The security firm Symantec is reporting that hackers have compromised energy companies in the U.S. and Europe.
Well that sounds bad enough, but we have to ask the question “what do you mean when you say compromised?”
The answer is a little bit complicated. For most energy companies, in a bid to make it tougher for hackers, isolate their operations network – the one that controls power generation and distribution – from the administrative network – the one where users get email and browse the web and such.
Except that life is never that clean. The power companies, as part of their business, need to get data out of their operational network to manage the business, upgrade software and many other things, so the two networks are not really completely separate – but they do try hard.
Well, according to Symantec, in this case, when they mean compromised, they mean that the hackers were into the network far enough that they could turn off your lights.
Symantec says that the group that they are calling Dragonfly is attacking energy grid operators, major electricity generation firms, petroleum pipeline operators and energy industry equipment providers. Companies who were compromised were located in the United States, France, Spain, Italy, Germany, Turkey and Poland.
Assuming these hackers could really “flip the switches”, it would seem like they could do a LOT of damage. And, depending on what they actually did, it could take a little time or a long time to fix.
Symantec says that this group is likely state sponsored. Which state they aren’t saying, but I’m betting on Russia.
Symantec provides a lot of details on how the attack works, so if you are interested go to the Symantec link below for more information.
You may remember that hackers – likely Russians – actually did turn off the lights in Ukraine in the dead of winter in 2015 and 2016. It is not that far a stretch to think that hackers could do that to the U.S. energy industry.
Homeland Security has been working with the energy industry for the last several years to try and mitigate this threat and they probably have made some headway, but making headway and saying hackers can’t turn off the lights are two very different things.
Of course Homeland Security does not want the American public to panic, so they are going to try very hard to spin things into “this is not a problem; we have it covered”. If you believe that line, I have some land I want to sell you in the Florida Keys.
Unfortunately, there really isn’t a lot for the average bear to do. You can’t fuss at the power company. Well, you can, but they will likely call you a nut case.
Being knowledgeable on the situation and providing input when possible is a reasonable course of action. Panicking is not.
I wish I had a better answer, but I don’t.