US utility control systems hacked, claims Department of Homeland Security

By Graeme Burton
21 May 2014 View Comments
electric-meter

The control systems of a US utility have been hacked and compromised, according to the Department of Homeland Security (DoHS). However, it adds that there is no evidence that the utility's operations were affected.

The revelation follows a report from the agency's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The DoHS has refused to name the utility.

Further reading

"While unauthorised access was identified, ICS-CERT was able to work with the affected entity to put in place mitigation strategies and ensure the security of their control systems before there was any impact to operations," a DoHS official told Reuters.

Such attacks are rarely publicly disclosed, but ICS-CERT said it was likely that the utility had been hit before, although it did not disclose further details.

The agency said that the probable entry point for the hackers was an internet portal that enabled workers to access the utility's control systems. The system was protected by just a "simple" password that could easily be cracked with standard brute-force tools.

Justin W. Clarke, an industrial control security consultant with security firm Cylance, told Reuters that it is rare for such breaches to be identified by utilities and even more rare for the government to disclose them.

"In most cases, systems that are so antiquated as to be susceptible to such brute forcing technologies would not have the detailed logging required to aid in an investigation like this," he said.

Last year ICS-CERT responded to 256 online security reports, more than half of them in the energy sector.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

36 %
31 %
13 %
20 %