Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Privacy

Chinese Hackers Sat Undetected in Small Massachusetts Power Utility for Months (pcmag.com) 22

Posted by BeauHD from the behind-the-scenes dept.
In late 2023, the FBI alerted the Littleton Electric Light and Water Departments (LELWD) that it had been breached by a Chinese-state-sponsored hacking group for over 300 days. With the help of cybersecurity firm Dragos and Department of Energy-funded sensors, LELWD confirmed the intrusion, identified the hackers' movements, and ultimately restructured its network to remove them. PCMag reports: At the time, LELWD had been installing sensors from cybersecurity firm Dragos with the help of Department of Energy grants awarded by the American Public Power Association (APPA). "The sensors helped LELWD confirm the extent of the malicious activity on the system and pinpoint when and where the attackers were going on the utility's networks," the APPA said last year. Today, Dragos released a case study (PDF) about the hack, which it blamed on Voltzite, a "sophisticated threat group...that overlaps with Volt Typhoon."

The call from the FBI forced Dragos "to deploy quickly and bypass the planned onboarding timeline" for the LELWD, it says. It discovered that Volt Typhoon "had persistent access to LELWD's network." Hackers were looking for specific data related to [operational technology] operating procedures and spatial layout data relating to energy grid operations," Dragos tells SecurityWeek. In the end, Dragos confirmed the compromised systems did not contain "customer-sensitive data," and LEWLD changed their network architecture to kick Volt Typhoon out, the case study says. Groups like Volt Typhoon, "don't always go for high-profile targets first," said Ensar Seker, Chief Security Officer at SOCRadar. "Small, underfunded utilities can serve as low-hanging fruit, allowing adversaries to test tactics, develop footholds, and pivot toward larger targets."

Chinese Hackers Sat Undetected in Small Massachusetts Power Utility for Months More | Reply

Chinese Hackers Sat Undetected in Small Massachusetts Power Utility for Months

Comments Filter:

  • Sitting (Score:5, Funny)

    by phantomfive ( 622387 ) on Thursday March 13, 2025 @10:11PM (#65231957) Journal
    I really wonder how they got nourishment. Didn't anyone notice the food trucks bringing them food, as they were sitting alone in a power utility?

    “The limits of my language means the limits of my world.”-- Ludwig Wittgenstein. Wittgenstein didn't sit.

    • You'd think someone would also have noticed the extra toilet paper being used.

    • "living off the land" attack strategies are extremely popular. Way lower risk of signature-based detections than bringing in your own custom attack tools.
    • Those poor hackers must have been bored to death.

    • I really wonder how they got nourishment. Didn't anyone notice the food trucks bringing them food, as they were sitting alone in a power utility?

      You beat me to it - although I was also going to question where they went to the bathroom, and how the smell didn't give them away after being unable to bathe for the better part of a year.

    • You guys are so funny. But in all seriousness, there were never any humans involved, as it's all AI doing the hacking today. Just imagine the twisted shit that the communist mind is coming up with for AI....

    • That's easy. They were the ones stealing everyone's lunch out of the fridge, not Phill from accounting.

  • And demand $BITCOIN to fund North Korea's nuclear program?

  • Chinese Hackers Sat Undetected in Small Massachusetts Power Utility for Months

    Future DOGE employees?

    IKEA beds? Dressers? Inside the ‘exceedingly odd’ DOGE office setup [in the GSA Building] [politico.com]

    At the General Services Administration’s towering federal office building in downtown Washington, [DOGE] workers have set up at least four separate rooms on the 6th floor for sleeping, complete with beds from IKEA, lamps and dressers, according to two career GSA employees.

    The agency is also considering spending about $25,000 to install a washer and dryer on the building’s 6th floor, according to a Feb. 25 invoice obtained by POLITICO. There is also a child’s play area decorated with a stuffed animal and toys, according to a photo of the room shared with POLITICO.

    “People are definitely sleeping there,” said one GSA staffer.

    • If installation of one washer and one dryer in any building that already has power and running water costs 25.000 USD, you have your government inefficiency sticking out like a sore thumb right there.

    • Yeah, Politico is pretty sore about having all of those subscriptions cancelled.
  • At first I thought that the name Littleton Electric Light and Water Departments was a bit redundant until I considered the ramifications of calling it Littleton Electricity and Water Departments.

  • FBI handling of this is nuts (Score:4, Insightful)

    by Sethra ( 55187 ) on Friday March 14, 2025 @12:14AM (#65232111)

    You an FBI team that has identified an infrastructure security breech and your action is to call the facility, ask for a private email address, and tell them to click on the link to download a program and "diagnose the problem"?

    What exactly is the lesson here? To condition people to accept this as a standard practice?

    They should have dispatched an FBI OpSec guy to the facility, provided all the proper identification, and then worked directly with the manager to rectify the intrusion.

  • 1) They're good enough to get in but not good enough to avoid a trail back to them? Could it have been someone else? I know if I were to hack somewhere, at least one jumphost would be in Yandex cloud, another in Ali. Let's be honest, jump hosts don't really add complexity.

    2) Is the US just victims or do they have an offense as well? Is it even slightly effective? Can the American hackers read Chinese?

    • Yeah, VAULT-7 comes immediately to mind. How can they tell the difference between the real hackers and the cia making it look like them. Actually, how can we believe anything from these people when they're just part of an apparatus proven to disparage China (and others).

  • > LELWD’s cybersecurity journey with Dragos began through one of APPA’s government funded programs.

    Yet More free Government money (YMFGM)

    Hunting Active Threats in Littleton’s Grid with the Dragos Platform and OT Watch [dragos.com]

    No actual technical information in this “case study”. How about not putting your critical infrastructure and the Internet.
  • The power grid is one the last civilian things that should be automated online or radio control.Just don't be stupid.

Slashdot Top Deals

We all agree on the necessity of compromise. We just can't agree on when it's necessary to compromise. -- Larry Wall

Close