US power stations targeted by hackers linked to North Korea

FireEye, a cybersecurity company, disclosed to private clients that on September 22, 2017 it detected and stopped spear phishing emails being sent to US power companies. The emails came from hackers affiliated with the North Korean government and included an invitation link to a fake fundraiser. Once a recipient clicked the link, it would download malware onto their network.

FireEye, which offers cybersecurity, forensics investigation, and incident response services, reported that the spear phishing emails were connected to hackers in the early reconnaissance stages. There was no indication of an imminent, disruptive cyber threat. Fortunately, the spear phishing incident against US electrical companies did not affect the operations of any US power companies.

FireEye’s blog informed readers that nation states will participate in cyber espionage operations for intelligence gathering and contingency planning, particularly if there is conflict, or tensions are high with other nations.

Robert Lee, a cybersecurity consultant, asserts that at this point in time foreign powers in general are far from disrupting the electric power grid. FireEye stated that this cyber criminal activity lacked technical and operative steps that would make it disruptive.

However, according to C. Frank Figliuzzi, a former chief of counterintelligence at the FBI, “This is a signal that North Korea is a player in the cyber-intrusion field and it is growing in its ability to hurt us.” The Department of Defense ranked Russia, China, Iran, and North Korea as the most significant potential cyber adversaries, in order of prevalence. FireEye has detected more than 20 cyber threat groups suspected of being sponsored by at least four other nation states that are trying to gain access to targets in the energy sector and cause disruption.

Protect your organization by instilling long-lasting cybersecurity awareness

An effective, robust information security management system (ISMS) is built upon the three pillars of cybersecurity: people, processes, and technology, which recognizes and the real threat of staff-related vulnerabilities such as human error and poor security awareness. Our Security Awareness Program will support you in transforming your organization’s culture into one that embraces cybersecurity behavior and practices it every day. The program is especially helpful for organizations looking to implement an ISMS that is ISO 27001 compliant. Learn more here >>

Security Awareness Program