Quick Take: We are learning that more than 1,000 utilities in the U.S. and Europe have had their computer systems compromised by malware.
My first question: Why do utilities have to get this kind of warning through news stories long after the fact? Why don't we have a system set up for sharing new dangers as soon as they crop up?
My second question: Could utilities be facing a PR disaster like the one plaguing GM over its faulty ignition switches? Take a look at the recommendation below suggesting that utilities spend 15-20% of their IT budget on cybersecurity. Now suppose that an attack creates an outage lasting days or even weeks. And that an investigation shows the utility had only been spending (let's say) 3% on cybersecurity. Could a utility be held at fault for failing to take sufficient steps to prevent it? â€“ Jesse Berst
A large-scale hacking campaign has successfully infiltrated more than a thousand power plants across the United States and Europe. A group called Dragonfly used malware to gain remote access. So far, they have only used the malware to spy, but they could have used its remote-access functionality to "wreak considerably more havoc had they decided to," according to The Verge.
Dragonfly's control servers are based in Eastern Europe, leading the Financial Times to conclude that the attacks are Russian in origin. Many observers say the group is so large and well-funded that it must have the active support of the Russian government, all the way up to Russian President Vladimir Putin. Some even think the attacks are retaliation for U.S. sanctions against Russia for its actions in Ukraine.
Former World Bank cybersecurity expert Thomas Kellermann told Fox Business that utilities should be spending 15-20% of their IT budget on cybersecurity. In particular, he thinks utilities need to set up barrier systems and threat detection systems.