Electric Power Industry Leaders Have Taken Note. The Electricity Subsector Coordinating Council, A Group Of Energy Industry CEOs That Meets Regularly With Top Government Officials, Held A "Situational Awareness Call" About Potential Threats To The Grid..
"The Electric Power Industry Takes All Vulnerabilities And Threats To The Energy Grid And Our Supply Chains Very Seriously, Including The Latest SolarWinds Orion Platform Vulnerability That Cuts Across Many Sectors," ESCC Said In A Statement
🔗eenews.net/stories/106372…
🔗eenews.net/stories/106372…
Kimberly Mielcarek:
"It Was Not Immediately Clear How The Global Intrusion Campaign Could Affect The Operational Technology That Keeps The Lights On And Oil & Gas Facilities Online. But Experts Said Some Critical Infrastructure Operators Rely On Orion And Had Been Hacked"
"It Was Not Immediately Clear How The Global Intrusion Campaign Could Affect The Operational Technology That Keeps The Lights On And Oil & Gas Facilities Online. But Experts Said Some Critical Infrastructure Operators Rely On Orion And Had Been Hacked"
Suzanne Lemieux, Manager Of Operations Security And Emergency Response Policy At The American Petroleum Institute, Said Oil And Gas Companies "Work Tirelessly To Maintain And Improve Their Defenses."
SolarWinds Said In A Securities And Exchange Commission Filing That It Believes "Fewer Than 18,000" Users Of Its Orion Monitoring Tool Were Vulnerable To Being Hacked
In March, Hackers Have Hijacked Software Updates For Orion Products, Injecting Them With Malware Dubbed "Sunburst." The Hacked Updates Become A Trojan Horse For The Hackers To Breach The Networks Of Orion's Clients
When A Victim Downloads A Seemingly Trustworthy Orion Patch "Much Like Updating Apps On Your Phone" The Hackers Get A Back Door Into The Target Computer System
Rob Lee, CEO Of Dragos, Inc Notes That In Some Cases The OEMs Don’t Just Have Access To Customer Networks — They Actually Directly Infected Their Customers With The SolarWinds Software. That’s Because Some Of Them Use SolarWinds Not Just On Their Own Networks
But Also Have Installed It On Customer Networks To Manage And Monitor Those, Sometimes Without The Customers Being Aware This Was Done..
🔗theintercept.com/2020/12/24/sol…
🔗theintercept.com/2020/12/24/sol…
The “Backdoor” Provided An Attacker With Access To The Network Of Anyone Who Downloaded It Gathered Information About The Infected Network, Then Waits About Two Weeks Before Sending A Beacon To A Server Owned By The Hackers, Along With Information About The Infected Network
To Signal That The Infected System Is Open For Them To Surreptitiously Enter. The Hackers Would Have Used That Information To Determine Which Targets They Wanted To Burrow Into Further
Once Inside An Infected System, The Hackers Could Download More Malicious Tools And Steal Employee Credentials To Gain Access To More Critical Parts Of The Network — Collecting Information Or Altering Data Or Processes There
There Is Currently No Evidence That The Hackers Used The Backdoor In The SolarWinds Software To Gain Access Into The 15 Electric, Oil, Gas, And Manufacturing Entities That Were Infected With The Software
It May Not Be Possible To Uncover Such Activity If The Attackers Did Access Them And Burrow Further Into The Industrial Control Networks Because Critical Infrastructure Entities Generally Don’t Do Extensive Logging And Monitoring Of Their Control System Networks
Hackers Came In Through The Infected OEMs Instead, Using Those Companies’ Credentials And Privileged Access, It Could Be Even More Difficult For OEM Customers To Spot The Hackers’ Activity Since It Would Look Legitimate
“It’s So Many Different People In The Government [Attributing This To Russia], You Wouldn’t Get This Sort Of Statement If There Wasn’t Something There” Says James Lewis Former Govt Official Who Oversees Cybersecurity Programs At The Center For Strategic & International Studies
Interestingly.. In 2012, Hackers Believed To Be From China Breached An OEM Called Telvent And Stole Engineering Drawings And Accessed Files Used To Program Industrial Control Systems. Telvent Is A Division Of Schneider Electric That Is Headquartered In Spain
Its Software Is Used In Oil And Gas Pipelines Across The U.S. And Canada, As Well As Some Water Control System Networks. The Breach Raised Concerns At The Time That The Hackers Could Have Embedded Malicious Code In The Software To Infect Customer Control Systems
Conflicting Statements Arise Between Mitt Romney And Suzanne Spaulding, Former Undersecretary For The Department Of Homeland Security Who Led The Division That Oversees Critical Infrastructure Security
Rob Lee, CEO Of Dragos Is A Very Particular Individual....
• • •
Missing some Tweet in this thread? You can try to
force a refresh
