Senior engineers at the Electricity Supply Board (ESB), supplying Northern Ireland and the Republic, received personalised emails that contained malicious software. The senders have been linked to Russia’s GRU intelligence agency.
While the hacking attempt was unsuccessful in disrupting the network, hackers may have stolen critical passwords and other data.
The cyber attack, currently under investigation by Ireland’s National Cyber Security Centre, was aimed at penetrating control systems which would have given hackers the ability to shut down part of the electricity grid. The tactics are similar to those that caused recent mass outages in the Ukraine.
Spear phishing-making it personal
Oz Alashe, a former special forces Lieutenant Colonel and Chief Executive Officer of cyber security platform CybSafe, has labelled the hacking attempt as a “spear phishing” attack.
Like regular phishing attacks, it involves the use of emails to gain information or prompt the user to click on a link to trigger malicious software. The difference here is that it uses personal information on targets to increase the rate of success. Some of the fake emails sent to engineers reportedly contained inside technical knowledge about the plants that the hackers were trying to access.
Cybersecurity threats on the increase
The FBI and Department of Homeland Security sent a joint alert to the energy sector in June warning that “advanced, persistent threat actors” were stealing network log-in and password information to access company networks.
Ever since the WannaCry ransomware attack caused chaos by spreading through the NHS’ IT network and around 150 countries in May, concerns around cyber attacks on critical infrastructure have been growing.
A report on vulnerabilities in British defence, released by the Royal United Services Institute (RUSI) earlier this month warned of the growing threat of cyber attacks and threats to the West’s use of satellites in space.
According to the report, hackers have the potential to negatively affect military and civilian communications and navigation systems. They target the UK’s economy and crucial IT infrastructure which can cause significant causing chaos and panic.
“In any major future conflict, an important part of the battle will be threats to the UK’s critical national infrastructure from hostile cyber operations,” RUSI’s report concluded.
“The cyber threat spectrum is not only relevant to defence but to government as a whole, especially to critical national infrastructure and the broader economy.”