Homeland Security Network Blog
The information source for first responders.
How an embarrassing breach became a master class in cybersecurity
On its face, the hack was so bad you’d think no one would even want to acknowledge it.
Criminals had slithered into computer networks across the energy industry, infiltrating some so deeply that experts believed they had the power to throw entire regions into darkness. The intrusion provided powerful evidence of the threat hackers pose to the industries that underpin modern life, including energy, finance, healthcare, manufacturing and transportation.
But the breach, first reported by the cybersecurity company Symantec in September 2017, also revealed much about the way these attacks work. So much, in fact, that the U.S. government turned it into a cautionary tale. In a 16-page report, a team of cyber specialists from the Department of Homeland Security and Federal Bureau of Investigation dissected the hackers’ tradecraft, hoping the information would help prevent similar attacks – and keep this one from getting any worse.
Experts say that kind of communication is crucial in an age when hackers, whether motivated by mischief or bent on waging full-on cyber warfare, are constantly finding ways to infiltrate, corrupt and weaponize whatever touches the internet – often bit by bit.
“It’s important to raise awareness,” said Mark Orlando, chief technology officer for cyber services at Raytheon. “These details, if taken by themselves, might not seem that impactful. When presented with the entire story, we can see it was part of a larger, sustained campaign, potentially causing a lot of damage.”
The potential for that damage is far-reaching, said Constance Douris, who studies cybersecurity for the Lexington Institute, a Washington, D.C. think tank that focuses on defense. She said hacking the power grid is essentially a newer way of attacking a traditional military target.