Categories
Backup and Storage

Telvent admits it was the victim of a sophisticated security breach

It is suspected that a Chinese hacking gang were responsible for the attack.

Power grid system and smart meter manufacturer Telvent has announced it was recently the victim of an espionage attack on its system, with The Register reporting the breach could be traced back to a notorious Chinese hacking crew.

Earlier this month Telvent admitted hackers breached its secure corporate network, both embedding malicious data-logging software and lifting sensitive project files from its system. The company’s customers were informed of the hack in the US, Canada and Spain, and critics have called into question the companies document storage security.

It’s thought that the hackers could potentially use the lifted files to design ways to exploit vulnerabilities in the system that would hijack the power supply to a number of different countries across the globe.

As a result Telvent has cut data links to at-risk portions of its internal network while it investigates the breach. In a statement supplied to Sophos, the firm also announced the police had been called in to help patch up security vulnerabilities and locate the source of the attack.

"Telvent is aware of a security breach of its corporate network that has affected some customer files," the statement read. "Customers have been informed and are taking recommended actions, with the support of Telvent teams. Telvent is actively working with law enforcement, security specialists and its affected customers to ensure the breach has been contained."

Digital security expert Dale Peterson told WiReD that the nature of the files lifted during the course of the breach make this security flaw more significant that most.

"Some project files contain the ‘recipe’ for the operations of a customer, describing calculations and frequencies at which systems run or when they should be turned on or off," he said.

However, sensitive files exist across the networks of every corporation, and ensuring the security of them while in use on the internal network and when backed up to cloud storage is vital.