Skip to main content
close search
site logo
Dive Brief

Cybersecurity firm says North Korean hackers may be targeting utilities

Published March 1, 2018
Robert Walton's headshot
Senior Reporter
Flcikr user Yuri Samoilov

Dive Brief:

  • Cybersecurity firm Dragos has seen a rise in targeted attempts to infiltrate utility systems, according to a report in The Daily Beast. The group behind them, "Covellite," may be linked to North Korea.
  • Dragos' review of 2017 also notes hackers are getting more sophisticated and more dangerous to industry, with malware increasingly being used to target industrial control systems — with limited success so far.
  • Last year, Dragos tracked 163 vulnerability advisories with an industrial control system (ICS) impact. The majority of these, however, could only be taken advantage of if the hacker had access to plant control systems.

Dive Insight:

Dragos' new research is a mixed bag for the utility industry. Increasingly, hackers and malware are targeting industrial systems and utilities, but thus far have had only marginal success, particularly in the United States. And most of the vulnerabilities would require gaining access to plant control systems.

Of those 163 ICS-related vulnerabilities, 85% of these are late in the "kill chain" and "are not useful to gaining an initial foothold," Dragos reports.

"If these vulnerabilities are exploited, it is likely the adversary has been active in the network for some time and already pivoted through various other systems."

But a spike in spear phishing — targeted attacks sent via email — is reason for concern. Daily Beast spoke with Dragos analyst Reid Wightman, who said the Covellite group is using techniques similar to the Lazarus Group, which has been tied to North Korea. Utilities targeted have been in the United States, Europe and part of East Asia.

The Wall Street Journal brings up a more familiar name — Schneider Electric. Hackers last year were able to penetrate the safety systems of a petrochemical plant in Saudi Arabia in part by taking advantage of an older device made by Schneider.But perhaps the most well-known utility hacks was the successful 2015 attack on Ukraine’s grid, which caused widespread blackouts and raised fears that the U.S. could be vulnerable to a similar attack.

Working to keep hackers at bay is a constant battle. Last month, the Trump administration announced it would establish a new office within the Department of Energy to focus on cybersecurity, energy security and emergency responses. The Edison Electric Institute, which represents investor-owned utilities, praised the new move and said the new office will play an "essential role in coordinating government and industry efforts."

A report from Accenture last year found almost two-thirds of utility executives globally believe their country faces at least a moderate risk of a cyberattack on the electric grid in the next five years. Just in North America, the number who say an attack is likely rises to 76%. Utility Dive's latest survey of utility professionals says respondents listed cybersecurity as a top concern, a recurrent theme from past surveys. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
General Atlantic’s BeyondNetZero Fund and TA Partner to Drive Continued Growth of Technosylva
From Technosylva
November 21, 2024
Utility Broadband Alliance 2024 Summit & Plugfest Shatters Attendance Milestone
From Utility Broadband Alliance
November 21, 2024
Puget Sound Energy Maximizes Consumer Participation in Rates Engagement Pilot Powered by Uplig…
From Uplight
November 12, 2024
TESCO Solidifies Leadership in Electric Meter and EV Charging Station Accuracy
From TESCO - The Eastern Specialty Company
November 12, 2024
Editors' picks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell