Iranian Hackers and the U.S. Power Grid

By Faye Higbee

Iranian Hackers and the U.S. Power Grid

Brian Wallace, a security specialist who works for the Cylance firm, was looking for someone who had stolen a University of California housing file. What he found instead was a trail of Iranian hackers who had managed to make inroads into the U.S. Power grid with the ability to cause power outages.  

 

Power Grid

The Times of Israel reported,

These intrusions have not caused the kind of cascading blackouts that are feared by the intelligence community. But so many attackers have stowed away in the systems that run the US electric grid that experts say they likely have the capability to strike at will…

…From Internet Protocol addresses in Tehran, the hackers had deployed TinyZbot, a Trojan horse-style of software that the attackers used to gain backdoor access to their targets, log their keystrokes and take screen shots of their information. The hacking group, he would find, included members in the Netherlands, Canada, and the United Kingdom.

…Then he discovered evidence of the attackers’ most terrifying heist — a folder containing dozens of engineers’ diagrams of the Calpine power plants.

Brian Wallace could be considered a hero of sorts in the world of cybersecurity, since he stumbled upon the information by overstepping his usual job and staying up long hours at night tracking the IP addresses of the hackers.

 iranian hackers

 

“Operation Cleaver” – not all targets are utility companies

The Iranian based hacking team has named its project “Operation Cleaver.” Thus far it has been used for intelligence gathering, but is said to have the ability to launch attacks. Since the U.S. and Israel may have been the ones who launched the attack on Iran’s nuclear program with the Stuxnet computer virus, some experts say this project may be in retaliation.

Ten of the companies targeted by the Iranians are U.S. based. And in 2013, the U.S. Navy (NMCI) was targeted. It took them 4 months to get back on track.

Reuters reported,

It said researchers who succeeded in gaining access to some of the hackers’ infrastructure found massive databases of user credentials and passwords, diagrams, and screenshots from organizations including energy, transportation, and aerospace companies, as well as universities…

The Chess Game of Hacking

Cheery thought. The government is always quick to tell us that these actions weren’t a big problem. At least that’s what they originally told us when the Office of Personnel Management was hacked some months ago. That turned out to be a widespread mess.

So let’s review: Iranian hackers continue to be active and are embedded in the power grid. Russian and Chinese hackers continue to be active. ISIS is active in the hacking game. Whether just snooping or the intent to pull down the United States, it could happen in the blink of an eye. Fortunately, we have excellent players on our side too with numerous Cybersecurity firms constantly monitoring and tracking the bad guys.

Who will get to “checkmate” first?