- Bug lets Twitter save your DMs—even after you delete them Friday 7:21 PM
- Guy mansplains song to Japanese Breakfast, the female artist who wrote the song Friday 6:38 PM
- Ann Coulter’s Twitter bio links to a vulgar parody account Friday 5:22 PM
- Popular YouTube music channel gets income yanked for ‘repetitious’ content Friday 4:14 PM
- New website will endlessly generate fake faces thanks to AI Friday 3:41 PM
- Man fakes getting stood up at Outback Steakhouse Friday 3:03 PM
- FCC looks to tackle robocalls and spoofed texts Friday 2:57 PM
- How to protect yourself from the data breach that affected 744 million accounts Friday 12:56 PM
- How to stream Rob Brant vs. Khasan Baysangurov online for free Friday 12:21 PM
- No, Ocasio-Cortez doesn’t have her boyfriend on her payroll Friday 12:20 PM
- Writers want this book canceled for misgendering its protagonist Friday 12:15 PM
- Trump Jr’s meme about his dad’s border wall doesn’t get how Congress works Friday 11:44 AM
- FBI reportedly looking into Ryan Adams’ communications with underage girl Friday 11:25 AM
- Trump does Chinese accent, declares national emergency, bewilders the internet Friday 11:21 AM
- Chrissy Teigen throws shade at Logan Paul-Kaitlin Bennett pairing Friday 10:48 AM
Hackers operating on behalf of Russia appear to have penetrated U.S. power networks and may have even caused blackouts.
The Department of Homeland Security says that the hackers broke into “secure,” isolated utility networks by first infiltrating the networks of main vendors, the Wall Street Journal reports. The hackers belong to a state-sponsored group called “Dragonfly” or “Energetic Bear.”
While the DHS did not explicitly name what utility organizations were compromised, on Monday it did say that there were hundreds of victims. Some companies may not even realize they were targeted in these attacks, as they were conducted using valid employee credentials gained through phishing attacks and fake websites.
Symantec first publicly reported on knowledge of the group’s attacks in late 2017. The DHS, meanwhile, has been warning utility executives about the group since 2014. The attacks seem to have started in 2016, extended through 2017, and could be ongoing.
“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so,” Symantec’s security team wrote in a blog post. Symantec presumes that sabotage or intelligence gathering are the main reasons for the group to attack our energy grid.
Russia denies targeting U.S. infrastructure, according to the Wall Street Journal.
The Journal reports the hacking group “vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled.” The goal was to disguise themselves as people regularly expected to manage these systems. The DHS is now looking for signs that attacks may be automated, while experts wonder whether hackers may have damaged systems in ways yet to surface.
In 2016, the U.S. confirmed that its own similar state-sponsored cyberattack caused a massive power outage in Ukraine.
H/T Business Insider
Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.