U.S. officials warn about cyber attack against electric grid, conduct briefings


hacking power gridBy Anthony Gutierrez

In the wake of a recent hacker attack that shut down electricity in Ukraine, U.S. cyber experts have upgraded their warnings to utility companies about the potential of hostile nations to disrupt the domestic power grid.

The Department of Homeland Security and the FBI have been touring the nation giving briefings to infrastructure leaders about the potential for foreign hackers to surreptitiously bypass security measures, commandeer master controls and even wipe out systems.

power-stationIn the case of Ukraine, cyber attackers linked to Russia crashed the power grid for several hours on Dec. 23rd leaving 289 cities and towns either completely or partially blacked out. At the same time, perpetrators bombarded and overloaded the phone response system with spurious calls to divert administrators’ attention and prolong the shut down.

The malicious software attack was seen as part of the military conflict in which Russia has supported the pro-Russian Crimean separatists of Eastern Ukraine.

Ultimately, the Ukraine restored power by manually turning on switches. In the U.S., such a solution might not be so simple because of the greater dependence on computer automation.

“It is only a matter of the ‘when’ — not the ‘if,'” said Mike Rogers, head of U.S. Cyber Command and director of the National Security Agency, in a speech March 2, as reported by the Jewish Voice news. “We’re going to see a nation-state, group or actor engage in destructive behavior against critical infrastructure in the United States.”

Iran-is-hacking-the-power-gridU.S. officials previously downplayed the threat to our power grid in consideration of the Obama administration’s efforts to pursue warmer relations with Russia, China and Iran. But any nation that decides to go rogue can wreck havoc. As the U.S. Treasury Department punishes North Korea for its apparent implication in the cyber heist of $81 million from banks via the supposedly secure bank transfer system, one wonders if a nation with a penchant for revenge won’t make use of such a tactic.

What’s disturbing about the Ukraine attack was how the perpetrators used “commonly available tools” to orchestrate a massive disruption in basic services, according to a warning from the DHS Industrial Control Systems Cyber Emergency statement.

The nationwide campaign by DHS and the FBI began March 31 and included 12 briefings and online webinars for electrical power infrastructure companies and others involved in security, with sessions in eight U.S. cities, including a session in Washington, the Jewish Voice reported.

Worryingly, the cyber attack in Ukraine has been hailed as the first worldwide in which a nation has interfered with the critical infrastructure of another. Until now, nations have limited themselves to spying on each other through the internet, although the United States and Israel were implicated in a the sabotage of centrifuges that Iran used to purify nuclear fuel in preparation for possible use in nuclear weapons. The Stuxnet worm altered the centrifuges’ rotation to the extent that they broke.

In retribution for the attack, the NSA concluded that Iran unleashed a computer virus on the Saudi-owned oil company, Aramco, in August 2012, erasing spreadsheets and emails throughout the company and replacing them with the image of a burning American flag.

The attack involved a complex virus known as Shamoon, which ruined 30,000 computers at Aramco, according to the book Lights Out by Ted Koppel.

In April 2015 researchers from Norse, a cybersecurity firm reported that “Iranian hackers are trying to identify computer systems that control infrastructure in the U.S., such as the electrical grid, presumably with an eye toward damaging those systems,” according to Koppel’s book.

The malware in in Ukraine was named Black Energy and activated itself once a utility employee opened an innocuous-looking Microsoft Word document — a strategy called “spear phishing.” One report said the Trojan was also employed against Ukrainian media, but those attacks received much less attention in international media.

When will cyber saboteurs shut down American industry and leave homes in the dark? Several “weeks ago it was the Ukraine,” Rogers said. “This isn’t the last we’re going to see this, and that worries me.”

Anthony Gutierrez studies at the Lighthouse Christian Academy in Santa Monica.

Comments are closed.