"They got to the point where they could have thrown switches."
HUNDREDS OF VICTIMS. In 2017, security company Symantec revealed that it had discovered evidence that hackers had infiltrated the systems of utility companies in the U.S. and North America. It speculated that Russia was involved. In March, the U.S. officially accused Russia of the attacks. On Monday, The Wall Street Journal reported an update on the situation, citing a briefing by officials from the Department of Homeland Security (DHS).
According to the DHS officials, Russians hacked the control rooms of U.S. electric utility companies starting in 2016. Those hacks claimed “hundreds of victims” in 2017. And the campaign is likely still going — some companies still might not be aware they've been compromised.
The DHS had been privately warning utility companies about the possibility of such attacks since 2014, but according The WSJ, Monday's briefing was the first time DHS officials had spoken publicly on the situation with such detail. Russia reportedly denies targeting the U.S.'s critical infrastructure.
PHISHING FOR PASSWORDS. According to the DHS officials, the attackers started the campaign by targeting employees of the utility companies' suppliers. Using spear-phishing emails (emails designed to look like they're from a trusted source) and watering-hole attacks (attacks that involve infecting the sites a user is likely to visit with malware), the hackers gained access to the suppliers' networks. From there, they could steal suppliers' credentials to access the utility networks.
“They got to the point where they could have thrown switches” to disrupt the flow of electricity to the grid, Jonathan Homer, DHS's chief of industrial-control-system analysis, told The WSJ.
THE AI ARMS RACE. The DHS hopes briefings like the one on Monday will encourage more cooperation between the utility industry and DHS, and they have three more planned. In particular, they're looking for evidence that the hackers might be automating their attacks in order to scale up. That might mean the hackers are using AI; the U.S. is already making moves to ensure it leads the world in the AI arms race.
While soldiers on battlefields fought the wars of yesterday, the conflicts of today and tomorrow are taking place from behind computer screens. As we can see, this can have effects on the physical world, too. At this point, it seems all we can hope to do is stay at least one step ahead of the enemies spearheading these new kinds of attacks.
READ MORE: Russian Hackers Reach U.S. Utility Control Rooms, Homeland Security Officials Say [The Wall Street Journal]
More on utility hacking: Cyber Spies Were Able to Hack the Power Grid Controls of U.S. Energy Companies