Home
What's new
Latest activity
Authors
Store
Latest reviews
Search products
Forums
New posts
Search forums
What's new
New posts
New listings
New products
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
Cart
Cart
Loading…
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Search titles only
By:
Menu
Log in
Register
Navigation
Install the app
Install
More options
Change style
Contact us
Close Menu
Forums
SVTPerformance's Chain of Restaurants
Road Side Pub
Gas Prices After The Cyber Attack (by Russia?)
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="VRYALT3R3D" data-source="post: 16620475" data-attributes="member: 131770"><p><span style="font-size: 22px"><strong>America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It</strong></span></p><p><span style="font-size: 22px"></span></p><p>One morning in March 2017, Mike Vitello’s work phone lighted up. Customers wanted to know about an odd email they had just received. What was the agreement he wanted signed? Where was the attachment?</p><p></p><p>Mr. Vitello had no idea what they were talking about. The Oregon construction company where he works, All-Ways Excavating USA, checked it out. The email was bogus, they told Mr. Vitello’s contacts. Ignore it.</p><p></p><p>Then, a few months later, the U.S. Department of Homeland Security dispatched a team to examine the company’s computers. You’ve been attacked, a government agent told Mr. Vitello’s colleague, Dawn Cox. <a href="https://www.wsj.com/articles/russian-hackers-reach-u-s-utility-control-rooms-homeland-security-officials-say-1532388110?mod=article_inline" target="_blank">Maybe by Russians</a>. They were trying to hack into the power grid.</p><p></p><p>“They were intercepting my every email,” Mr. Vitello says. “What the hell? I’m nobody.”</p><p></p><p>“It’s not you. It’s who you know,” says Ms. Cox.</p><p></p><p>The cyberattack on the 15-person company near Salem, Ore., which works with utilities and government agencies, was an early thrust in the worst known hack by a <a href="https://www.wsj.com/articles/u-s-officials-push-new-penalties-for-hackers-of-electrical-grid-1533492714?mod=article_inline" target="_blank">foreign government into the nation’s electric grid</a>. It set off so many alarms that U.S. officials took the unusual step in early 2018 of publicly blaming the Russian government.</p><p></p><p>A reconstruction of the hack reveals a glaring vulnerability at the heart of the country’s electric system. Rather than strike the utilities head on, the hackers went after the system’s unprotected underbelly—hundreds of contractors and subcontractors like All-Ways who had no reason to be on high alert against foreign agents. From these tiny footholds, the hackers worked their way up the supply chain. Some experts believe two dozen or more utilities<a href="https://www.wsj.com/articles/russian-hackers-reach-u-s-utility-control-rooms-homeland-security-officials-say-1532388110?mod=article_inline" target="_blank"> ultimately were breached.</a></p><p></p><p>The scheme’s success came less from its technical prowess—though the attackers did use some clever tactics—than in how it exploited trusted business relationships using impersonation and trickery.</p><p></p><p>The hackers planted malware on sites of online publications frequently read by utility engineers. They sent out fake résumés with tainted attachments, pretending to be job seekers. Once they had computer-network credentials, they slipped through hidden portals used by utility technicians, in some cases getting into computer systems that monitor and control electricity flows.</p><p></p><p>The Wall Street Journal pieced together this account of how the attack unfolded through documents, computer records and interviews with people at the affected companies, current and former government officials and security-industry investigators.</p><p></p><p><span style="font-size: 15px"><strong>IN THE CROSSHAIRS</strong></span></p><p><span style="font-size: 12px"><strong>Russian hackers seeking to infiltrate the power grid targeted companies operating in at least 24 states, Canada and the U.K.</strong></span></p><p>[ATTACH=full]1703580[/ATTACH]</p><p></p><p>Source: documents; interviews with people at the affected companies, government officials and security-industry investigators</p><p></p><p></p><p><strong>Early victims</strong></p><p>In the summer of 2016, U.S. intelligence officials saw signs of a campaign to hack American utilities, says Jeanette Manfra, assistant secretary of Homeland Security’s cybersecurity and communications program. The tools and tactics suggested the perpetrators were Russian. Intelligence agencies notified Homeland Security, Ms. Manfra says.</p><p></p><p>In December 2016, an FBI agent showed up at a low-rise office in Downers Grove, Ill., less than an hour west of Chicago. It was home to CFE Media LLC, a small, privately held company that publishes trade journals with titles such as “Control Engineering” and “Consulting-Specifying Engineer.”</p><p></p><p></p><p>The U.S. government hasn’t named the utilities or other companies that were targeted. The Journal identified small businesses such as Commercial Contractors Inc., in Ridgefield, Wash., and Carlson Testing Inc., in Tigard, Ore., along with big utilities such as the federally owned Bonneville Power Administration and <a href="https://www.wsj.com/market-data/quotes/BRK.B" target="_blank">Berkshire Hathaway</a>’s PacifiCorp. Two of the energy companies targeted build systems that supply emergency power to Army bases.</p><p></p><p>The <a href="https://www.wsj.com/articles/cyberattacks-raise-alarms-for-u-s-power-grid-1483120708?mod=article_inline" target="_blank">Russian campaign</a> triggered an effort by the Federal Bureau of Investigation and Homeland Security to retrace the steps of the attackers and notify possible victims. Some companies were unaware they had been compromised until government investigators came calling, and others didn’t know they had been targeted until contacted by the Journal.</p><p></p><p>“What Russia has done is prepare the battlefield <a href="https://www.wsj.com/articles/how-america-could-go-dark-1468423254?mod=article_inline" target="_blank">without pulling the trigger</a>,” says Robert P. Silvers, former assistant secretary for cyber policy at Homeland Security and now a law partner at Paul Hastings LLP.</p><p></p><p>The press office at the Russian Embassy in Washington didn’t respond to multiple requests for comment. Russia has previously denied targeting critical infrastructure.</p><p></p><p></p><p>Read more:</p><p><a href="https://www.wsj.com/articles/americas-electric-grid-has-a-vulnerable-back-doorand-russia-walked-through-it-11547137112" target="_blank">America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It</a></p></blockquote><p></p>
