DHS officials said the hackers last summer got access to vendors who provide computer services to electric utilities, and used that as a way in.
ADVERTISEMENTWASHINGTON — The Department of Homeland Security told representatives of electric utilities Monday about a round of efforts by Russian hackers last year to target control systems for electric power plants and grids.
In an unclassified webinar, DHS officials said the hackers last summer got access to vendors who provide computer services to electric utilities, and used that to provide a way into power company control systems.
"This activity took place last summer. While hundreds of energy and non-energy companies were targeted, the incident where they gained access to the industrial control system was a very small generation asset that would not have had any impact on the larger grid if taken offline," a DHS spokeswoman, Lesley Fulop, said in a statement today.
"Over the course of the past year as we continued to investigate the activity, we learned additional information which would be helpful to industry in defending against this threat."
The webinar was first reported by The Wall Street Journal.
DHS has been warning the industry for years about efforts to target power plants and other utilities with cyber attacks. One of the ways utilities have responded has been to take their control systems off the Internet, so they cannot be easily hacked. The webinar said the latest Russian effort involved the roundabout means of getting access through third-party vendors.