Skip to main content
close search
site logo
Dive Brief

North Korea likely targeted US power companies in spear phishing campaign, firm says

Published Oct. 12, 2017
By
Krysti Shallenberger Editor

Dive Brief:

  • Cybersecurity firm FireEye confirmed that it detected and stopped spear phishing emails sent to United States power companies by "known cyber actors likely affiliated with the North Korean government" in September. 
  • The firm noted the attacks appeared to be early-stage reconnaissance, not an imminent cyber attack taking months to prepare. The North Korean actors did not appear to use tools or methods designed to compromise or manipulate industrial control systems, nor did the firm uncover evidence the actors had access to those controls. 
  • The report highlights the vulnerability of the U.S. power system to cyber attacks, as utility executives named cybersecurity a top concern in a recent survey.

Dive Insight:

Nearly 63% of utility executives worldwide say their country faces at least a moderate risk of a cyberattack on the power grid within the next five years. Their fears are not unfounded: In 2015, a cyberattack on Ukraine’s grid heightened concerns that the U.S. could be vulnerable to a similar attack.

In June of this year, the North American Electric Reliability Corp. (NERC) noted a growing threat that cyberattacks could be used to cause widespread power outages, and a report from two years ago noted an attack on the U.S. power system could cost $1 trillion. 

This year, security firm Symantec  warned that a group of hackers has targeted the power sector in Europe and the United States, potentially gaining operational access. The group, identified as Dragonfly 2.0, uses malicious emails, watering hole attacks and Trojanized software to gain access to networks. Symantec stopped short of identifying the countries of origin of the attackers, though Dragonfly was named in a joint analysis published by the DHS and the Federal Bureau of Investigation last year on Russian-based hacking operations.

The power sector and the federal government have partnered to determine how to improve responses in the event of an actual attack. And in 2016, researchers at DOE's Idaho National Laboratory recommended new awareness for grid security as the rollout of smart grid technology raised the risk of cyberattacks. 

President Donald Trump also named cybersecurity a priority, issuing an executive order outlining a series of actions for federal agencies to strengthen protections for national cybersecurity, federal IT networks and critical infrastructure, including the power grid. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Utility Broadband Alliance 2024 Summit & Plugfest Shatters Attendance Milestone
From Utility Broadband Alliance
November 21, 2024
General Atlantic’s BeyondNetZero Fund and TA Partner to Drive Continued Growth of Technosylva
From Technosylva
November 21, 2024
Chartwell Electric Vehicle Benchmark Survey in the Field for North American Utilities
From Chartwell Inc.
November 19, 2024
ABB launches next-generation medium voltage drive, designed to enhance industrial performance …
From ABB
November 19, 2024
Editors' picks
Latest in Regulation & Policy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell