#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

power grid | Breaking Cybersecurity News | The Hacker News

Category — power grid
Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems

Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems

Aug 12, 2024 Critical Infrastructure / Vulnerability
Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. "If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing blackouts," Bitdefender researchers said in an analysis published last week. The vulnerabilities have been addressed by Solarman and Deye as of July 2024, following responsible disclosure on May 22, 2024. The Romanian cybersecurity vendor, which analyzed the two PV monitoring and management platforms, said they suffer from a number of issues that, among others, could result in account takeover and information disclosure. A brief description of the issues is listed below - Full Account Takeover via Authorization Token Manipulation Using the /oauth2-s/oauth/token API endpoint  Deye...
Chinese Hacker Groups Continue to Target Indian Power Grid Assets

Chinese Hacker Groups Continue to Target Indian Power Grid Assets

Apr 08, 2022
China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a  concerted campaign  targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named  ShadowPad , according to Recorded Future's Insikt Group, a sophisticated remote access trojan which has been  dubbed  a "masterpiece of privately sold malware in Chinese espionage." "ShadowPad continues to be employed by an ever-increasing number of People's Liberation Army (PLA) and Ministry of State Security (MSS)-linked groups, with its origins linked to known MSS contractors first using the tool in their own operations and later likely acting as a digital quartermaster," the researchers  said . The goal of the sustained campaign, the cybersecurity company said, is to facilitate intelligence gathering pertaining to critical infrastructure systems in preparation for future contingency...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Nov 22, 2024Google Workspace / SaaS Backup
Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamless digital transformation that's both scalable and adaptable. As companies shift from traditional, on-premises setups focused on device security, to more user-centered, hybrid models, Google Workspace is perfectly positioned to support this evolution. Now, the user account itself is the central hub, allowing access from any device or location — a game changer in today's remote and distributed work environments. However, with all this connectivity and flexibility comes a challenge. Google Workspace connects to countless apps and touches every user in the organization, making it an appealing target for cybercriminals. The platform's internet accessibility opens up additional entry points, raisi...
Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities

Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities

Mar 23, 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in an advisory published on March 16. GE's universal relays enable  integrated monitoring and metering, high-speed communications, and offer simplified power management for the protection of critical assets. The flaws, which affect a number of UR advanced protection and control relays, including B30, B90, C30, C60, C70, C95, D30, D60, F35, F60, G30, G60, L30, L60, L90, M60, N60, T35 and T60, were addressed by GE with the release of an updated version of the UR firmware (version 8.10) made available on December 24, 2020. The patches resolve a total of nine vulnerabilities, the most importan...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions

Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions

Mar 01, 2021
Amid heightened  border tensions  between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two nations in May 2020, targeted a total of 12 organizations, 10 of which are in the power generation and transmission sector. "10 distinct Indian power sector organizations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure," Recorded Future  said  in a report published yesterday. "Other targets identified included 2 Indian seaports." Chief among the victims include a power plant run by National Thermal Power Corporation (NTPC) Limited and New Delhi-based Power...
Dragonfly 2.0: Hacking Group Infiltrated European and US Power Facilities

Dragonfly 2.0: Hacking Group Infiltrated European and US Power Facilities

Sep 07, 2017
The notorious hacking group that has been in operation since at least 2011 has re-emerged and is still interested in targeting the United States and European companies in the energy sector. Yes, I am talking about the ' Dragonfly ,' a well-resourced, Eastern European hacking group responsible for sophisticated cyber-espionage campaigns against the critical infrastructure of energy companies in different countries in past years. In 2014, we reported about the Dragonfly groups ability to mount sabotage operations against their targets—mainly petroleum pipeline operators, electricity generation firms and other Industrial Control Systems (ICS) equipment providers for the energy sector. Researchers from cyber security firm Symantec who discovered the previous campaign is now warning of a new campaign, which they dubbed Dragonfly 2.0 , saying "the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so" and has ...
Critical Flaws Found in Solar Panels Could Shut Down Power Grids

