The cybersecurity company FireEye says in a new report to private clients, obtained exclusively by NBC News, that hackers linked to North Korea recently targeted U.S. electric power companies with spearphishing emails.
The emails used fake invitations to a fundraiser to target victims, FireEye said. A victim who downloaded the invitation attached to the email would also be downloading malware into his or her computer network, according to the FireEye report. The company did not dispute NBC's characterization of the report, but declined to comment.
There is no evidence that the hacking attempts were successful, but FireEye assessed that the targeting of electric utilities could be related to increasing tensions between the U.S. and North Korea, potentially foreshadowing a disruptive cyberattack.
Robert Lee, a cybersecurity expert who consults with the industry, told NBC News that "any targeting of infrastructure by a foreign power is a concerning thing," but that North Korea and other adversaries "are far from being able to disrupt the electric grid."