Electric utilities are grappling with the fallout from one of the most significant cyber intrusions in years, as the far-reaching impact of a sophisticated hacking campaign comes into sharper focus.
Four days after the supply chain cyberattack on IT service provider SolarWinds was revealed, details on its global victims — from federal agencies to oil and electricity companies — are still emerging (Energywire, Dec. 15).
The SolarWinds software hijacked by suspected Russia-linked hackers was widely used by U.S. power providers, experts say, leaving many companies scrambling to find out if they’re affected by the breach. And sources say a simple software update or patch won’t erase the threat from the “Sunburst” malware: Organizations targeted by the hackers will likely have additional malware installed that could be difficult to find.
“Any organization that says, ‘Yep, we got it solved. It’s all good,’ in the next 90 days: I would respectfully disagree,” said Jim Guinn, global managing director for cybersecurity in energy, chemicals, utilities and mining at Accenture.
The number of agencies and organizations that may have been hit by the cyber espionage campaign is unclear. Reuters first reported that the Commerce, Treasury and Homeland Security departments were among those targeted. The list of agencies has since grown to include the State Department and the Pentagon, The New York Times reported, citing anonymous sources familiar with the ongoing investigations.
In a joint statement yesterday, DHS’s Cybersecurity and Infrastructure Security Agency, the FBI and the Office of the Director of National Intelligence said they have formed a “Cyber Unified Coordination Group to coordinate a whole-of-government response” to the hacking campaign.
“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within…