The ISIL is trying to hack American electrical power companies

October 17, 2015  By Pierluigi Paganini


US authorities confirmed that hackers belonging to the Islamic State (ISIL) are trying to hack American electrical power companies.

According to the U.S. law enforcement, the ISIL is trying to hack American energy firms, the news arrives while the US Government  has charged for the first time a man of cyberterrorism.

The news was revealed by law enforcement officials during a conference of American energy firms that were discussing Homeland Security. The ISIL has the cyber capabilities to run cyber attacks against US critical infrastructure and the US intelligence is aware of the risks.

In May 2015, Pro-ISIL Hackers belonging to the Cyber Caliphate hacking team threatened ‘Electronic War’ on US and Europe.

“ISIL is beginning to perpetrate cyberattacks,” explained Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security.

Investigators revealed to CNNMoney that Islamic State have run a series of cyber attacks that have been unsuccessful. They avoided to provide further information on the attacks neither cited evidence of specific incidents.

The experts described the attacks as not particularly sophisticated, anyway they represent a serious threat to the Homeland Security. ISIL hackers use to buy hacking tools in the black markets, there is no evidence that they are developing their own “cyber weapons.”

“Strong intent. Thankfully, low capability,” said John Riggi, a section chief at the FBI’s cyber division. “But the concern is that they’ll buy that capability.”

The risk of a cyber attack is scaring law enforcement, an incident on power companies could disrupt the flow of energy to U.S. homes and businesses.

The problem is not limited to the ISIL, also domestic terrorists and foreign state-sponsored hackers could cause serious damage. In the past industrial control systems at the energy industry were attacked by Russian hackers,

In July 2014 researchers at FireEye detected a new variant of Havex RAT that was specifically designed to scans SCADA network via Object linking and embedding for Process Control (OPC), control systems hit by the malware are vital components in any industrial process including energy.

In June 2014 experts at F-Secure discovered instances of the Havex malware used to targetIndustrial Control Systems (ICS) in surgical attacks implementing “watering-hole attack” scheme which involved ICS vendor site as intermediary target.  It has been estimated that the number of compromised energy companies in the US and Europe is nearly 1000, an impressive number that gives us an idea of the impact of the Havex operation.

In November 2014, the US-CERT issued an Alert (ICS-ALERT-14-281-01A) related to an ongoing sophisticated Malware campaign compromising ICS systems with BlackEnergy malware.

“They’d love to do damage, but they just don’t have the capability,” said the Mark Lemery, a critical infrastructure protection coordinator. “Terrorists have not gotten to the point where they’re causing physical damage.”

The experts sustain that an attack on the entire U.S. energy grid is not simple because the national infrastructure is “a chaotic patchwork of “grids,” each with different types of machines and software that don’t smoothly coordinate or communicate”.

How to protect critical infrastructure from cyber attacks of terrorist group like the ISIL?

As explained by Riggi, it is necessary a joint effort of law enforcement and intelligence agencies inside the US and also on a global scale.

ISIL cyber attacks on energy industry

“We’ve had pretty good success actually,” Riggi said. “Since the FBI is an intelligence agency, we rely on the help of CIA and NSA. We compare information with the NSA.”

What will happen if hackers will hit critical infrastructure in the US, which will be the economic impact of a cyber attack against a power grid?

According to a poll done by Morning Consult firm, cyber attacks are just behind terrorism attacks on the list of biggest threats to the US, it has been estimated that the insurance industry could face losses of about $21 billion.

If you want more info give a look to my report “Cyber Attacks on the Power Grid: The Specter of Total Paralysis

Pierluigi Paganini

(Security Affairs –  Energy industry, ISIL)



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Russian Hackers suspected for the intrusion of Dow Jones systems

 Bloomberg states that the ongoing investigation conducted by US authorities was probing allegations that there is a Russian...