Hackers are now “zero steps” away from shutting electricity down for millions of people, the media have reported this Wednesday. Security firm Symantec has warned that hackers, and state-sponsored at that, have managed to penetrate multiple operational networks of both US and EU energy companies.
Ars Technica reports this is a “dramatic escalation” of the attacks by the group known as Dragonfly, which has been targeting the energy sector for the past six years.
Now, this group managed to compromise tens of energy firms and thus managed to install backdoors in networks firms use to supply power to the grid. They could basically leave us all without electricity, however they’re not (yet) doing it.
"What's most concerning is we now see them intruding on operational networks of energy companies," Eric Chien, technical director of Symantec's security response and technology division, told Ars. "Before, we were talking about them being one step away, and what we see now is that they are potentially in those networks and are zero steps away. There are no more technical hurdles for them to jump over."
So what can these hackers do with the credentials and the backdoors? They could, for starters, control the company’s energy assets. They could hijack systems that monitor grid health. They could create various failures. In short, they could make quite the mess.
Symantec said removing malware wouldn’t suffice as hackers probably have credentials so getting back wouldn’t be that difficult.
Image Credit: Welcomia / Shutterstock