No big deal... Kremlin hackers 'jumped air-gapped networks' to pwn US power utilities
The US Department of Homeland Security is once again accusing Russian government hackers of penetrating America's critical infrastructure.
Uncle Sam's finest reckon Moscow's agents managed to infiltrate computers networks within US electric utilities – to the point where the miscreants could have virtually pressed the off switch in control rooms, yanked the plug on the Yanks, and plunged America into darkness.
The hackers, dubbed Dragonfly and Energetic Bear, struck in the spring of 2016, and continued throughout 2017 and into 2018, even invading air-gapped networks, it is claimed.
This seemingly Hollywood screenplay emerged on Monday in the pages of the Wall Street Journal (paywalled) which spoke to Homeland Security officials on the record.
The Energetic Bear aka Dragonfly crew – fingered in 2014 by Crowdstrike and Symantec – was inside “hundreds” of power grid control rooms by last year, it is claimed. Indeed, since 2014, power companies have been warned by Homeland Security to be on the look out for state-backed snoops – with technical details on intrusions published here.
The Russians hacked into the utilities' equipment vendors and suppliers by spear-phishing staff for their login credentials or installing malware on their machines via boobytrapped webpages, it is alleged.
The miscreants then leveraged their position within these vendors to infiltrate the utilities and squeeze into the isolated air-gapped networks in control rooms, it is further alleged. The hacker crew also swiped confidential internal information and blueprints to learn how American power plants and the grid system work.
We're told, and can well believe, that the equipment makers and suppliers have special access into the utilities' networks in order to provide remote around-the-clock support and patch deployment – access that, it seems, turned into a handy conduit for Kremlin spies.
The attacks are believed to be ongoing, and some utilities may not yet be aware they've been pwned, we were warned. It is feared the stolen information, as well as these early intrusions, could be part of a much larger looming assault.
“They got to the point where they could have thrown switches,” Jonathan Homer, chief of industrial control system analysis for Homeland Security, told the paper.
The Register will watch developments, however, caution is probably a useful prescription at this stage.
After all, an attack on the American grid reported in late 2016 turned out to be far less than was first feared: it was one infected laptop in a relatively small operator, Burlington Electric, and the attack didn't reach control systems.
Infrastructure security expert Robert Lee has a level-headed thread, here, on Twitter. "In short, please take cyber threats to industrial infrastructure serious," he said. "They are getting far more aggressive and numerous. But let’s not use word choices that mislead and hype up the issue. It’s bad enough without added fear."
While the Kremlin has seemingly developed a keen interest in America's computer systems, it has denied any wrongdoing.
- Sales Manager (IT Managed Services)
- Up to £80,000 Base + Double OTE
Sales Manager (IT Managed Services) Ref BD7627 Salary: Up to £80,000 Base + Double OTE A great opportunity has come up for a Sales Manager to join a fast-growing IT infrastructure provider to manage their north west-based new business sales team. The Sales Manager will be responsible for leading an enterprise new business sales team who will be bidding and winning new business within the North West region. Skills & Experience required: Direct sales experience in the telecommunications/technology sector. Strong leadership/team skills and a positive track record in executing sales process & strategies and coordinating among internal and external stakeholders. Strong understanding of IT managed services such as Cloud, Cyber Security, Telecommunications (WAN/MPLS/SDWAN etc.) & Unified Communications. Have a team player attitude as well as being able to manage. Sales Manager Jobs, Telecoms Jobs, Telecommunications Jobs
- Security Overlay Specialist, Presales Consultant
- Up to £80,000 plus 25% Commission and benefits
RA7291 Location: South East Salary Up to £80,000 plus 25% Commission and benefits Security Overlay Specialist, Presales Consultant A technically minded but sale focus individual is needed to be the Security Overlay Specialist for a global Tier 1 Service provider, Your remit will be to be the technical sales advocate for solutions based on security and Managed Network Services products; proactively working with the Account teams, Marketing Teams, Strategic Partners and key customer prospects directly in the development of pipeline and closure of key deals in this technology domain. They are looking for someone who has the technical networking and security background with the ability to do high-level technical solution design but who enjoys being more sales-focused and is able to help shape and develop deals with customers and work internally in helping to shape and develop the solution proposition Key responsibility will include 1) Technical qualification 2) pipeline generation 3) key deal leadership They are not looking for a hardcore Security Deep Domain expert, more of a global network services generalist with good broad security knowledge and some experience in working on managed UTM and Threat Monitoring services deals, but eager to learn and skill up in this area. Presales Jobs, Pre-Sales Jobs, Overlay Sales Jobs, Cyber Security Jobs, IT Security Jobs
- Presales Consultant (Collaboration)
- £60,000 - £70,000 + bonus + benefits
Presales Consultant (Collaboration) RA7316B Location: London £60,000 - £70,000 + bonus + benefits One of the leading Global Telco’s are looking to expand their Collaboration presales team. The Presales Consultant will be responsible for providing technical guidance to the sales team and Enterprise Customer focusing around Cisco and Microsoft UC solutions. The Presales Consultant will have a good technical and general knowledge of cisco UC and Contact centre solutions and ideally experience to Microsoft Skype for Business and teams, you will be able to translate enterprise customer requirements into functional, effective and appropriate solutions for your customer base. Candidates need to have previous presales experience advising customers on collaboration solutions. You will need experience of doing high level design and presenting these solutions to C-level Executives. (Unified Comms Jobs, Unified Communications Jobs, UC Jobs, Collaboration Jobs)
- Collaboration Practice Lead
- Up to £90,000 + bonus + benefits
Collaboration Practice Lead RA5791 Location: London Salary up to £90,000 plus bonus and benefits Collaboration Practice Lead is required for a global Tier 1 Service provider, you will be part of a global team helping to shape and deliver UC and Contact centre (CC) solution to enterprise clients and select SI partners. Responsibilities include Regular interaction with multi Regional SMEs to understand divergent UC/ CC needs and drive a team of Solution engineers and aid them in review/ approve the functional design, prepare and present customized solutions etc. Support the Proposal team in RFI, RFP and SO Identify desired UC/ CC solution functionality, evaluate alternatives, close gaps with Product. Strong alignment with Various OEMs in Collaboration (Audio, Video, Web and Social) Industry. Ability to work with Engineering, Product and Marketing teams to offer feedback, bridge Gaps and conduct technology sessions and participate in Industry forums representing TCL. Create readily demonstrable demos and develop POCs with prospective customers thereby enhancing Sales Funnel for UCC portfolio. Able to position Hosted Solutions across Contact center, Webex and IPT Solutions against premise setups You will require Proven leadership skills that build relationships with key stakeholders. Ability to communicate effectively and experience in documenting requirements and specifications is essential. Ability to cross-train and mentor associates on UCC technologies and updates Strong Knowledge around SIP, IP PBX, Webex, IPT, Various Video endpoints, interoperability scenarios is desired. Knowledge and experience designing and implementing enterprise room-based and mobile videoconferencing systems Experience with enterprise Cisco voice platforms is required, including Communications Manager, Unity Connection, Cisco Presence, Contact Center Express or Enterprise, Telepresence, Jabber etc Enterprise voice, video, and collaboration architectures including core call processing, voicemail, presence, contact centre, call recording, video conferencing, instant messaging, etc. In depth understanding of high availability design best practices for enterprise voice and video systems Microsoft Skype and teams experience would be beneficial (Unified Comms Jobs, Unified Communications Jobs, UC Jobs, Collaboration Jobs)