News: 0176706441

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Chinese Hackers Sat Undetected in Small Massachusetts Power Utility for Months (pcmag.com)

(Thursday March 13, 2025 @11:30PM (BeauHD) from the behind-the-scenes dept.)


In late 2023, the FBI [1]alerted the Littleton Electric Light and Water Departments (LELWD) that it had been [2]breached by a Chinese-state-sponsored hacking group for over 300 days . With the help of cybersecurity firm Dragos and Department of Energy-funded sensors, LELWD confirmed the intrusion, identified the hackers' movements, and ultimately restructured its network to remove them. PCMag reports:

> At the time, LELWD had been installing sensors from cybersecurity firm Dragos with the help of Department of Energy grants awarded by the American Public Power Association (APPA). "The sensors helped LELWD confirm the extent of the malicious activity on the system and pinpoint when and where the attackers were going on the utility's networks," the APPA [3]said last year. Today, Dragos released a [4]case study (PDF) about the hack, which it blamed on Voltzite, a "sophisticated threat group...that overlaps with Volt Typhoon."

>

> The call from the FBI forced Dragos "to deploy quickly and bypass the planned onboarding timeline" for the LELWD, it says. It discovered that Volt Typhoon "had persistent access to LELWD's network." Hackers were looking for specific data related to [operational technology] operating procedures and spatial layout data relating to energy grid operations," Dragos [5]tells SecurityWeek . In the end, Dragos confirmed the compromised systems did not contain "customer-sensitive data," and LEWLD changed their network architecture to kick Volt Typhoon out, the case study says.

Groups like Volt Typhoon, "don't always go for high-profile targets first," said Ensar Seker, Chief Security Officer at SOCRadar. "Small, underfunded utilities can serve as low-hanging fruit, allowing adversaries to test tactics, develop footholds, and pivot toward larger targets."



[1] https://www.theregister.com/2025/03/12/volt_tyhoon_experience_interview_with_gm/

[2] https://www.pcmag.com/news/chinese-hackers-sat-undetected-in-small-massachusetts-power-utility-for

[3] https://www.publicpower.org/periodical/article/cybersecurity-wake-call-lessons-attack-small-utility

[4] https://www.dragos.com/wp-content/uploads/2025/03/Dragos_Littleton_Electric_Water_CaseStudy.pdf

[5] https://www.securityweek.com/chinas-volt-typhoon-hackers-dwelled-in-us-electric-grid-for-300-days/


Sitting (Score:5, Funny)

by phantomfive ( 622387 )

I really wonder how they got nourishment. Didn't anyone notice the food trucks bringing them food, as they were sitting alone in a power utility?

“The limits of my language means the limits of my world.”-- Ludwig Wittgenstein. Wittgenstein didn't sit.

Re: (Score:2)

by 93 Escort Wagon ( 326346 )

You'd think someone would also have noticed the extra toilet paper being used.

Could they encrypt operations-critical software? (Score:2)

by blue trane ( 110704 )

And demand $BITCOIN to fund North Korea's nuclear program?

Sounds familiar (Score:2)

by fahrbot-bot ( 874524 )

> Chinese Hackers Sat Undetected in Small Massachusetts Power Utility for Months

Future DOGE employees?

[1]IKEA beds? Dressers? Inside the ‘exceedingly odd’ DOGE office setup [in the GSA Building] [politico.com]

> At the General Services Administration’s towering federal office building in downtown Washington, [DOGE] workers have set up at least four separate rooms on the 6th floor for sleeping, complete with beds from IKEA, lamps and dressers, according to two career GSA employees.

> The agency is also considering spending about $25,000 to install a washer and dryer on the building’s 6th floor, according to a Feb. 25 invoice obtained by POLITICO. There is also a child’s play area decorated with a stuffed animal and toys, according to a photo of the room shared with POLITICO.

> “People are definitely sleeping there,” said one GSA staffer.

[1] https://www.politico.com/news/2025/03/06/doge-federal-office-bedrooms-00216863

Oh My (Score:2)

by walkerp1 ( 523460 )

At first I thought that the name Littleton Electric Light and Water Departments was a bit redundant until I considered the ramifications of calling it Littleton Electricity and Water Departments.

FBI handling of this is nuts (Score:2)

by Sethra ( 55187 )

You an FBI team that has identified an infrastructure security breech and your action is to call the facility, ask for a private email address, and tell them to click on the link to download a program and "diagnose the problem"?

What exactly is the lesson here? To condition people to accept this as a standard practice?

They should have dispatched an FBI OpSec guy to the facility, provided all the proper identification, and then worked directly with the manager to rectify the intrusion.

Bloom's Seventh Law of Litigation:
The judge's jokes are always funny.