Iran, Russia, China, Maybe ISIS Have Remote Access to US Power Grid


power grid

The Associated Press conducted a year long study of our power grid only to discover that foreign entities have control over our grid. Hackers from Iran, China, and Russia and even ISIS have been attempting to breach the grid or have succeeded in attacking it.

They’ve taken passwords and engineering drawings of power plants so detailed that skilled attackers could have knocked out electricity flowing to millions of homes with malicious code in many instances.

It’s not unique either. Every year, sophisticated foreign hackers have gained remote access to control operations networks that keep power flowing. There have allegedly been 12 attacks in 10 years according to the AP. USA Today’s research found more than 300 attacks. More on that below.

There are so many attackers stowed away in the systems that run the grid that they can probably strike at will.

The AP is suggesting two of the problems are old equipment and the fact that it’s largely privately owned. That’s not a subtle hint. They want the government to run everything. If the government were in full control, the situation would be far worse.

Iran is an imminent danger.

“If the geopolitical situation changes and Iran wants to target these facilities, if they have this kind of information it will make it a lot easier,” said Robert M. Lee, a former U.S. Air Force cyberwarfare operations officer. “It will also help them stay quiet and stealthy inside.”

Attributing attacks is notoriously tricky. Neither U.S. officials nor cybersecurity experts would or could say if the Islamic Republic of Iran was involved in the attack Wallace discovered involving Calpine Corp., a power producer with 82 plants operating in 18 states and Canada.

Iranian hackers could have taken control of a dam in Rye, New York after they hacked it but chose not to.

Private firms have alleged other recent hacks of networks and machinery tied to the U.S. power grid were carried out by teams from within Russia and China, some with governmental support.

In 2012 and 2013, in well-publicized attacks, Russian hackers successfully sent and received encrypted commands to U.S. public utilities and power generators; some private firms concluded this was an effort to position interlopers to act in the event of a political crisis.

The Department of Homeland Security announced about a year ago that a separate hacking campaign, believed by some private firms to have Russian origins, had injected software with malware that allowed the attackers to spy on U.S. energy companies.

Even the Islamic State group is trying to hack American power companies, a top Homeland Security official told industry executives in October.

“ISIL is beginning to perpetrate cyberattacks,” Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security, told company executives.

Investigators would not reveal any details to CNNMoney — or cite evidence of specific incidents.

But they did say the attacks by the Islamic State have been unsuccessful. Terrorists are not currently using the most sophisticated hacking tools to break into computer systems and turn off or blow up machines.

“Strong intent. Thankfully, low capability,” said John Riggi, a section chief at the FBI’s cyber division. “But the concern is that they’ll buy that capability.”

The attacks they KNOW ABOUT aren’t successful. Who knows who is in line to attack.

“You want to be stealth,” said Lillian Ablon, a cybersecurity expert at the RAND Corporation. “That’s the ultimate power, because when you need to do something you are already in place.”

The hackers have gained access to an aging, outdated power system. Many of the substations and equipment that move power across the U.S. are decrepit and were never built with network security in mind; hooking the plants up to the Internet over the last decade has given hackers new backdoors in. Distant wind farms, home solar panels, smart meters and other networked devices must be remotely monitored and controlled, which opens up the broader system to fresh points of attack.

Hundreds of contractors sell software and equipment to energy companies, and attackers have successfully used those outside companies as a way to get inside networks tied to the grid.

Homeland Security spokesman SY Lee said that his agency is coordinating efforts to strengthen grid cybersecurity nationwide and to raise awareness about evolving threats to the electric sector through industry trainings and risk assessments though we aren’t where we need to be.

Deputy Energy Secretary Elizabeth Sherwood Randall said in a speech earlier this year, “If we don’t protect the energy sector, we are putting every other sector of the economy in peril.”

USA Today conducted their own research in March and found far more than a dozen.

An examination by USA Today in collaboration with more than 10 Gannett newspapers and TV stations across the country, and drawing on thousands of pages of government records, federal energy data and a survey of more than 50 electric utilities, found:

• More often than once a week, the physical and computerized security mechanisms intended to protect Americans from widespread power outages are affected by attacks, with less severe cyberattacks happening even more often.

• Transformers and other critical equipment often sit in plain view, protected only by chain-link fencing and a few security cameras.

• Suspects have never been identified in connection with many of the 300-plus attacks on electrical infrastructure since 2011.

• An organization funded by the power industry writes and enforces the industry’s own guidelines for security, and decreased the number of security penalties it issued by 30% from 2013 to 2014, leading to questions about oversight.

A major cyber attack on the U.S. electric grid could cause over a $1 trillion in economic impact and roughly $71.1 billion in insurance claims, said a report released Wednesday.

It looked at the financial impact of a scenario in which 15 states and Washington, D.C. suffer a blackout as a result of a cyber attack on the power grid. The scenario is created by the University of Cambridge Centre For Risk Studies, which uses some real life, publicly known cases to create the model. The report is also co-produced by Lloyd’s.

“Cyber attacks are often treated as a problem of technology, but they originate with human actors who employ imagination and surprise to defeat the security in place,”

Those guys appear to be in place and if we keep up the PC hiring, more will be in these positions.



Leave a Reply