Any major achievement is often the result of numerous activities that serve as baby steps toward the successful finale. Such was the case of how Russia was able to succeed in infiltrating America’s electric grid.
The strategy: Don’t take the obvious route. Working its way through a network of contractors and subcontractors, Russian hackers exploited security weaknesses in the utility supply chain, The Wall Street Journal reports. “Rather than strike the utilities head on, the hackers went after the system’s unprotected underbelly—hundreds of contractors and subcontractors…who had no reason to be on high alert against foreign agents. From these tiny footholds, the hackers worked their way up the supply chain.”
Showing a masterful command of the art of spearphishing, and taking advantage of security holes to plant malware, the hackers systematically worked their way through the grid. As most security professionals know, all it takes is one opening for threats to get in. In this case, there were many.
To nab computer network credentials, the attackers targeted websites frequented by utility engineers and planted malware. Another facet of the campaign involved applying for jobs with malware-infected resumes. Through their efforts, the cybercriminals gained access to portals used by utility workers, and even systems that monitor and control electricity flows.
As the FBI began to investigate, along with Homeland Security, they found that some of the businesses didn’t even realize they had been compromised. Quoting a former assistant secretary for cyber policy at Homeland Security, The Wall Street Journal writes, “What Russia has done is prepare the battlefield without pulling the trigger.”
Written by Rebecca Smith and Rob Barry, The Wall Street Journal article is a fascinating piece of storytelling that provides a close-up account of how the chronology unfolded.
Get the full story at The Wall Street Journal.