The US National Grid is still continually being tempted by cyber hacker security threats from Russia, and FireEye, a certified cyber security company certified by the US Department of Homeland Security, pointed out at the Cyber Security Forum in Washington, DC today.
FireEye analyst Alex Orleans pointed out that, “There’s still a concentrated Russian cyber espionage campaign targeting the bulk of the US electrical grid. The grid is still getting hit.”
The report stated that they have identified a group of Russian network groups through TEMP.Isotope, Dragonfly 2.0. Heuristics and attacks such as Energetic Bear. This group of hackers relies on a combination of off-the-shelf hacking tools and home-made backdoor technology, although the US grid has enhanced its cyber defence capabilities through a series of CIP standards released by NERC. However, not every power grid component is safe. For example, the local network that is partially contracted to local enterprises has a very poor network defence capability.
Orleans says, “If you can sow discord, confusion and fatigue, you can attack an adversary by frustrating them rather than by masterminding an all-out physical assault. And though grid hacking may not have yet reached a boiling point in the US, the FireEye researchers warn that consistent probing should be taken as seriously as dramatic attacks.”