Unsurprisingly, the Democratic National Committee (DNC) is not the only organization vulnerable to Russian hackers. The infrastructures that allow you to live a comfortable modern life are at risk too.
As Bloomberg reports:
“Computer code connected to Russian cyberattacks by U.S. intelligence agencies has been found in a laptop computer at a Vermont electric utility, a development that emerged a day after the Obama administration hit Russia with sanctions for hacking during this year’s U.S. election.”
The discovery came after the Department of Homeland Security (DHS) warned owners of critical infrastructure that a unique code linked to the malware found in the DNC’s system could be lurking in their computers. The code turned up in multiple locations across the continent.
Once in a network, an unwarranted user could shut down the whole power grid, a particular concern in Vermont during the cold winter months.
A shut down is not a far-fetched concern. Bloomberg reports that Russian hackers used these same tactics to leave tens of thousands in western Ukraine without power in 2014 – the height of the separatist conflict in that country.
While the Vermont case was relatively small (it provides power to 16,000 residents in the city of Burlington), the same DHS scan revealed that an IP address linked to Ontario’s Hydro One, which services over 1.3 million homes in the province, was also affected. Four other Ontario electricity companies were also compromised, according to CTV News.
This is a staggering revelation. And worse, we’re only scratching the surface. The reality is that we have no idea just how deeply hackers have infiltrated our most critical infrastructure.
How did they get access in the first place?
The likely culprit is spear-phishing, in which fake emails lead readers to unknowingly give hackers their login usernames and passwords. It is the same technique that hit Hillary Clinton’s team and Ukraine’s power grid. These types of emails have become more sophisticated and harder to detect. Anyone working at a power station could become an innocent gateway for cyber-criminals.
Hackers will continue to improve their methods. The only one way to beat them is to use secure communication systems that are designed to ward off intelligence breeches. With a product like Evizone, it is impossible to spear-phish, as we have discussed in a previous blog post.
Whether you are an individual, own a small business, run a multibillion dollar publicly traded company, work for a state-owned utility, or are employed by a government department – you are at risk. The time to take action and prevent unwanted data infiltration is now.
About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, firstname.lastname@example.org