Russian-Backed Hackers Infiltrating US Power Grid
The Department of Homeland Security recently announced that Russian-backed hackers have infiltrated the control rooms of hundreds of utility companies across the country.
Hackers have the “ability throw switches" across large swathes of the country, said the DHS in a July briefing, although at the moment their efforts seem primarily focused on reconnaissance.
Security experts question the likelihood of a state actor like Russia launching an attack to actually bring down the power grid, but they warn that the grid does have a number of vulnerabilities.
“When it comes to the power grid of the U.S. I don’t think it is any secret that there are large swathes of the country that are running on very, very deprecated infrastructure,” said Raymond Hicks, founder and president of operations for 5thColumn, a Chicago-based cybersecurity firm.
Hicks noted that in today’s world we are so dependent on electrical power that if the grid were brought down for any significant length of time it would create chaos.
“Everything from food storage and transportation to the metro systems and train systems that are electrically driven. The ability for banks to do business ... it brings everything to a halt,” said Hicks. “Everything communicates over a protocol that fundamentally relies on the presence of a consistent electrical source.”
Jacob Furst is a professor in the College of Computing and Digital Media at DePaul University where he lectures on cybersecurity issues. He said that while the possibility of an attack exists, it is unlikely that a state actor would launch a significant assault on the U.S. power grid for fear of the retribution such an attack could bring.
He said that while the grid is “obviously vulnerable” to hackers, he thinks the actual risk is relatively low.
“Most of the work that we are currently seeing (by hackers) is to establish a presence and to be ready in case something goes wrong,” rather than trying to disable systems, said Furst.
He also notes that in the realm of cyberspace it can be very difficult to ascertain precisely who may be behind a particular attack.
“It can be fairly easy to disguise cyberattacks,” said Furst. “While the DHS has implicated Russians and our government has decided to impose sanctions (for election meddling) that’s very different than, for instance, an armed military response to what you guess is Russians interfering with your power grid.”
Karen Weigert is a senior fellow at the Chicago Council on Global Affairs where she has written extensively on issues of grid security.
“It certainly appears that there are growing attempts to infiltrate our infrastructure on the electrical side,” she said.
Weigert also believes that recent cyber infiltrations by hackers have more to do with reconnaissance and learning system vulnerabilities rather than actually taking down the grid. But she said the threat posed by hackers is growing, and one that both governments and utility companies must be prepared to confront on a daily basis.
Weigert notes that to date, the most serious example of a state actor attacking another country’s power grid occurred in Ukraine, where Russian hackers were implicated in a 2015 attack on a regional electricity company that caused a blackout that affected some 225,000 people.
“There is growing awareness (of the threat),” said Weigert. “A lot of cybersecurity actually comes down to that routine maintenance, the day-to-day actions, watching your credentials. When you go back to some of those attacks on Ukraine, they got credentials, that’s how they got in to parts of the system. So that bread and butter training (is important). There’s more that obviously needs to be done and we will continue to have this conversation as long as our world becomes increasingly digital and interconnected.”
Furst and Weigert join Eddie Arruza to assess the threat to the power grid.