Home > Critical Infrastructure Security, Information Security, SCADA Security > Latvian Electricity Grid Hacked !! So claims a Chinese Group

Latvian Electricity Grid Hacked !! So claims a Chinese Group

A recent post in the full disclosure list (FDL) claims that a Latvian Power Plant called (Latvenergo RIGAS HES-2) has been hacked. the post is strikingly similar in its approach to the recent FPL SCADA incident/Hoax.

Similarities:
-The FPL post was sent to the FDL at 8:22 (-7) PDT
-The RIGAS post was sent to the FDL at 8:48 (-7) PDT
-The FPL email that the hacker BGR sent me was sent from a Yahoo account, this time they used Rocketmail.com (owned by Yahoo)
-Both started by posting real IPs owned by reportedly the victims
-Both posted Images/screen shots hosted at Imageshack.us
-Both pasted the Cisco router configuration files along with the passwords

The screen shots were taken from a windows PC that also shows a lotus notes mailbox named (Leva Vaica).

I would assume from the pop up below that this is an Asus Laptop and not a desktop, since the EPU-4 Engine is a mother board with integrated graphics mostly used in Asus Laptops for power saving.

Latvian Power Station

Latvian Power Station

Also you can see that xpower was used to view the SLDs (Single Line Diagrams) and they were stored under the same laptop local C:\ drive
Folders

The entire project was saved under the name of (Leva_Test).

A group called (China Youth Hackers Alliance) claimed responsibility.

Related news: This April 28th and in the same city of the power plant (Riga,Latvia) was the Chinese Business day and trade expo (Invest EXPO 2011)

This reported incident looks like an FPL Hoax “Deja vu” or the Chinese business convoy revenge for a business deal that turned sour 🙂

Advertisements
  1. ???
    May 5, 2011 at 2:50 pm

    Check it out please, it is screen from compromised Latvenergo Valmeria router:
    http://imageshack.us/photo/my-images/864/111nk.png/

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: