Russian hackers behind ‘world’s most murderous malware’ probing U.S. power grid

A hacking group linked to the Russian government has been attempting to breach the U.S. power grid, Wired reports.

Security experts from the non-profit group the Electric Information Sharing and Analysis Center (E-ISAC) and security firm Dragos tracked the hackers — and warn that the group has been probing the grid for weaknesses, searching for ways that they could access U.S. systems.

Even though there are no signs that the group has succeeded in accessing the power grid, the attacks still have experts worried. And that’s partly because of the history of this particular hacking group: Xenotime, who created the infamous Triton malware. In late 2017, Triton attacked critical infrastructure such as the industrial control systems used in power plants, and it could have been used to cause massive destruction through tampering with power plant controls. That lead it to be labeled the “world’s most murderous malware.”

The recent events aren’t the first time the U.S. power grid has been subject to an attempted attack. In 2016, a state-sponsored Russian group tried to hack American utilities via the compromised email account of a contractor, as reported by the Wall Street Journal. The idea was to compromise a low-level target (the contractor) and then work their way up the chain of security through phishing and other tactics. The attack targeted 60 different utilities and succeeding in breaching 24 of them.

A similar attack was launched against the power grid of Ukraine in 2015, which was the first known hack against a power grid to succeed. The hackers were able to disrupt the supply of electricity after compromising security through the use of spear phishing attacks. The total amount of electricity interrupted was relatively small, at 73 MWh or or 0.015% of daily electricity consumption in the country, but it shows what is possible from such hacks. Once again the blame was placed on Russia, in this case a hacking group known as Sandworm.

If hackers are able to compromise the U.S. power grid, they could potentially cause a long-term power outage. And that means more than just the lights going out. A large scale outage could be devastating for emergency services, hospitals, power plants, water treatment, and many more essential services. And that’s on top of the chaos that would erupt when ordinary people suffer outages in their homes.

The security of the power grid might sound like a problem that should be fixed as a matter of urgency, but unfortunately it’s not that easy. Because of the distributed nature of utilities and the varying state and federal regulations, securing the grid completely may be almost impossible.

Editors' Recommendations