Wishing SF and SJ a Happy Marriage (of Wi-Fi Networks)July 1, 2014
5 Strange Data Center OutagesJuly 7, 2014
Couldn’t they just have hacked Target again?
Hey, what’s up? You know, just hanging out on a Wednesday, nothing spectacular. What’s that? You didn’t hear about how HAKCERS HACKED INTO OUR POWER PLANTS?
Power Plant Cyber Attack
Oh yeah, this is a big one. Recently, a group known as Dragonfly—or Energetic Bear—has used various malware to access around 1,000 of the Western world’s power plants and their computer systems. Using a few e-mail phishing scams, and some other shady methods, they gained access and with the software, are able to control pretty much everything about the energy grid, if they so please.
Really makes you feel safe and warm inside, doesn’t it?
The malware and the whole damn project was uncovered by security firm Symantec. According to Symantec, over 18 months, power plants and other industrial sectors in the US and Western Europe were attacked by hackers from Eastern Europe/Russia.
Symantec said that the operation has all the signs of a state-sponsored program. In fact, they kept regular work hours, as noted by timestamps uncovered by the security firm. They would clock in from 9 a.m. and clock out at 6 p.m. every Monday through Friday. I wonder if they had catered lunches–hopefully they get pretty good benefits or something. Can you bring dogs into your hacker office?
The weirdest part of the whole fiasco is that the hackers didn’t really do anything other than gain access to the computers and computer systems that run those power plants. Maybe it was a “look what we can do!”-type thing? It’d be like breaking into a bank vault and then just waving at the security camera and leaving without stealing anything. They’re sending a message.
But for real, this could be a bad thing.
If they can break into the computers that control our power plants/energy grids and other infrastructure-y things, then holy crap can they do some damage. With the push of a button they could shut down an entire grid, maybe ruin a nuclear power plant or something. Really crazy stuff.
But more importantly—why are our power infrastructures even connected online? You can’t keep that in-house? Does it even need to be connected to the Internet? I honestly don’t see the need for it to be accessible remotely, especially since it contains sensitive, country-ruining stuff and with the threat of exactly this type of thing happening.