In what is the latest event to highlight the power industry’s vulnerability to cyber attacks, the U.S government warned industrial firms this week about a hacking campaign targeting the nuclear and energy sectors.
According to a joint report from the U.S. Department of Homeland Security and Federal Bureau of Investigation, to enable themselves to access to networks of their targets, hackers used tainted “phishing” emails to “harvest credentials” since at least May.
The report however did not identify any specific victims even while warning that in some cases hackers succeeded in compromising the networks of their targets and disclosing attacks.
“Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.
There was heavy hacking activity in the week that the report was released.
Spreading from initial infections in Ukraine to businesses around the globe, a virus dubbed “NotPetya” attacked on last Tuesday. Activity at ports, law firms and factories were disrupted as he virus encrypted data on infected machines, rendering them inoperable.
The U.S. investigators were looking into cyber intrusions this year at multiple nuclear power generators, the energy-industry news site E&E News reported on Tuesday.
There were no evidence safety systems had been compromised at affected plants, the E&E News report said.
At present, the industrial firms are particularly anxious about threat that hackers pose to their operations and the activity described in the U.S. government report comes amidst such a time.
Since December 2016, when hackers cut electricity in Ukraine, particularly worried about the potential for destructive cyber attacks are industrial firms, including power providers and other utilities.
They were not impacted by the recent cyber attacks, said U.S. nuclear power generators PSEG, SCANA Corp and Entergy Corp.
The malicious software used in the Ukraine attack could be easily modified to attack utilities in the United States and Europe, warned two cyber security firms on June 12 that they had identified the malicious software used.
Capable of disrupting industrial processes without the need for hackers to manually intervene, this is only the second piece of malware uncovered to date industroyer.
Widely believed to have been used by the United States and Israel to attack Iran’s nuclear program, the first such malware, Stuxnet, was discovered in 2010.
To enable them to create “decoy documents” on topics of interest to their targets, attackers conducted reconnaissance to gain information about the individuals whose computers they sought to infect, the U.S. government report said.
Including malware downloaders and tools that allow the hackers to take remote control of victim’s computers and travel across their networks, 11 filed were used in the attacks as described in the analysis of the report.
There were no comments available on their network security from the three largest U.S. oil producers – Chevron Corp, Exxon Mobil Corp and ConocoPhillips.
(Adapted from Reuters)