Skip to main content
close search
site logo
Dive Brief

Cyberattacks raise risk of access to US power system, Symantec says

Published Sept. 6, 2017
By
Krysti Shallenberger Editor
Wikimedia Commons

Dive Brief:

  • Security firm Symantec warned that a group of hackers has targeted the power sector in Europe and the United States, potentially gaining operational access. 
  • The group, identified as Dragonfly 2.0, has operated since 2011. But Symantec reported an uptick in their activity in 2015, and noted it targeted dozens of energy companies in the spring and summer of this year. The attackers use malicious emails, watering hole attacks and Trojanized software to gain access to networks. 
  • The firm stopped short of identifying where the attackers originated from, noting some code strings were in Russian as well as French. Symantec told Wired that it sent warnings about the group to the North American Electric Reliability Corporation (NERC) and the Department of Homeland Security. 

Dive Insight:

Cybersecurity is at the forefront of grid security discussions, and the latest report from Symantec underscores the severity of the threat. In Utility Dive's latest sector survey of more than 600 utility professionals, respondents named physical and cybersecurity the most pressing issue facing their companies today.

Wired noted a handful of U.S. power companies were targeted, but Symantec did not reveal the victims. A Symantec security analyst told the outlet that the only comparable situation to Dragonfly's methods would be the 2015 Ukraine attacks.

In December 2015, a series of cyberattacks sparked widespread blackouts in Ukraine. The attackers, identified as Sandworm and believed to be based in Russia, gained access to a Ukrainian energy utility's controls and managed to manually operate dozens of circuit breakers to turn off the power, Wired reported. 

It's unclear if Dragonfly has attained that level of penetration, but Symantec said they appear to have the ability to potentially sabotage or gain control of these systems. Dragonfly was named in a joint analysis published by the DHS and the Federal Bureau of Investigation last year on Russian-based hacking operations. 

Media reports surfaced earlier this year over potential cyberattacks aimed at the European grid and the U.S. grid, in addition to nuclear facilities. E&E News revealed in June that U.S. officials were investigating multiple cyberattacks that unsuccessfully targeted nuclear plants. 

According to a report from Lloyd's of London, a cyberattack on the U.S. grid could cost $1 trillion. 

The North American Electric Reliability Corporation in 2015 ran a simulated attack on the U.S. grid. The industry and government partnered to determine how to improve responses in the event of an actual attack. And in 2016, researchers at the DOE's Idaho National Laboratory demanded new awareness for grid security as the rollout of smart grid technology raised the risk of cyberattacks. 

President Donald Trump also named cybersecurity a priority, issuing an executive order outlining a series of actions for federal agencies to strengthen protections for national cybersecurity, federal IT networks and critical infrastructure, including the power grid. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Chartwell Electric Vehicle Benchmark Survey in the Field for North American Utilities
From Chartwell Inc.
November 19, 2024
Utility Broadband Alliance 2024 Summit & Plugfest Shatters Attendance Milestone
From Utility Broadband Alliance
November 21, 2024
Puget Sound Energy Maximizes Consumer Participation in Rates Engagement Pilot Powered by Uplig…
From Uplight
November 12, 2024
TESCO Solidifies Leadership in Electric Meter and EV Charging Station Accuracy
From TESCO - The Eastern Specialty Company
November 12, 2024
Editors' picks
Latest in Regulation & Policy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell