Hundreds of contractors and subcontractors with connections to U.S. electric utilities and government agencies have been hacked, according to a recent report by the Wall Street Journal. The U.S. government has linked the hackers to a Russian state-sponsored group, sometimes called Dragonfly or Energetic Bear. The U.S. government alerted the public that the hacking campaign started in March 2016, if not earlier, although many of its victims were unaware of the incident until notified by the Federal Bureau of Investigation and Department of Homeland Security, the Wall Street Journal reports.
Instead of using sophisticated techniques to directly attack utilities companies, the hackers largely “exploited trusted business relationships using impersonation and trickery” to access the networks of U.S. electric utilities, such as by planting malware on sites of online publications frequently read by utility engineers and through clever spear phishing emails. According the article, Jonathan Homer, the Department of Homeland Security’s Chief of Industrial Control Systems Group, reported in a briefing to utilities last year that the hackers could have caused temporary power outages. While the exact number of utilities and vendors compromised is unknown the article goes on, industry experts say that the hackers likely still have access to some systems.