Story image

Germany infiltrated by Russian group that crippled Ukraine’s power

09 May 2018

In modern global countries, electricity goes without saying – it’s just there.

But news has emerged that reveals it’s not quite as secure as you might think. One of the largest daily newspapers in Germany (Süddeutsche Zeitung, also known as SZ) published an article last week that claimed Russian threat actors had "infiltrated the networks of at least two energy providers in Germany."

The article was confirmed by three independent sources and also attests that the Russian group in question is the same one that attacked the Ukrainian power grid in 2015 and 2016, known as Sandworm.

In the Ukraine case, hackers managed to breach the computer systems of a number of power operators to effectively cut the supply to the city, making it one of the most effective hacking cases the world has ever seen – so well choreographed in fact that experts asserted only a government could be behind it.

The same hackers apparently succeeded in penetrating the networks of at least two German energy providers in the summer of 2017, albeit in the early stages.

CyberX industrial cybersecurity VP Phil Neray says this news shows that Russian threat actors have expanded their critical infrastructure targets beyond the Ukraine – and beyond the U.S. – to include western Europe.

“It's not surprising given Russia's stated strategy of leveraging cyber to exert its geopolitical muscle on the global stage. The recent FBI/DHS alert confirmed that Russian cyberattackers have successfully compromised U.S. critical infrastructure since at least 2016,” says Neray.

“Industrial control networks are notoriously insecure. According to CyberX's ‘Global ICS & IIoT Risk Report,’ which analysed traffic data from 375 production industrial control networks worldwide, 60% of industrial sites are still using plain-text passwords and 3 of 4 are still running outdated versions of Windows like Windows XP and Windows 2000.”

In terms of how we can prevent these attacks from happening to critical infrastructure, Neray is adamant.

“Industry best practices suggest that continuous monitoring with behavioral analytics is a key way to identify and stop these attacks during the early cyber reconnaissance stage – before attackers can launch more destructive or disruptive attacks like the ones we've seen in both the Ukraine and Saudi Arabia,” Neray concludes.

The possibilities and potential implications of a hacked power grid are infinite as aforementioned, we have come to rely on it as always being there. Due to the increasing networking of modern power systems, cybercriminals could not only disrupt the supply but also selectively damage it.

Without electricity there would be no trains, no ATMS, no water, no heating or flushing… the list goes on.

Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.