Sophisticated Hacking in Energy Industry Compromises Industrial Secrets

There’s an interesting story in the New York Times today by Nicole Perlroth which describes the efforts of sophisticated Russian hackers to obtain sensitive and protected information from hundreds of Western oil and gas companies in addition to energy investment firms. The goals of these hackers does not seem to be to damage or disrupt operations; no physical damage is being caused — rather they are seeking to uncover technical, financial and strategic information. The hackers have been able to affect over 1000 organizations in 84 countries.

Perlroth writes that the hackers, identified as ‘Dragonfly’ or ‘Energetic Bear’, have been able to hide malware in industrial control software programs used widely in the energy industry (not named) and through this mechanism are able to reside within corporate information systems where they can scan for sensitive information. The hackers have also been able to infect popular websites frequented by people in the energy industry. They have been able to infect not only software, but also hardware, Perlroth writes:

“In some cases, researchers found evidence that the hackers were probing the core of victims’ machines, the part of the computer known as the BIOS, or basic input/output system. Unlike software, which can be patched and updated, once a computer’s hardware gets infected, it typically becomes unusable.”

Thinking of this in the context of what we discuss here makes me wonder how hard competitors might work to uncover secrets behind any commercial LENR technology. Certainly Industrial Heat are very aware of the value of the intellectual property and technological information they hold, and will surely be taking steps to protect proprietary information.

As in this case, however, it seems unrealistic to expect that you can build an impregnable barrier around any technology with so many experts employed in looking for secrets using powerful hacking tools and strategies.

We have noted Industrial Heat’s current lack of communication. Maybe they are being as quiet as possible so as to avoid drawing attention to themselves from people who would surely be interested in using the kinds of espionage techniques mentioned in the NYT to gather information about their technology. It’s likely that efforts are already underway to discover the E-Cat’s secrets, but not on the massive scale which will likely take place if and when the E-Cat is finally widely recognized as being a revolutionary energy source.

  • Omega Z

    Hard to comprehend why many of these systems are even connected to the internet. Power plants, water treatment Etc..
    Sooner or latter, Serious consequences will take place & another War will come about. Because a few idiots want to be able to surf the net when he’s supposed to be doing his job.

    I have an Internet security plan for them Disconnect. No external devices brought in. No Viruses down or up loaded.

    • JDM

      Sprawling systems are more efficient to monitor from a central point. Short of each building their own complete infrastructure for connectivity, existing networks (cable, wireless, phone lines) are the only real alternative for these SCADA systems to interconnect. Web browsing by a few idiots can easily be firewalled.

      • Omega Z

        After posting this, I came across information that the U.S. Government has a totally separate trunk line from the public net. No reason this couldn’t be done for Power Plants.

        Note that there is no computer architecture or their peripherals in production today that can’t be hacked. Firewalls merely slows the hackers down. It can not stop them. A false sense of security does not help.

  • James Thomas

    The selfish must always fight to keep their secrets safe, that’s just the way the greed game is played.
    Those of the rare and truly noble breed who genuinely place humanities and the planets needs above their own — like MFMP, don’t waste energy or resources in this arena. They actually invite and welcome surveillance and inquiry. The more the merrier. Something incomprehensible to most.

    • Maxfield Q Norse

      Because of the great benefit provided to humanity by the exceptional few who contribute something new to human capability, societies around the world have established protections so that they my have the opportunity to benefit from their own work, and are this afforded a chance to provide further good to mankind. We call this the patent.

      The process has become corrupt, but the underlying truth of their contributions and the need to offer them shelter from those who would steal there work out from under them remains. The greedy are those who would steal the works of others. The benevolent are those who produce something which benefits mankind through honest action.

      Is the farmer selfish growing all those fields, just to bring them to market and sell them for coin? What right has that bastard to hoard the earth for his own benefit?
      Burn all the farms! These are the cries of the greedy. When the greedy flourish societies die.

  • Paul

    Many companies not take adequate countermeasures against hacking. We do not know whether Our Heroes are included in this list or not, but they see a too small company (about 7 people or something like that) to have a full-time dedicated IT guy. So, I would not be surprised to see their IP fly away some day, if not yet happened.

  • Gerard McEk

    In at least the nuclear sector it is quite common to fully separate the internet cloud, the intranet and the plant control systems fully. There may only be a very sophisticated and in-penetrable one way out communication possible between the Plant Control System (PCS) and the intranet. The weak point are people working in the sector who may use infected sticks or computers. Via that way it can be quite effective to attack the essential PCS computers and change the local controllers (PLC’s) as STUXNET did in Iran. I would be very reserved to buy protection hardware on the commercial market nowadays, because I am quite convinced that this can be manipulated in some way. I would recommend to build your own simple firewall and use at least three protection levels. Do not allow people to walk in and out the gate with computers or media (stics, CD’s, DVD’s, hard disks, etc.). Do not use WiFi or BlueTooth. Keep access to servers locked and monitored. Use monitoring software on these servers, looking for changes and statuses of gates etc. Make all people aware about this and change the mind setting of all personnel to be critical and be looking for suspicious behaviour of computers, colleagues and others. When you have done all that, even then I am sure you have something overlooked and the spy will find it…, but it may take a bit more time to penetrate.

  • Buck

    Vladimir Putin may soon be told, if it hasn’t already occurred recently, that in the near future he will no longer be able to use Russian Oil & Gas supplies as a tool of aggression.