Oh, good: Iranian hackers trying to break into the American energy grid
posted at 2:31 pm on May 25, 2013 by Erika Johnsen
There has been plenty of focus on the amped-up levels of cyber-intrusion coming from China’s part of the globe lately, on which the Pentagon finally and officially called them out earlier this month, although they will deny, deny, deny in tones of shocked indignation ’til the cows come home. Not only do the Chinese have a robust domestic culture of commercial and government hacking (much of which is to keep voices of political dissent on lockdown — communism doesn’t just work on its own, you know), but the intellectual property theft and espionage they get up to with American and other foreign agencies and businesses is an insidious threat to both national security and free markets.
China is not the only one in the business of relentlessly trying to break into the many the digitized aspects of American political and civilian life, however. As you might imagine, certain Middle Eastern parties have — among other things — several reasons for a very definite interest in our energy grid and its smooth operations, and the WSJ reported this week that Iranian-based hackers are giving the Chinese a run for their money, and might even be the bigger threat because of their more openly hostile intent.
Iranian-backed hackers have escalated a campaign of cyberassaults against U.S. corporations by launching infiltration and surveillance missions against the computer networks running energy companies, according to current and former U.S. officials. …
U.S. officials consider this set of Iranian infiltrations to be more alarming than another continuing campaign, also believed to be backed by Tehran, that disrupts bank websites by “denial of service” strikes. Unlike those, the more recent campaigns actually have broken into computer systems to gain information on the controls running company operations and, through reconnaissance, acquired the means to disrupt or destroy them in the future, the U.S. officials said. …
The latest campaign, which the U.S. believes has direct backing from the Iranian government, has focused on the control systems that run oil and gas companies and, more recently, power companies, current and former officials said. Control systems run the operations of critical infrastructure, regulating the flow of oil and gas or electricity, turning systems on and off, and controlling key functions. …
Current and former U.S. officials wouldn’t name the energy companies involved in the attacks. or say how many there were. But among the targets were oil and gas companies along the Canadian border, where many firms have operations, two former officials said.
Yikes. The ‘suspected’ Iranian hackers are not quite on on China’s level in terms of infiltration prowess, but they are diligently working to develop their nefariously-applied skills further, via Foreign Policy:
The Middle Eastern hackers aren’t “in any way” as sophisticated as groups like APT1, according to Bejtlich. “The limited activity that we’ve seen seems to be almost educational on their part, it seems like they’re trying to determine what it’s like to operate on a live network.”
While Chinese hackers know what antivirus software to expect, how the network will be built, and even how its defenders will react to their presence, “the Iranians don’t tend to have that, from what we see but we think they’re taking steps now to develop those skills,” said Bejtlich.
He went on to say this activity may be a “leading indicator” that Iranian espionage operatives may be gearing up to conduct more advanced online operations. …
Rep. Mike Rogers, chair of the House Intelligence Committee has said that Iranian hackers may pose the biggest threat of a destructive cyber attack to the United States.
The Pentagon has been working on initiatives to robustly expand the United States’ cyber forces in preemptive defense of what former Secretary Leon Panetta called a potential “cyber-Peal Harbor”… and it sounds like we’re definitely going to be needing it.