US officials say cyberattackers penetrated the control rooms of some power companies.
The news: According to a report in the Wall Street Journal, the US Department of Homeland Security (DHS) has revealed that a Russian-backed hacker group hit hundreds of targets last year. The group, dubbed Energetic Bear, even managed to get into some American power company networks that were “air-gapped,” or isolated from the internet.
The ruse: The hackers sneaked in by targeting trusted suppliers that help utilities monitor and upgrade their software and machinery. Once inside the suppliers’ systems, they found ways to access the power firms’ networks and then worked out what equipment the companies were using and how it was being controlled. According to a DHS official, the attackers “got to the point where they could have thrown switches.”
Why this matters: The US has been warning for some time that Russian-backed hackers are intent on compromising everything from its energy grids to the electoral process. And Russia is widely suspected to be behind attacks mounted against power systems elsewhere, notably in Ukraine. Worryingly, DHS thinks Energetic Bear is still on the hunt for more targets.
Everything dies, including information
Digitization can help stem the tide of entropy, but it won’t stop it.
What’s next in cybersecurity
“When it comes to really cutting off ransomware from the source, I think we took a step back.”
Moving money in a digital world
Security is the critical element to expanding digital-first payments.
Cyber resilience melds data security and protection
Organizations face pervasive and sophisticated cyberattacks, but modern data protection techniques can provide a multifaceted defense.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.