American electric companies have been on red alert since a hacking group named Rapsite has been targeting American electric grids. Dragos who specialize in critical infrastructure forensic attacks have discovered intrusions at an electric utility company.
The group have been actively attacking electrical grids over the last year, they have been using techniques like phishing to steal usernames and passwords in an effort to gain leverage over internal systems. The security researchers at Dragos believe there is a possibility that the hackers could access the electric grid and shut down the entire system. The main objective of the group is to access the victim system remotely and compromise the Industrial Control Systems in order to facilitate blackouts.
“The activity group is targeting electric services, however there is no current evidence the group has the capability of damaging ICS attacks including widespread blackouts like those in Ukraine,” the Dragos report said. In late 2015, a major electricity blackout was published in Ukraine and malware was found on company networks. It was a landmark cyberattack later blamed on Russia.
According to Symantec, the hackers are based in Iran and have experience of taking advantage of tools from shadow brokers. “Dragos caught RASPITE early in its development which is ideal as it enables us to track its behaviour and threat sequence to help organizations defend against them,” said Sergio Caltagirone, director of threat intelligence at Dragos, in a statement sent to News email.
Take your time to comment on this article.