[QUOTE="VRYALT3R3D, post: 16620475, member: 131770"] [size=6][b]America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It[/b] [b][/b][/size] One morning in March 2017, Mike Vitello’s work phone lighted up. Customers wanted to know about an odd email they had just received. What was the agreement he wanted signed? Where was the attachment? Mr. Vitello had no idea what they were talking about. The Oregon construction company where he works, All-Ways Excavating USA, checked it out. The email was bogus, they told Mr. Vitello’s contacts. Ignore it. Then, a few months later, the U.S. Department of Homeland Security dispatched a team to examine the company’s computers. You’ve been attacked, a government agent told Mr. Vitello’s colleague, Dawn Cox. [URL='https://www.wsj.com/articles/russian-hackers-reach-u-s-utility-control-rooms-homeland-security-officials-say-1532388110?mod=article_inline']Maybe by Russians[/URL]. They were trying to hack into the power grid. “They were intercepting my every email,” Mr. Vitello says. “What the hell? I’m nobody.” “It’s not you. It’s who you know,” says Ms. Cox. The cyberattack on the 15-person company near Salem, Ore., which works with utilities and government agencies, was an early thrust in the worst known hack by a [URL='https://www.wsj.com/articles/u-s-officials-push-new-penalties-for-hackers-of-electrical-grid-1533492714?mod=article_inline']foreign government into the nation’s electric grid[/URL]. It set off so many alarms that U.S. officials took the unusual step in early 2018 of publicly blaming the Russian government. A reconstruction of the hack reveals a glaring vulnerability at the heart of the country’s electric system. Rather than strike the utilities head on, the hackers went after the system’s unprotected underbelly—hundreds of contractors and subcontractors like All-Ways who had no reason to be on high alert against foreign agents. From these tiny footholds, the hackers worked their way up the supply chain. Some experts believe two dozen or more utilities[URL='https://www.wsj.com/articles/russian-hackers-reach-u-s-utility-control-rooms-homeland-security-officials-say-1532388110?mod=article_inline'] ultimately were breached.[/URL] The scheme’s success came less from its technical prowess—though the attackers did use some clever tactics—than in how it exploited trusted business relationships using impersonation and trickery. The hackers planted malware on sites of online publications frequently read by utility engineers. They sent out fake résumés with tainted attachments, pretending to be job seekers. Once they had computer-network credentials, they slipped through hidden portals used by utility technicians, in some cases getting into computer systems that monitor and control electricity flows. The Wall Street Journal pieced together this account of how the attack unfolded through documents, computer records and interviews with people at the affected companies, current and former government officials and security-industry investigators. [size=4][b]IN THE CROSSHAIRS[/b][/size] [size=3][b]Russian hackers seeking to infiltrate the power grid targeted companies operating in at least 24 states, Canada and the U.K.[/b][/size] [ATTACH=full]1703580[/ATTACH] Source: documents; interviews with people at the affected companies, government officials and security-industry investigators [b]Early victims[/b] In the summer of 2016, U.S. intelligence officials saw signs of a campaign to hack American utilities, says Jeanette Manfra, assistant secretary of Homeland Security’s cybersecurity and communications program. The tools and tactics suggested the perpetrators were Russian. Intelligence agencies notified Homeland Security, Ms. Manfra says. In December 2016, an FBI agent showed up at a low-rise office in Downers Grove, Ill., less than an hour west of Chicago. It was home to CFE Media LLC, a small, privately held company that publishes trade journals with titles such as “Control Engineering” and “Consulting-Specifying Engineer.” The U.S. government hasn’t named the utilities or other companies that were targeted. The Journal identified small businesses such as Commercial Contractors Inc., in Ridgefield, Wash., and Carlson Testing Inc., in Tigard, Ore., along with big utilities such as the federally owned Bonneville Power Administration and [URL='https://www.wsj.com/market-data/quotes/BRK.B']Berkshire Hathaway[/URL]’s PacifiCorp. Two of the energy companies targeted build systems that supply emergency power to Army bases. The [URL='https://www.wsj.com/articles/cyberattacks-raise-alarms-for-u-s-power-grid-1483120708?mod=article_inline']Russian campaign[/URL] triggered an effort by the Federal Bureau of Investigation and Homeland Security to retrace the steps of the attackers and notify possible victims. Some companies were unaware they had been compromised until government investigators came calling, and others didn’t know they had been targeted until contacted by the Journal. “What Russia has done is prepare the battlefield [URL='https://www.wsj.com/articles/how-america-could-go-dark-1468423254?mod=article_inline']without pulling the trigger[/URL],” says Robert P. Silvers, former assistant secretary for cyber policy at Homeland Security and now a law partner at Paul Hastings LLP. The press office at the Russian Embassy in Washington didn’t respond to multiple requests for comment. Russia has previously denied targeting critical infrastructure. Read more: [URL='https://www.wsj.com/articles/americas-electric-grid-has-a-vulnerable-back-doorand-russia-walked-through-it-11547137112']America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
SVTPerformance's Chain of Restaurants
Road Side Pub
Gas Prices After The Cyber Attack (by Russia?)
Top