Critical Flaws Found in Solar Panels Could Shut Down Power Grids

Aug 08, 2017
A Dutch security researcher has uncovered a slew of security vulnerabilities in an essential component of solar panels which could be exploited to cause widespread outages in European power grids. Willem Westerhof, a cybersecurity researcher at Dutch security firm ITsec, discovered 21 security vulnerabilities in the Internet-connected inverters – an essential component of solar panel that turns direct current (DC) into alternating current (AC). According to Westerhof, the vulnerabilities leave thousands of Internet-connected power inverters installed across Europe vulnerable. Westerhof demonstrates that it is possible for hackers to gain control of a large number of inverters and switch them OFF simultaneously, causing an imbalance in the power grid that could result in power outages in different parts of Europe. The vulnerabilities affect solar panel electricity systems, also known as photovoltaics (PV), made by German solar equipment company SMA, which if exploited in mass...
Dangerous Malware Discovered that Can Take Down Electric Power Grids

Dangerous Malware Discovered that Can Take Down Electric Power Grids

Jun 12, 2017
Last December, a cyber attack on Ukrainian Electric power grid caused the power outage in the northern part of Kiev — the country's capital — and surrounding areas, causing a blackout for tens of thousands of citizens for an hour and fifteen minutes around midnight. Now, security researchers have discovered the culprit behind those cyber attacks on the Ukrainian industrial control systems. Slovakia-based security software maker ESET and US critical infrastructure security firm Dragos Inc. say they have discovered a new dangerous piece of malware in the wild that targets critical industrial control systems and is capable of causing blackouts. Dubbed " Industroyer " or " CrashOverRide ," the grid-sabotaging malware was likely to be used in the December 2016 cyber attack against Ukrainian electric utility Ukrenergo , which the security firms say represents a dangerous advancement in critical infrastructure hacking. According to the researchers, CrashO...
Hackers Suspected of Causing Second Power Outage in Ukraine

Hackers Suspected of Causing Second Power Outage in Ukraine

Dec 21, 2016
The same group of hackers that caused the power outage across several regions in Ukraine last Christmas holidays might have once again shut down power supply in northern Ukraine during the weekend. According to Ukrainian energy provider Ukrenergo, a cyber attack on Kyiv's power grid may have caused the power outages in the country on Saturday, December 17, near midnight. The blackout affected the northern part of Kiev, the country's capital, and surrounding areas, Ukrenergo Director Vsevolod Kovalchuk explained in a post on Facebook. Shortly after the incident, Ukrenergo engineers switched to manual mode and started restoring power in approximately 30 minutes in an effort to deal with the cyber attack. Power was fully restored after just an hour and fifteen minutes of the blackout. According to Kovalchuk, the one responsible for the weekend outage could be an "external interference through data network," however, the company's cybersecurity experts a...
Hackers Cause World's First Power Outage with Malware

Hackers Cause World's First Power Outage with Malware

Jan 05, 2016
SCADA system has always been an interesting target for cyber crooks, given the success of Stuxnet malware that was developed by the US and Israeli together to sabotage the Iranian nuclear facilities a few years ago, and " Havex " that previously targeted organizations in the energy sector. Now once again, hackers have used highly destructive malware and infected, at least, three regional power authorities in Ukraine, causing blackouts across the Ivano-Frankivsk region of Ukraine on 23rd December. The energy ministry confirmed it was investigating claims a cyber attack disrupted local energy provider Prykarpattyaoblenergo, causing the power outage that left half of the homes in Ivano-Frankivsk without electricity just before Christmas. According to a Ukrainian news service TSN, the outage was the result of nasty malware that disconnected electrical substations. Related Read: Dragonfly Russian Hackers Target 1000 Western Energy Firms . First Malware to...
Expert Insights / Articles Videos
Cybersecurity Resources