North Korea Tried to Spearphish US Power

A number of people employed at US power companies recently received invitations to a charity event via an email with an invitation file attached. It was, as you’ve probably guessed, not actually an invitation to an event to help people, but something with quite the opposite intent. Anybody who downloaded and opened the attachment would have had their computer infected with malware from North Korea, which could potentially have led to a compromised power grid.

Fortunately, the recipients were trained enough not to open the attachment and no system were compromised. It’s an alarming sign, however, as cybersecurity experts have been warning us for quite a while that the power grid is a juicy target for state-sponsored hackers.

Particularly worrisome is that not all utility and power companies are equally savvy. There’s a huge disparity in how much money different companies are able to spend on things like cybersecurity, and all a hacker potentially needs is one foot in the door to cause trouble.

No matter the size of your company, a little bit of security awareness training can make a huge difference, because all it can take for a hacker to take control of an entire computer network is one person opening one well-disguised file in an email. If you’re not sure how well-versed your employees are on recognizing even the most common cybersecurity threats, sign up for security awareness training today.

image_pdfimage_print

Leave a Reply