News / Europe

    National Power Grids Increasingly Targeted in Cyber Attacks

    Related Articles

    Russia Suspected in First-ever Cyberattack on Ukraine’s Power Grid

    If Ukraine's grid was intentionally sabotaged, it could be classified as an act of war

    Cyber Hacking Likely to Grow in Frequency, Sophistication

    US intelligence community foresees ongoing, low-to-moderate level cyber-attacks over time

    Analysts Warn Middle East Hackers Trying to Attack US Infrastructure

    Concern about vulnerable, critical assets, millions of digital operational networks that control everything from water treatment to manufacturing to electric grid

    Ukraine’s electric power grid is once again under cyberattack, just one month after a similar incident successfully brought down portions of the system and left millions in the dark.

    Worse, researchers studying the attacks say the malware believed responsible – a new version of the so-called BlackEnergy bug – has likely spread to numerous European power grids and is poised to infect many more.

    The attacks and spreading malware have left cybersecurity analysts scrambling to determine not only which systems are at greatest risk, but who might be responsible.

    “We need to assume it’s already being deployed around Europe,” says Udi Shamir, co-founder and chief security officer for the cybersecurity firm SentinelOne. “This is cyber-warfare; we need to wake up and see that this is war.”

    Shamir and his team recently completed a total reverse engineering of the new BlackEnergy3 bug – a technique often used by analysts to learn how bugs work, and possibly who wrote it.

    What they discovered is that BlackEnergy3 is using the same Microsoft Office vulnerability to spread as its earlier, and less sophisticated, versions, BE1 & BE2. Shamir says that’s unusual, because Microsoft patched that hole in 2014.

    “There are a few possible explanations,” Shamir told VOA. “First, these just might be old systems that haven’t been updated.  Second, someone on the inside might be intentionally spreading this. And third, it’s possible these bugs have been sleeping in systems for months on end, and they’re only now waking up.”

    Attribution is notoriously difficult with malware, making it very difficult to conclusively prove who is behind these attacks; however, researchers at the cybersecurity firm iSight previously found similarities between earlier versions of BlackEnergy and the Russian-linked Sandworm malware that targeted NATO infrastructure back in 2014.

    Shamir found the same similarities in BlackEnergy3, providing his team with “suggestions” of Russian involvement. “The code-style, the clustering, yeah it looks like Russia,” Shamir said. “I’m pretty confident that the origin is from Russia, but I don’t have any bulletproof evidence.”

    More troublesome, Shamir says this latest version of BlackEnergy is “modular,” making it much easier for hackers to quickly change how the malware works, and significantly harder for security analysts to find and root it out.

    “You can update it, you can replace it, you can change it, you can even change its entire functionality,” said Shamir. “So if you have a sleeper in one industrial network, it can get a totally new command module and infect other systems,” he said.

    It’s that ever-changing nature of the malware that’s making it so difficult to figure out how exactly how it works, and what systems within the power grids it’s infecting and disabling.

    Most worrisome, says Shamir, is the fact that the majority of BlackEnergy3’s computer coding doesn’t involve infecting and interfering with the industrial command and control systems that make power grids and other heavy industry work. Rather, it appears designed to conduct highly sophisticated monitoring and recording of data – a tactic known as “sniffing.”

    “It can detect and record network traffic, steal user credentials and documents if they’re working in a non-encrypted fashion, and exfiltrate all that data,” said Shamir. “That could allow (the hackers) to adjust BlackEnergy3 on the fly. It’s clearly more geared to espionage, and that’s what worries us, because we don’t know where it is now.”

    Traditionally, utilities and nation-states are reluctant to publicly confirm that their critical infrastructure is vulnerable to cyberattack, making it that much more difficult for researchers to track BlackEnergy3’s spread and activities.

    SentinelOne’s Udi Shamir, however, and many other cybersecurity analysts, say they are sure the bug will continue to spread, and that will lead to many more blackouts and “mysterious” malfunctions in national power grids, transportation, and other industrial infrastructure.


    Doug Bernard

    dbjohnson+voanews.com

    Doug Bernard covers cyber-issues for VOA, focusing on Internet privacy, security and censorship circumvention. Previously he edited VOA’s “Digital Frontiers” blog, produced the “Daily Download” webcast and hosted “Talk to America”, for which he won the International Presenter of the Year award from the Association for International Broadcasting. He began his career at Michigan Public Radio, and has contributed to "The New York Times," the "Christian Science Monitor," SPIN and NPR, among others. You can follow him @dfrontiers.

