal, he said: to disguise themselves as "the people who touch these systems on a daily basis".

In the Ministry of internal security of the United States told the publication that the attack is likely to continue.

Investigators cited by the WSJ said was it was not clear whether this was done by the hackers in preparation for a bigger future attack.

Other reports by

Discuss This Article