Breaking News
Get Actionable Insights with InvestingPro+: Start 7 Day FREE Trial Register here
Investing Pro 0
Ad-Free Version. Upgrade your Investing.com experience. Save up to 40% More details

U.S. says advanced hackers have shown ability to hijack critical infrastructure

Stock Markets Apr 13, 2022 06:00PM ET
Saved. See Saved Items.
This article has already been saved in your Saved Items
 
© Reuters. FILE PHOTO: A warning sign at the perimeter of a transfer line area is seen at the Dominion Cove Point Liquefied Natural Gas (LNG) terminal in Lusby, Maryland March 18, 2014. REUTERS/Gary Cameron (UNITED STATES)/File Photo

By Christopher Bing and Raphael Satter

WASHINGTON (Reuters) -Advanced hackers have shown they can take control of an array of devices that help run power stations and manufacturing plants, the U.S. government said in an alert https://www.cisa.gov/uscert/ncas/alerts/aa22-103a on Wednesday, warning of the potential for cyber spies to harm critical infrastructure.

The U.S. Cybersecurity and Infrastructure Security Agency and other government agencies issued a joint advisory saying the hackers' malicious software could affect a type of device called programmable logic controllers made by Schneider Electric (EPA:SCHN) and OMRON Corp.

OMRON did not immediately return a message seeking comment. A Schneider spokesperson confirmed it had worked with U.S. officials to defend against the hackers, calling it "an instance of successful collaboration to deter threats on critical infrastructure before they occur."

The controllers are common across a variety of industries - from gas to food production plants - but Robert Lee, chief executive of cybersecurity firm Dragos, which helped uncover the malware, said researchers believed the hackers' intended targets were liquefied natural gas and electric facilities.

In its alert, the Cybersecurity Agency urged critical infrastructure organizations, "especially Energy Sector organizations," to implement a series of recommendations aimed at blocking and detecting the cyber weapon, named Pipedream.

Although the government warning was vague - it did not say which hackers were behind the malware or if it had actually been used - it sent concern coursing across the industry.

In a sign of how seriously the discovery was being taken, CISA said it was making its announcement alongside the Energy Department, the National Security Agency and the FBI.

Programmable logic controllers, or PLCs, are embedded in a huge number of plants and factories and any interference with their operation has the potential to cause harm, from shutdowns to blackouts to chemical leaks, wrecked equipment or even explosions.

Lee said the tool developed by the mystery hackers was "highly capable" and had likely been in the works for several years.

"It is as dangerous as people are making it out to be," Lee said in an interview.

Western cybersecurity officials are already on edge over Russia's invasion of Ukraine and the deployment of malware aimed at causing electrical outages.

Sergio Caltagirone, Dragos' vice president of threat intelligence, said Pipedream could be understood as a "toolbox" of different hacking tools. Each component offers a different way to subvert normal controls, giving the hackers a variety of options to launch attacks.

For example, Caltagirone said that one of the tools within Pipedream would have allowed the attackers to damage Schneider Electric's PLC in such a way that it would need to be entirely replaced.

"Because of existing supply chain challenges it could take longer to get replacement controllers after such an attack," Caltagirone said. "What this means is a liquefied natural gas facility might be out of commission for months."

U.S. says advanced hackers have shown ability to hijack critical infrastructure
 

Related Articles

Walgreens Boots Earnings, Revenue Beat in Q3
Walgreens Boots Earnings, Revenue Beat in Q3 By Investing.com - Jun 30, 2022

Investing.com - Walgreens Boots (NASDAQ:WBA) reported on Thursday third quarter earnings that beat analysts' forecasts and revenue that topped expectations. Walgreens Boots...

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with other users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind:  

  •            Enrich the conversation, don’t trash it.

  •           Stay focused and on track. Only post material that’s relevant to the topic being discussed. 

  •           Be respectful. Even negative opinions can be framed positively and diplomatically. Avoid profanity, slander or personal attacks directed at an author or another user. Racism, sexism and other forms of discrimination will not be tolerated.

  • Use standard writing style. Include punctuation and upper and lower cases. Comments that are written in all caps and contain excessive use of symbols will be removed.
  • NOTE: Spam and/or promotional messages and comments containing links will be removed. Phone numbers, email addresses, links to personal or business websites, Skype/Telegram/WhatsApp etc. addresses (including links to groups) will also be removed; self-promotional material or business-related solicitations or PR (ie, contact me for signals/advice etc.), and/or any other comment that contains personal contact specifcs or advertising will be removed as well. In addition, any of the above-mentioned violations may result in suspension of your account.
  • Doxxing. We do not allow any sharing of private or personal contact or other information about any individual or organization. This will result in immediate suspension of the commentor and his or her account.
  • Don’t monopolize the conversation. We appreciate passion and conviction, but we also strongly believe in giving everyone a chance to air their point of view. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at Investing.com’s discretion.

Write your thoughts here
 
Are you sure you want to delete this chart?
 
Post
Post also to:
 
Replace the attached chart with a new chart ?
1000
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
Comments (4)
CS Greer
CSGreer Apr 13, 2022 7:03PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
The big question is: Why even make so much critical infrastructure vulnerable?
Roger Miller
Roger Miller Apr 13, 2022 6:14PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
Maybe if we shut down the power grid for just two weeks we can slow the hackers.
Mart Bab
Rubberduck1973 Apr 13, 2022 6:06PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
Simple. Cut all critical installations from internet and you will be ok. Internet is a highway for criminals to your doorstep
Meself Meself
Meself Meself Apr 13, 2022 5:18PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
We should definitely infringe on whatever personal freedom is left! You will own nothing and be happy- Klaus swab
 
Are you sure you want to delete this chart?
 
Post
 
Replace the attached chart with a new chart ?
1000
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's Investing.com's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Report this comment

I feel that this comment is:

Comment flagged

Thank You!

Your report has been sent to our moderators for review
Continue with Google
or
Sign up with Email