430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin

US officials believe that a drone was employed in an attempted attack on a power substation in Pennsylvania last year.  US officials believe threat actors used a drone in an attempted attack on a power substation in Pennsylvania last year. The attackers used a DJI Mavic 2 quadcopter-type drone, with a thick copper wire attached underneath it via […]

drone critical infrastructure attack

US officials believe that a drone was employed in an attempted attack on a power substation in Pennsylvania last year. 

US officials believe threat actors used a drone in an attempted attack on a power substation in Pennsylvania last year.

The attackers used a DJI Mavic 2 quadcopter-type drone, with a thick copper wire attached underneath it via nylon cords. According to a federal law enforcement bulletin obtained by ABC News and CNN, the small UAV crashed near a Pennsylvania power substation and was used to damage the power grid. Federal officials issued the bulletin to raise awareness about the threat of drones to critical infrastructure

“The July 2020 incident is the first known case of a “modified unmanned aircraft system likely being used in the United States to specifically target energy infrastructure,” states the October 28 memo from the FBI, Department of Homeland Security and the National Counterterrorism Center. That statement is based on a review of drone incidents dating back to 2017.” reported ABC7 News.

The drone was modified to create a “short circuit to cause damage to transformers or distribution lines, based on the design and recovery location.” The drone “appeared to be heavily worn, indicating it was flown previously and was modified for this single flight.”

The good news is that the drone crashed on a rooftop near the unidentified substation, for this reason it did not damage the electricity supply or equipment.

TheDrive website revealed the location of the crash with the support of a reader.

“A reader has been able to identify the location of the electrical substation and where the drone was recovered based on the partial map from JIB. The substation and adjacent building are across the way from the Hershey Company’s old chocolate factory in Hershey, Pennsylvania. This is also relatively close to the Hersheypark amusement park.” reads TheDrive website.

drone critical infrastructure attack
Source: ABC7 website

The memo did not attribute the attack to a specific threat actor.

As drones have become cheap and easy to command, they could represent a serious threat in the hands of attackers that could use them to target critical infrastructure.

“[W]e expect illicit [unmanned aircraft system] activity to increase over the energy sector and other critical infrastructure facilities as use of these systems in the United States continues to expand,” concludes the intelligence bulletin.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, drone)

[adrotate banner=”5″]

[adrotate banner=”13″]