Utilities


  • Utilities ‘Concerningly’ at Risk from Active Exploits

    June 14, 2021

    The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against. A new report from WhiteHat Security measured the amount of ...

  • Florida water treatment plant was involved in second security incident before poisoning attempt: report

    May 21, 2021

    A new study from Dragos has found that a water treatment plant in Oldsmar, Florida — where hackers attempted to poison the town’s water earlier this year — was also involved in another potential breach at the same time. A browser being used on the plant’s network was traced back to a “watering hole” attack that ...

  • USB threats to ICS systems have nearly doubled

    April 1, 2021

    The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period. Let’s face it. Critical infrastructure operators in manufacturing, aerospace, energy, shipping, chemical, ...

  • Critical Security Hole Can Knock Smart Meters Offline

    March 12, 2021

    Critical security vulnerabilities in Schneider Electric smart meters could allow an attacker a path to remote code execution (RCE), or to reboot the meter causing a denial-of-service (DoS) condition on the device. Schneider Electric’s PowerLogic ION/PM smart meter product line, like other smart meters, is used by consumers in their homes, but also by utility companies ...

  • WaterISAC: 15 Security Fundamentals You Need to Know

    March 10, 2021

    Attacks such as the one at Oldsmar highlight the need for water facilities to continue honing their ability to defend themselves against digital attacks. Towards that aim, they can use WaterISAC’s guidelines for water and wastewater utilities. The security fundamentals covered in those guidelines include the following: Asset Inventory Database You can’t protect what you don’t know you ...

  • Npower withdraws mobile app after hackers steal personal details

    February 27, 2021

    Npower has permanently withdrawn its mobile app after hackers used it to access its customers’ personal details, including the sort codes and the last four digits of their bank accounts. The hack, which cybersecurity experts said left the firm’s customers “wide open to fraud”, is understood to have taken place around the start of February. The company ...

  • Florida: Hacker Changed Chemical Levels at Oldsmar’s Water Treatment Plant

    February 8, 2021

    Pinellas County Sheriff Bob Gualtieri said at a news conference Monday there were two intrusions, hours apart. The first one happened at 8 a.m., when a plant operator noticed someone remotely accessing the system he was monitoring, which controls chemicals and other plant operations. But he didn’t think much of it, according to the sheriff, because ...

  • Eletrobras, Copel energy companies hit by ransomware attacks

    February 5, 2021

    Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week. State-controlled, both are key players in the country. Copel being the largest in the state of Paraná while Eletrobras is the largest power utility company in Latin America ...

  • Netwalker ransomware hits Pakistan’s largest private power utility

    September 8, 2020

    K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. K-Electric is Pakistan’s largest power supplier, serving 2.5 million customers and employing over 10 thousand people. Starting yesterday, K-Electric customers have been unable to access the online services for their account. To resolve this ...

  • Critical Bugs in Utilities VPNs Could Cause Physical Damage

    July 29, 2020

    Remote code-execution vulnerabilities in virtual private network (VPN) products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to operational technology (OT) networks in industrial systems are vulnerable to an array of security ...

  • Two more cyber-attacks hit Israel’s water system

    July 20, 2020

    Two more cyber-attacks have hit Israel’s water management facilities, officials from the Water Authority said last week. Officials said the attacks took place last month, in June, and didn’t cause any damage to the attacked organizations. The first attack hit agricultural water pumps in upper Galilee, while the second one hit water pumps in the central province ...

  • Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

    June 9, 2020

    The APT known as TA410 has added a modular remote-access trojan (RAT) to its espionage arsenal, deployed against Windows targets in the United States’ utilities sector. According to researchers at Proofpoint, the RAT, called FlowCloud, can access installed applications and control the keyboard, mouse, screen, files, services and processes of an infected computer, with the ability ...

  • UK electricity middleman hit by cyber-attack

    May 14, 2020

    Elexon, a crucial middleman in the UK power grid network, reported that it fell victim to a cyber-attack earlier today. In a short message posted on its website, the company said the incident only impacted its internal IT network and employee laptops. The company’s email server was also impacted and had been taken down, cutting employees off from crucial ...

  • Israel government tells water treatment companies to change passwords

    April 27, 2020

    The Israeli government says that hackers have targeted its water supply and treatment facilities last week. In a security alert sent by the Israeli National Cyber-Directorate (INCD), the agency is urging personnel at companies active in the energy and water sectors to change passwords for all internet-connected systems. If passwords can’t be changed, the agency recommended taking ...

  • Ransomware Hits U.S. Electric Utility

    February 27, 2020

    The Reading Municipal Light Department (RMLD) was infected with ransomware, as revealed in a statement by the electric utility. RMLD did not disclose the details on how their system was infected or the demands of the group behind the malware. There was also no indication of plans to pay ransom to the threat actors. RMLD is an electric utility in ...

  • Thousands of PCs Affected by Nodersok/Divergent Malware

    September 27, 2019

    New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said. The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own components but also takes advantage of existing tools to do ...

  • 17 US utility firms targeted by mysterious state-sponsored group

    September 24, 2019

    A mysterious state-sponsored hacking group has targeted at least 17 US utility firms with phishing emails for a five-month period between April 5 and August 29, Proofpoint reported today. The purpose of these attacks was to infect employees at US utility firms with LookBack, a remote access trojan with an extensive set of features. While no formal ...

  • Adwind Remote Access Trojan Hits Utilities Sector

    August 19, 2019

    Attackers are targeting entities from the utility industry with the Adwind Remote Access Trojan (RAT) malware via a malspam campaign that uses URL redirection to malicious payloads. Adwind (also known as jRAT, AlienSpy, JSocket, and Sockrat) is distributed by its developers to threat actors under a malware-as-a-service (MaaS) model and it is capable of evading detection by most major anti-malware ...

  • Nation-State APTs Target U.S. Utilities With Dangerous Malware

    August 2, 2019

    Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July 19 and 25. They purported to be from a U.S.-based engineering licensing board, but actually contained ...

  • Utilities, Energy Sector Attacked Mainly Via IT, Not ICS

    November 1, 2018

    Stealing administrative credentials to carry out months-long spy campaigns is a top threat. While industrial control systems (ICS) are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report on Energy and ...