Skip to main content

Russian hackers behind ‘world’s most murderous malware’ probing U.S. power grid

Image used with permission by copyright holder

A hacking group linked to the Russian government has been attempting to breach the U.S. power grid, Wired reports.

Security experts from the non-profit group the Electric Information Sharing and Analysis Center (E-ISAC) and security firm Dragos tracked the hackers — and warn that the group has been probing the grid for weaknesses, searching for ways that they could access U.S. systems.

Even though there are no signs that the group has succeeded in accessing the power grid, the attacks still have experts worried. And that’s partly because of the history of this particular hacking group: Xenotime, who created the infamous Triton malware. In late 2017, Triton attacked critical infrastructure such as the industrial control systems used in power plants, and it could have been used to cause massive destruction through tampering with power plant controls. That lead it to be labeled the “world’s most murderous malware.”

The recent events aren’t the first time the U.S. power grid has been subject to an attempted attack. In 2016, a state-sponsored Russian group tried to hack American utilities via the compromised email account of a contractor, as reported by the Wall Street Journal. The idea was to compromise a low-level target (the contractor) and then work their way up the chain of security through phishing and other tactics. The attack targeted 60 different utilities and succeeding in breaching 24 of them.

A similar attack was launched against the power grid of Ukraine in 2015, which was the first known hack against a power grid to succeed. The hackers were able to disrupt the supply of electricity after compromising security through the use of spear phishing attacks. The total amount of electricity interrupted was relatively small, at 73 MWh or or 0.015% of daily electricity consumption in the country, but it shows what is possible from such hacks. Once again the blame was placed on Russia, in this case a hacking group known as Sandworm.

If hackers are able to compromise the U.S. power grid, they could potentially cause a long-term power outage. And that means more than just the lights going out. A large scale outage could be devastating for emergency services, hospitals, power plants, water treatment, and many more essential services. And that’s on top of the chaos that would erupt when ordinary people suffer outages in their homes.

The security of the power grid might sound like a problem that should be fixed as a matter of urgency, but unfortunately it’s not that easy. Because of the distributed nature of utilities and the varying state and federal regulations, securing the grid completely may be almost impossible.

Editors' Recommendations

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Attacks from Chinese hacking group have spiked, U.S. firm says
hacks header

Attempted cyberattacks from a sophisticated Chinese hacking group have spiked since late January, according to cybersecurity firm FireEye Inc.

FireEye chief security architect Christopher Glyer said more than 75 of its customers were targeted in the attacks across more than a dozen countries, including the United States and Canada. The surge is “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years,” according to a post by FireEye on the cyberattacks.
"We haven’t seen something of this nature in at least three years," Glyer told Digital Trends.
The group behind the attacks was identified as “APT41,” a China-based team made of contractors working on behalf of the Chinese government, Glyer said.

Read more
Iranian hackers targeted 2020 U.S. presidential candidates, Microsoft says
Person typing on a computer keyboard.

A series of cyberattacks targeted at U.S. presidential candidates and their campaigns, journalists, and current and former government officials is said to be linked to and backed by the Iranian government, according to a recently published report from Microsoft's Threat Intelligence Center. According to Microsoft, the Phosphorous group is behind the attacks, and the hackers were observed to have made more than 2,700 attempts in identifying Microsoft customer emails in a 30-day period between August and September. Among those attempts, hackers tried to gain access to 241 of those accounts.

In order to carry out the account hack, Phosphorous used personal information about their targets obtained through copious amounts of research. The information was used to game password reset and account recovery features, Microsoft said.

Read more
Save $450 on this Samsung 32-inch 4K monitor for Memorial Day
Sackboy A Big Adventure running on the Samsung Odyssey Neo G8 monitor.

If you have one of the best GPUs on the market, such as the RTX 4080, then you're going to need to back it up with a powerful gaming monitor like the Samsung Odyssey Neo G8. Samsung makes some of the best gaming monitors on the market, and while they can be pretty expensive, luckily, there are some great early Memorial Day deals you can take advantage of. For example, you can snag the Samsung Odyssey Neo G8 right now from Samsung for just $850 rather than the usual $1,300 it goes for.

Why you should buy the 32-inch Odyssey Neo G8
The Samsung Odyssey Neo G8 has a lot of excellent features, which is great given it has a pretty high price tag too. Probably one of the most impressive parts is the fact that it can hit a whopping 240Hz refresh rate at 4K, which is rare for that resolution and perfect if you're running something like an RTX 4090. Of course, even with the most powerful graphics card on the market, it's doubtful you'll hit that refresh rate at the highest graphical settings, but at least you do have the option to prioritize refresh rate or graphics. The high specs also make the monitor pretty future-proof, at least for the next generation of GPUs, maybe even two.

Read more