- Регистрация
- 17 Февраль 2018
- Сообщения
- 40 832
- Лучшие ответы
- 0
- Реакции
- 0
- Баллы
- 8 093
Offline
NYT says US hackers were able to turn off power and then quickly turn it back on.
Credit: Getty Images
The New York Times has published new details about a purported cyberattack that unnamed US officials claim plunged parts of Venezuela into darkness in the lead-up to the capture of the country’s president, Nicolás Maduro.
Key among the new details is that the cyber operation was able to turn off electricity for most residents in the capital city of Caracas for only a few minutes, though in some neighborhoods close to the military base where Maduro was seized, the outage lasted for three days. The cyber-op also targeted Venezuelan military radar defenses. The paper said the US Cyber Command was involved.
Got more details?
“Turning off the power in Caracas and interfering with radar allowed US military helicopters to move into the country undetected on their mission to capture Nicolás Maduro, the Venezuelan president who has now been brought to the United States to face drug charges,” the NYT reported.
The NYT provided few additional details. Left out were the methods purportedly used. When Russia took out electricity in December 2015, for instance, it used general-purpose malware known as BlackEnergy to first penetrate the corporate networks of the targeted power companies and then further encroach into the supervisory control and data acquisition systems the companies used to generate and transmit electricity. The Russian attackers then used legitimate power distribution functionality to trigger the failure, which took out power to more than 225,000 people for more than six hours, when grid workers restored it.
In a second attack almost exactly a year later, Russia used a much more sophisticated piece of malware to take out key parts of the Ukrainian power grid. Named Industroyer and alternatively Crash Override, it’s the first known malware framework designed to attack electric grid systems directly.
As I reported in 2017:
What makes Crash Override so sophisticated is its ability to use the same arcane technical protocols that individual electric grid systems rely on to communicate with one another. As such, the malware is more notable for its mastery of the industrial processes used by global grid operators than its robust code. Its fluency in the low-level grid languages allowed it to instruct Ukrainian devices to de-energize and re-energize substation lines, a capability not seen in the attack a year earlier that used a much cruder set of tools and techniques. The concern is that “Industroyer"—the other name given to the malware—can be used against a broad range of electric systems around the world.
Besides the lack of details of the purported hack of Venezuela’s power infrastructure, electricity experts have said that the country’s grid has been in disrepair for years. It’s feasible, they say, that power went out due to inadequate maintenance and investment. Another reason for skepticism is that Venezuela’s government said US missiles were at least partially to blame. An unconfirmed video circulating on social media also purports to show a bombed-out substation.
Whether through kinetic or cyber attacks, military strikes on power grids have been controversial because the collateral damage they cause can take out hospitals and other infrastructure that’s crucial to civilians’ survival.
The NYT said the strike on Venezuela’s power infrastructure “demonstrated [the] precision” of US cyber capabilities and showed the US “could use cyberweapons with powerful and precise effects.” If the attacks were indeed the result of cyber intrusions, there will likely be ample forensic evidence for independent experts in security power grids to confirm. Until then, there’s reason to withhold final judgment.
Credit: Getty Images
The New York Times has published new details about a purported cyberattack that unnamed US officials claim plunged parts of Venezuela into darkness in the lead-up to the capture of the country’s president, Nicolás Maduro.
Key among the new details is that the cyber operation was able to turn off electricity for most residents in the capital city of Caracas for only a few minutes, though in some neighborhoods close to the military base where Maduro was seized, the outage lasted for three days. The cyber-op also targeted Venezuelan military radar defenses. The paper said the US Cyber Command was involved.
Got more details?
“Turning off the power in Caracas and interfering with radar allowed US military helicopters to move into the country undetected on their mission to capture Nicolás Maduro, the Venezuelan president who has now been brought to the United States to face drug charges,” the NYT reported.
The NYT provided few additional details. Left out were the methods purportedly used. When Russia took out electricity in December 2015, for instance, it used general-purpose malware known as BlackEnergy to first penetrate the corporate networks of the targeted power companies and then further encroach into the supervisory control and data acquisition systems the companies used to generate and transmit electricity. The Russian attackers then used legitimate power distribution functionality to trigger the failure, which took out power to more than 225,000 people for more than six hours, when grid workers restored it.
In a second attack almost exactly a year later, Russia used a much more sophisticated piece of malware to take out key parts of the Ukrainian power grid. Named Industroyer and alternatively Crash Override, it’s the first known malware framework designed to attack electric grid systems directly.
As I reported in 2017:
What makes Crash Override so sophisticated is its ability to use the same arcane technical protocols that individual electric grid systems rely on to communicate with one another. As such, the malware is more notable for its mastery of the industrial processes used by global grid operators than its robust code. Its fluency in the low-level grid languages allowed it to instruct Ukrainian devices to de-energize and re-energize substation lines, a capability not seen in the attack a year earlier that used a much cruder set of tools and techniques. The concern is that “Industroyer"—the other name given to the malware—can be used against a broad range of electric systems around the world.
Besides the lack of details of the purported hack of Venezuela’s power infrastructure, electricity experts have said that the country’s grid has been in disrepair for years. It’s feasible, they say, that power went out due to inadequate maintenance and investment. Another reason for skepticism is that Venezuela’s government said US missiles were at least partially to blame. An unconfirmed video circulating on social media also purports to show a bombed-out substation.
Whether through kinetic or cyber attacks, military strikes on power grids have been controversial because the collateral damage they cause can take out hospitals and other infrastructure that’s crucial to civilians’ survival.
The NYT said the strike on Venezuela’s power infrastructure “demonstrated [the] precision” of US cyber capabilities and showed the US “could use cyberweapons with powerful and precise effects.” If the attacks were indeed the result of cyber intrusions, there will likely be ample forensic evidence for independent experts in security power grids to confirm. Until then, there’s reason to withhold final judgment.
