The final week of National Cyber Security Awareness Month (NCSAM) focused on the critical necessity of “Building Resilience in Critical Infrastructure” because those responsible for protecting critical infrastructure assets must be aware of ever-evolving cyber threats to the industry. The reality is power and electric grids are becoming a target for attackers, and even a minor disruption to our power sources could cause major problems. Compounding these concerns are the increasing vulnerabilities of these critical assets due to their increasing connectivity to the web and Internet of Things.
Delta Risk LLC Vice President of Commercial Services, Joseph S. Abrenio, recently discussed the cyber security challenges facing utilities in the Fall 2016 issue of United States Cybersecurity Magazine.
Here’s an excerpt from the article, “Illuminating Issues of Grid Cyber Security.”
Threats to the Grid
Because a majority of critical infrastructure facilities rely on networked technologies, they are susceptible to attack and intrusion by malicious actors from around the world. The same connectivity which allows remote access to critical systems and devices can be used to disrupt operations, and even cause physical damage to equipment. Disabling one of the power grids (there are three large interconnected systems that help transport electricity), even in otherwise distinct sections of the country, would have vast consequences as these grids share some interconnections. If the grids are compromised, basic communications such as telephones, cell towers, and cable lines could be disrupted and go offline. In essence, we would be flying blind without basic warning systems in place.
This scenario is not merely hypothetical. There have already been instances in which cyber-attacks have been used to attack power grids and disrupt communications ahead of physical invasions. The first instance of a cyber-attack officially recognized as the cause of a power outage occurred just last February in Ukraine. Arguably attributable to a Russian hacking group, this attack resulted in 225,000 private citizens being left in the dark. This demonstrates the real risk that malicious cyber actors can effectively flip switches on the power grid, remotely. The outage did not last long, but it is easy to comprehend the effects of an extended outage.
A similar incident has also occurred in the U.S. In the late summer of 2013, Iranian hackers were able to infiltrate the networks of a small dam just outside New York City. While this attack did not involve an electric grid per se, it does demonstrate that critical infrastructure facilities in the US are also vulnerable.
More troubling is the possibility of such an attack preceding a physical invasion. Allegedly, Russia used a DDoS attack to disrupt network connections and websites in Georgia before invading in 2008. It is easy to see that strategically, a cyber-attack preceding a physical invasion is the most effective war strategy in our modern world. These types of events are no longer restricted to the realm of science fiction movies.