Hackers target Irish energy networks amid fears of further cyber attacks on UK's crucial infrastructure

'Spear phishing' attacks targets senior engineers in effort to access system

Lizzie Dearden@lizziedearden
Saturday 15 July 2017 16:42
comments
The attack follows global ransomware attacks and an attempt targeting the Houses of Parliament
The attack follows global ransomware attacks and an attempt targeting the Houses of Parliament

Hackers have targeted Irish energy networks amid warnings over the potential impact of intensifying cyber attacks on crucial infrastructure.

Senior engineers at the Electricity Supply Board (ESB), which supplies both Northern Ireland and the Republic, were sent personalised emails containing malicious software by a group linked to Russia’s GRU intelligence agency, The Times reported.

Analysts told the newspaper the cyber attack intended to infiltrate control systems, giving hackers the power to take out part of the electricity grid with similar tactics that have caused mass outrages in Ukraine.

Ireland’s National Cyber Security Centre is investigating the attempt, which did not cause disruption to the network but may have allowed hackers to steal passwords and other information.

Oz Alashe, a former special forces Lieutenant Colonel and chief executive officer of cyber security platform CybSafe, characterised the attempt as a “spear phishing” attack.

Like regular phishing attacks, it involves the use of emails to illicit information or make the user click on a link to trigger malicious software, but utilises personal information on targets to heighten the chances of success.

Major organisations among those affected by worldwide cyber attack

Mr Alashe told The Independent there has been an increase in reported attacks on crucial national infrastructure around the world.

“Attribution is exceptionally hard to do but a large proportion of these attacks are believed to be state sponsored,” he added.

“You’re either trying to cause chaos, or just probe, or destabilise rather than make a financial gain.”

The analyst said that some countries are known to “outsource” the task to criminal groups, who may also sell on information for profit.

The attack in Ireland was revealed after American officials said Russian government-backed hackers were behind recent cyber attacks on US nuclear power stations.

The FBI and Department of Homeland Security sent a joint alert to the energy sector in June warning that that “advanced, persistent threat actors” were stealing network log-in and password information to access company networks.

In similar tactics to those seen in Ireland, officials said hackers had been sending tainted “phishing” emails containing malicious attachments to compromise their targets.

If the recent WannaCry cyberattack hasn’t got business leaders to sit up and take notice, GDPR will force them to

Concern over the potential impact of cyber attacks on crucial infrastructure has been mounting since the WannaCry ransomware attack caused chaos by spreading through the NHS’ IT network and around 150 countries in May.

It was followed by a “sustained and determined attack” on the Houses of Parliament’s email system in June and a second global ransomware attack using software known as Petya.

A report on vulnerabilities in British defence released by the Royal United Services Institute (RUSI) earlier this month warned of the growing threat of cyber attacks and threats to the West’s use of satellites in space.

Enemies could take out military and civilian communications and navigation systems, the report said, or target the UK’s economy and crucial IT infrastructure causing chaos and panic.

“In any major future conflict, an important part of the battle will be threats to the UK’s critical national infrastructure from hostile cyber operations,” RUSI’s report concluded.

“The cyber threat spectrum is not only relevant to defence but to government as a whole, especially to critical national infrastructure and the broader economy.”

Vladimir Putin has denied supporting hackers to launch cyber attacks on enemy states including Ukraine, or interfere in elections in the US, France and elsewhere.

Last month he conceded that “patriotically-minded” hackers may have meddled in the American presidential election but added: “We're not doing this on the state level.”

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments