Breach: New Computer Virus Can Cripple Power Plants With the Click of a Mouse
July 1, 2014
by Mac Slavo
Outgoing Homeland Security Secretary Janet Napolitano issued an open letter to her successor last year and warned that a “massive and serious” cyber attack targeting the U.S. power grid was imminent. Such an event, said Napolitano, would have an immediate impact on everything from powering your home to grocery food deliveries.
At the very moment Napolitano made her comments, whether she knew it or not, a group of eastern European hackers believed to be working closely with Russia’s electronic spy agency had compromised upwards of 1,000 key infrastructure components around the world that included wind turbines, gas pipelines, aviation system and power plants.
According to cyber security firm Symantec these state-sponsored hackers breached industrial control systems’ equipment by first hacking the physical computers responsible for managing grid components and then forcing them to download malware that made it possible to take control of the entire system remotely.
Once in, the hacking group known to security engineers as ‘Dragonfly’ was not only able to monitor the operational status of every component on the accessed networks, but they had gained the ability to shut them down completely – with a single click of the mouse.
Over 1,000 energy firms were infected with a sophisticated cyber weapon that gave hackers access to power plant control systems, it has been revealed.
The software allows operators to monitor energy consumption in real time – and to cripple physical systems such as wind turbines, gas pipelines and power plants at the click of a mouse.
‘Among the targets of Dragonfly were energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers,’ Symantec said.
‘Dragonfly initially targeted defense and aviation companies in the US and Canada before shifting its focus mainly to US and European energy firms in early 2013.’
‘Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability.
Symantec analysts say that the new ‘Energetic Bear’ virus is similar to Stuxnet, a malware program that was used by Israeli and U.S. intelligence agencies to remotely shut down the centrifuges used to refine nuclear fuel at Iranian nuclear facilities.
But Stuxnet and Energetic Bear or not unique in how they compromise utility infrastructure networks. The Department of Homeland Security was tracking a number of viruses and trojans as early as 2011 that had similar capabilities. Though the extent of the breaches is not clear, DHS says that it is widespread:
Utilities such as water supplies and the power grid face a rising number of cyber break-ins by attackers using sophisticated attacks.
Acting DHS Deputy Undersecretary Greg Schaffer said that industries are increasingly vulnerable to hackers and foreign agents due to ‘connected’ equipment…
Earlier this month, security researchers demonstrated that it was even possible to remotely ‘open’ jail cell doors if they were controlled using ‘programmable logic controllers’ – common automated controls.
‘We are connecting equipment that has never been connected before to global networks,’ Schaffer said. Hackers and perhaps foreign governments ‘are knocking on the doors of these systems – there have been intrusions.’
According to well known security firm McAfee, the security holes in America’s ailing infrastructure are staggering. A report issued by the firm says that essential utility components like water, power and oil refineries have systems that can easily be compromised by enterprising hackers:
Certainly an outside entity could have a capability today to send many different malware messages into the grid at the same time in such a way that you could take down most of the grid, and may be all of the grid, he said.
The effects of such an attack, whether executed by a foreign enemy or rogue terrorists, would be devastating to a country like the United States which depends on a modern electrical and communications infrastructure to function.
A long-term event such as the national power outage described by Janet Napolitano could, according to one analysis recently presented before Congress, leave up to 90% of Americans dead. Without electricity America would be at a standstill:
And experts forecast if such an attack were a success, it effectively could throw the U.S. back into an age of agriculture.
“Within a year of that attack, nine out of 10 Americans would be dead, because we can’t support a population of the present size in urban centers and the like without electricity,” said Frank Gaffney, president of the Center for Security Policy.
Despite warnings from private security firms and repeated intrusions by state sponsored hacking groups from Russia, Iran and China, the United States remains susceptible to a variety of different cyber attacks. Everything from military hardware systems and space agency satellites to public utility services have been attacked in recent years.
The latest attack, believed to be orchestrated by a Russian-backed hacking group, shows that not only can these teams operate for months without being detected, but that they have already breached our networks and may have installed “sleeper” viruses that are simply waiting for commands to be executed on thousands of unsuspecting networks.
Within the span of seconds and with the simple click of a mouse our entire national infrastructure could be rendered useless.