Russian hackers reportedly infiltrated the control rooms of utility companies in the United States, reports The Wall Street Journal, citing officials from the Department of Homeland Security with knowledge of the situation. The report mentions that the hackers’ access was advanced to the point where they “could have thrown switches.”
Officials from the Department of Homeland Security cited in the report reveal that the hackers were from the state-sponsored group that was previously known as Dragonfly. They were able to gain access to allegedly secure networks and could have triggered blackouts.
The Russian hacking campaign has reportedly affected “hundreds of victims,” and that some of the utility companies are unaware that they have been compromised. The attacks are said to have relied on the credentials of the employees of these companies which makes it difficult to identify the intrusions. The first signs of this attack were spotted in spring 2016 and concerns that they could be continuing have been expressed.
They were reportedly able to gain these credentials through spear-phishing emails and other attacks that trick the victims into entering their passwords. This allowed the hackers to gain access to the corporate networks before they could eventually break into the utility networks. It also claimed that the DHS is planning to conduct four briefings and is also looking for evidence which will show that the Russians are attempting to automate their attacks.