    You May Like

    Taj Mahal Battles New Threat from Insects

    Swarms of insects are proliferating in the heavily contaminated waters of the Yamuna River, which flows behind the 17th century monument

    Self-doubt, Cultural Barriers Hinder Cambodian Women in Tech

    Longtime Cambodian tech observer Sok Sikieng says that although more women have joined profession in recent years, there remain significant factors hindering women from reaching tech potential

    Trans-Adriatic Pipeline to Boost European Energy Security

    $4.5 billion-pipeline will become operational in 2020 and will deliver gas from Azerbaijan’s Shah Deniz II field to southern Italy

    This forum has been closed.
    Comments
         
    There are no comments in this forum. Be first and add one

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Vietnamese-American Youth Optimistic About Obama's Visit to Vietnami
    X
    Elizabeth Lee
    May 22, 2016 6:04 AM
    U.S. President Barack Obama's visit to Vietnam later this month comes at a time when Vietnam is seeking stronger ties with the United States. Many Vietnamese Americans, especially the younger generation, are optimistic Obama’s trip will help further reconciliation between the two former foes. Elizabeth Lee has more from the community called "Little Saigon" located south of Los Angeles.
    Video

    Video Vietnamese-American Youth Optimistic About Obama's Visit to Vietnam

    U.S. President Barack Obama's visit to Vietnam later this month comes at a time when Vietnam is seeking stronger ties with the United States. Many Vietnamese Americans, especially the younger generation, are optimistic Obama’s trip will help further reconciliation between the two former foes. Elizabeth Lee has more from the community called "Little Saigon" located south of Los Angeles.
    Video

    Video First-generation, Afghan-American Student Sets Sights on Basketball Glory

    Their parents are immigrants to the United States. They are kids who live between two worlds -- their parents' homeland and the U.S. For many of them, they feel most "American" at school. It can be tricky balancing both worlds. In this report, produced by Beth Mendelson, Arash Arabasadi tells us about one Afghan-American student who seems to be coping -- one shot at a time.
    Video

    Video Newest US Citizens, Writing the Next Great Chapter

    While universities across the United States honor their newest graduates this Friday, many immigrants in downtown Manhattan are celebrating, too. One hundred of them, representing 31 countries across four continents, graduated as U.S. citizens, joining the ranks of 680,000 others every year in New York and cities around the country.
    Video

    Video Vietnam Sees Strong Economic Growth Despite Incomplete Reforms

    Vietnam has transformed its communist economy to become one of the world's fastest-growing nations. While the reforms are incomplete, multinational corporations see a profitable future in Vietnam and have made major investments -- as VOA's Jim Randle reports.
    Video

    Video Qatar Denies World Cup Corruption

    The head of Qatar’s organizing committee for the 2022 World Cup insists his country's bid to host the soccer tournament was completely clean, despite the corruption scandals that have rocked the sport’s governing body, FIFA. Hassan Al-Thawadi also said new laws would offer protection to migrants working on World Cup construction projects. VOA's Henry Ridgwell reports.
    Video

    Video Infrastructure Funding Puts Cambodia on Front Line of International Politics

    When leaders of the world’s seven most developed economies meet in Japan next week, demands for infrastructure investment world wide will be high on the agenda. Japanese Prime Minister Shinzo Abe’s push for “quality infrastructure investment” throughout Asia has been widely viewed as a counter to the rise of Chinese investment flooding into region.
    Video

    Video Democrats Fear Party Unity a Casualty in Clinton-Sanders Battle

    Democratic presidential front-runner Hillary Clinton claimed a narrow victory in Tuesday's Kentucky primary even as rival Bernie Sanders won in Oregon. Tensions between the two campaigns are rising, prompting fears that the party will have a difficult time unifying to face the presumptive Republican nominee, Donald Trump. VOA national correspondent Jim Malone has more from Washington.
    Video

    Video Portrait of a Transgender Marriage: Husband and Wife Navigate New Roles

    As controversy continues in North Carolina over the use of public bathrooms by transgender individuals, personal struggles with gender identity that were once secret are now coming to light. VOA’s Tina Trinh explored the ramifications for one couple as part of trans.formation, a series of stories on transgender issues.
    Video

    Video Amerikan Hero Flips Stereotype of Middle Eastern Character

    An Iranian American comedian is hoping to connect with American audiences through a film that inverts some of Hollywood's stereotypes about Middle Eastern characters. Sama Dizayee reports.
    Video

    Video Budding Young Inventors Tackle City's Problems with 3-D Printing

    Every city has problems, and local officials and politicians are often frustrated by their inability to solve them. But surprising solutions can come from unexpected places. Students in Baltimore. Maryland, took up the challenge to solve problems they identified in their city, and came up with projects and products to make a difference. VOA's June Soh has more on a digital fabrication competition primarily focused on 3-D design and printing. Carol Pearson narrates.

    Special Report

    Adrift The Invisible African Diaspora