Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 24 July 2018 / Published in Woo on Tech

Russia Hacked US Power Utilities

We’ve known since at least 2013 that American utility companies are under constant cyber attack, but at the time I wrote that blog four years ago, lawmakers and the industry believed that their security was sufficient to withstand the incursions. Welcome to 2018, where everything is getting hacked, including, yes, American power utilities. According to recent disclosures from the Department of Homeland Security and reported through the Wall Street Journal, highly organized hacker teams backed by Russia have compromised the security of “hundreds” of utility companies, to the point of being able to cause actual interruptions in power flow.

What this means for you

Far from the Hollywood vision of suave, athletic spies dangling from wires over laser grid alarms, the majority of the reported hacks were achieved through the most mundane of attack vectors: email phishing and watering-hole websites that trick users into typing in their credentials for what they believe are legitimate access requests. The hackers targeted smaller vendors and service companies attached to the larger utilities, taking advantage of their typically smaller cybersecurity budgets as well as their proximity to the actual target. Once they had compromised the security of the vendors that serviced the targeted utility, they were able to become wolf in sheep’s clothing, and from there easily penetrate the relaxed perimeter.

While this is a gross simplification of a highly involved and concentrated effort that spanned years of work, it should again highlight the obvious weak-point in cybersecurity: people. Unfortunately, increasing security precautions have acclimated everyone to entering passwords every time our devices pop up a dialog box asking for one. Even those of us with training are hard pressed to carefully assess every authentication request. Until technology provides us with a better way to authenticate, passwords will continue to be a glaring weakness in security. Every time your device asks for a password, take a few seconds to assess if the password request is expected and, more importantly, properly formed. The latter does take some training, but as long as you are properly paranoid, that is a huge step in the right direction. The worst that could happen from canceling out of an unexpected password prompt is a few more minutes delay in getting to whatever information you were trying to access. Unless you are in a life-or-death situation, that delay could save you from a future blackout.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

  • Tweet

What you can read next

Microsoft zero-day warning
New IE zero-day surfaces
ATT Hacked
ATT Insider Breach Exposes Customer Data
The Elephant on the Internet, Part 2

1 Comment to “ Russia Hacked US Power Utilities”

  1. RONALD GRANT says :Reply
    July 25, 2018 at 2:46 pm

    Yep, that’s how the Target breach occurred.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP