U.S. accuses Russia of hacking power plants

Hackers are in the U.S. electricity network already, according to the Trump administration — and it's been traced to Russia.

The Department of Homeland Security released screenshots and technical information describing the attacks on critical infrastructure including nuclear facilities, other power plants and water infrastructure across both the U.S. and Europe.

These attacks, according to the U.S. report were a part of a multi-year campaign to breach critical industries and gain control over the most important parts of infrastructure without detection. 


Not only is the detailed report of what was uncovered fascinating reading, it's mortifying to see the steps and breadth of the attacks.

While attackers did not breach the control networks at power facilities, which are designed as air-gapped systems with no access to the outside, they certainly gained access to basically everything else.

The screenshot above of an energy facility's systems was pieced together from files after investigators discovered the attackers accessed networks by way of hidden remote control software (VNC) on machines that aren't actually connected to the internet.

To gain access, the attackers break in via more conventional means, including a convoluted set of steps with spear-phishing emails, watering hole domains, virus installation and propagation through network shares. In other words, this was a crafted attack, designed for where it ended up.

It's unclear what prompted the curtain to be lifted on this campaign, which has been in progress since at least 2016, but it's an attack on a new scale with no real precedent — or simple method for detection and evasion.

The report details a 17-step procedure to detect such compromises, which are hidden in plain sight in many cases, further demonstrating how difficult it is to secure even the most critical systems in the world — I'm only half-surprised we're seeing this level of attack now.

In response, the U.S. is placing sanctions on Russia for these attacks, along with election meddling. Perhaps it's an idea to just not put crucial industry stuff online in the first place, but that's easier said than done.

Tab Dump

Microsoft launches cloud gaming division
I wondered why we're not seeing technology like this now that internet speeds are getting better, but it's finally happening: Microsoft is investing in streaming games from the internet so you don't need expensive hardware to play.

Intel redesigned hardware to kill Spectre attacks
Next generation Xeon and desktop CPUs are already fixed, which is an impressive turnaround. Code updates for older CPUs all the way back to Nehhalem and Westmere, the first 'Core 2' chips released more than a decade ago, are coming too.

Android Wear is now Wear OS
Google says a huge chunk of users with a Wear device use iOS, so it's making it less Android-specific to remove confusion. I'd love to see a Pixel watch.

Nest finally ships a temperature sensor
As someone with a weird house that's either cold in the back or front at any given time, this is a godsend. 

The EU wants a copyright filter for uploaded content (including code)

The first US city to pass a Bitcoin mining ban