Skip to main content

Russian hackers behind ‘world’s most murderous malware’ probing U.S. power grid

Image used with permission by copyright holder

A hacking group linked to the Russian government has been attempting to breach the U.S. power grid, Wired reports.

Security experts from the non-profit group the Electric Information Sharing and Analysis Center (E-ISAC) and security firm Dragos tracked the hackers — and warn that the group has been probing the grid for weaknesses, searching for ways that they could access U.S. systems.

Even though there are no signs that the group has succeeded in accessing the power grid, the attacks still have experts worried. And that’s partly because of the history of this particular hacking group: Xenotime, who created the infamous Triton malware. In late 2017, Triton attacked critical infrastructure such as the industrial control systems used in power plants, and it could have been used to cause massive destruction through tampering with power plant controls. That lead it to be labeled the “world’s most murderous malware.”

The recent events aren’t the first time the U.S. power grid has been subject to an attempted attack. In 2016, a state-sponsored Russian group tried to hack American utilities via the compromised email account of a contractor, as reported by the Wall Street Journal. The idea was to compromise a low-level target (the contractor) and then work their way up the chain of security through phishing and other tactics. The attack targeted 60 different utilities and succeeding in breaching 24 of them.

A similar attack was launched against the power grid of Ukraine in 2015, which was the first known hack against a power grid to succeed. The hackers were able to disrupt the supply of electricity after compromising security through the use of spear phishing attacks. The total amount of electricity interrupted was relatively small, at 73 MWh or or 0.015% of daily electricity consumption in the country, but it shows what is possible from such hacks. Once again the blame was placed on Russia, in this case a hacking group known as Sandworm.

If hackers are able to compromise the U.S. power grid, they could potentially cause a long-term power outage. And that means more than just the lights going out. A large scale outage could be devastating for emergency services, hospitals, power plants, water treatment, and many more essential services. And that’s on top of the chaos that would erupt when ordinary people suffer outages in their homes.

The security of the power grid might sound like a problem that should be fixed as a matter of urgency, but unfortunately it’s not that easy. Because of the distributed nature of utilities and the varying state and federal regulations, securing the grid completely may be almost impossible.

Editors' Recommendations

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Attacks from Chinese hacking group have spiked, U.S. firm says
hacks header

Attempted cyberattacks from a sophisticated Chinese hacking group have spiked since late January, according to cybersecurity firm FireEye Inc.

FireEye chief security architect Christopher Glyer said more than 75 of its customers were targeted in the attacks across more than a dozen countries, including the United States and Canada. The surge is “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years,” according to a post by FireEye on the cyberattacks.
"We haven’t seen something of this nature in at least three years," Glyer told Digital Trends.
The group behind the attacks was identified as “APT41,” a China-based team made of contractors working on behalf of the Chinese government, Glyer said.

Read more
Iranian hackers targeted 2020 U.S. presidential candidates, Microsoft says
Person typing on a computer keyboard.

A series of cyberattacks targeted at U.S. presidential candidates and their campaigns, journalists, and current and former government officials is said to be linked to and backed by the Iranian government, according to a recently published report from Microsoft's Threat Intelligence Center. According to Microsoft, the Phosphorous group is behind the attacks, and the hackers were observed to have made more than 2,700 attempts in identifying Microsoft customer emails in a 30-day period between August and September. Among those attempts, hackers tried to gain access to 241 of those accounts.

In order to carry out the account hack, Phosphorous used personal information about their targets obtained through copious amounts of research. The information was used to game password reset and account recovery features, Microsoft said.

Read more
The best MacBook to buy in 2024
Apple MacBook Pro 16 downward view showing keyboard and speaker.

Now that Apple has started outfitting its laptops with its M3 generation of chips, it's time to take another look at which is the best MacBook to buy in 2024. That’s not always easy, though, as buying the newest MacBook isn’t always the right decision. Apple has several tiers of performance, as well as various sizes, which can further complicate the matter.

What’s more, you can also still get M1 and M2 MacBooks, some from Apple’s own website and some from third-party retailers. But are they still worth your money? Our guide should help you decide.

Read more