Hackers behind dangerous oil and gas intrusions are probing US power grids

by
Dan Goodin
from Ars Technica - All content on (#4H85T)
power-lines-800x534.jpg

Enlarge / Power Lines in Page, Arizona (credit: IIP Photo Archive)

In a new troubling escalation, hackers behind at least two potentially fatal intrusions on industrial facilities have expanded their activities to probing dozens of power grids in the US and elsewhere, researchers with security firm Dragos reported Friday.

The group, now dubbed Xenotime by Dragos, quickly gained international attention in 2017 when researchers from Dragos and the Mandiant division of security firm FireEye independently reported Xenotime had recently triggered a dangerous operational outage at a critical-infrastructure site in the Middle East. Researchers from Dragos have labeled the group the world's most dangerous cyber threat ever since.

The most alarming thing about this attack was its use of never-before-seen malware that targeted the facility's safety processes. Such safety instrumented systems are a combination of hardware and software that many critical infrastructure sites use to prevent unsafe conditions from arising. When gas fuel pressures or reactor temperatures rise to potentially unsafe thresholds, for instance, an SIS will automatically close valves or initiate cooling processes to prevent health- or life-threatening accidents.

Read 10 remaining paragraphs | Comments

index?i=qhFGt8vy9js:VBw1ivlMWSE:V_sGLiPB index?i=qhFGt8vy9js:VBw1ivlMWSE:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments