In January 2019, the Wall Street Journal published an article that reconstructs what it called “the worst known hack into the nation’s power system.” The article tells the story of how a foreign government used clever attacks to infiltrate a small construction company, but the construction company was not the ultimate target. They were trying to hack into the power grid, but instead of striking the utilities head on, they established tiny footholds in the contractors and subcontractors of the power utilities. In this case study, we will examine the attack vectors and techniques that were likely used by the attackers. Then we will identify the security deficiencies and how they can be mitigated to protect organizations from similar incidents.
- Businesses, operating in a cyber world, no matter their size, can all be targets of cyber attacks
- Lessons learned from attacks against the power grid
- Security controls to protect your organizations
- The tactics, techniques and procedures modern attackers are using
Technical Level: Medium