In comforting news: Homeland Security says a group of Russian hackers successfully targeted hundreds of networks last year, going so far as to breach the control rooms of United States utilities companies. The hackers, had they wanted to, would easily have been able to cause blackouts in the U.S., The Wall Street Journal reports. In even more comforting news: Homeland Security says the targeting is probably ongoing.
The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure, “air-gapped” or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies, said officials at the Department of Homeland Security.
“They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS.
Earlier reports indicated that the breach impacted significantly fewer targets, citing dozens rather than hundreds. The newer figures do not include targets that may not have yet realized that they were breached, as the hackers “used credentials of actual employees to get inside utility networks.” Again … all very comforting.