Latest Breaking News

Russian Hackers Reach U.S. Utility Control Rooms, Homeland Security Officials Say

Blackouts could have been caused after the networks of trusted vendors were easily penetrated

Officials of the Department of Homeland Security said hackers have reached the control rooms of U.S. electric utilities.

By Rebecca Smith
July 23, 2018 7:21 p.m. ET

Hackers working for Russia claimed “hundreds of victims” last year in a giant and long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts, federal officials said. They said the campaign likely is continuing.

The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure, “air-gapped” or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies, said officials at the Department of Homeland Security. ... “They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS.

DHS has been warning utility executives with security clearances about the Russian group’s threat to critical infrastructure since 2014. But the briefing on Monday was the first time that DHS has given out information in an unclassified setting with as much detail. It continues to withhold the names of victims but now says there were hundreds of victims, not a few dozen as had been said previously.

It also said some companies still may not know they have been compromised, because the attacks used credentials of actual employees to get inside utility networks, potentially making the intrusions more difficult to detect.
....

Write to Rebecca Smith at rebecca.smith@wsj.com

Appeared in the July 24, 2018, print edition as 'Russia Hacks Its Way Into U.S. Utilities.'