Homeland Security Network Blog

The information source for first responders.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Posted by on in Terrorism
  • Font size: Larger Smaller
  • Hits: 698
  • Print

How an embarrassing breach became a master class in cybersecurity

b2ap3_thumbnail_How-an-embarrassing-breach-became-a-master-class-in-cybersecurity.jpg

Raytheon

On its face, the hack was so bad you’d think no one would even want to acknowledge it.

Criminals had slithered into computer networks across the energy industry, infiltrating some so deeply that experts believed they had the power to throw entire regions into darkness. The intrusion provided powerful evidence of the threat hackers pose to the industries that underpin modern life, including energy, finance, healthcare, manufacturing and transportation.

But the breach, first reported by the cybersecurity company Symantec in September 2017, also revealed much about the way these attacks work. So much, in fact, that the U.S. government turned it into a cautionary tale. In a 16-page report, a team of cyber specialists from the Department of Homeland Security and Federal Bureau of Investigation dissected the hackers’ tradecraft, hoping the information would help prevent similar attacks – and keep this one from getting any worse.

Experts say that kind of communication is crucial in an age when hackers, whether motivated by mischief or bent on waging full-on cyber warfare, are constantly finding ways to infiltrate, corrupt and weaponize whatever touches the internet – often bit by bit.

“It’s important to raise awareness,” said Mark Orlando, chief technology officer for cyber services at Raytheon. “These details, if taken by themselves, might not seem that impactful. When presented with the entire story, we can see it was part of a larger, sustained campaign, potentially causing a lot of damage.”

The potential for that damage is far-reaching, said Constance Douris, who studies cybersecurity for the Lexington Institute, a Washington, D.C. think tank that focuses on defense. She said hacking the power grid is essentially a newer way of attacking a traditional military target.

Read more: https://www.raytheon.com/news/feature/hackers_playbook.html