On Friday, January 11, 2019, the Wall Street Journal offered
a booklet-length article by Rebecca Smith and Rob Barry, “Russian Hack Exposes
Weakness in U.S. Power Grid” with the subtitle, “Worst known system breach
involved attacks on small contractors”, link.
The story starts with a description of a hack of a
construction company in Oregon in March 2017, that would not be detected for
several months by DHS, which found that Russia had placed malware that intercepted
every internal email. Maybe 30 or more states have small contractors, targeted by Russians, serving utilities.
Actually, early probes go back to the summer of 2016, before
the election, when Sinclair Broadcasting had run a few stories which didn’t get
much public attention.
The article discusses the concept of a Scada server, pr a
utility’s supervisory control and data acquisition system, which could
effectively perform a software “airgap jump”.
No comments:
Post a Comment