July 7th, 2020


A cyberattack just disrupted grid operations in the US. But it could have been far worse

Joseph Marks

By Joseph Marks The Washington Post

Published May 8, 2019

A cyberattack just disrupted grid operations in the US. But it could have been far worse
WASHINGTON - A recently disclosed hack at an electric utility in the western United States crosses a disturbing new line.

It's the first time a digital attack is known to have interfered with electrical grid operations in the United States. And it was due to a relatively basic hack, raising the specter of what might happen if a sophisticated bad actor chose to launch a far more powerful attack, say, with the intent of shuting off electricity for millions of people.

The disruption, which took place March 5, was caused by a denial of service incident, an Energy Department official told E&E News's Blake Sobczak, who was the first to report on the issue. That means the utility -- which serves parts of California, Utah and Wyoming though the Energy Department didn't name it -- was basically overwhelmed with phony web traffic.

The attack didn't cause customer outages or affect the reliability of the grid - and there's no evidence it was part of a coordinated attack aimed at doing so, Blake reported. It's possible the attackers didn't even know they were targeting an electric utility.

But the fact that there was a disruption at all on critical infrastructure puts it in a highly concerning category. The best known successful grid attack by highly sophisticated hackers had far-reaching consequences: Hackers allegedly linked to the Russian government targeted portions of Ukraine's energy grid with a denial of service attack in 2015 and cut off electricity for several hours to tens of thousands of people.

That kind of outage, if it took place in the U.S., could cause hundreds of millions of dollars of damage or even cost lives - for example, if hospitals were caught without a backup electricity supply.

A 2015 report by the University of Cambridge Centre for Risk Studies estimated a major grid attack in the United States could cost up to $1 trillion in the most severe circumstances.

The disruption also highlights how poorly many utilities are prepared for such an attack.

According to Sobczak, the attack relied on a computer bug that was widely known - and there was a software patch that fixed it. That means if the utility had updated patches on all of its systems, the whole thing could have been averted.

The Energy Department has shared very little information about the hack. Most of what's known comes from a report that the department typically publishes after outages caused by major storms or other events that interrupt electrical supply. A report such as that may be triggered if a digital attack hit a target at the edge of a utility's network, such as a firewall or router, that doesn't affect core operations, industry sources told Sobczak.

"While a cyberattack on such equipment wouldn't disrupt the flow of electricity, it could force operators to pause or redirect certain activities at affected facilities to allow for an investigation," he reported.

The attack should be a wake-up call about the importance of ensuring utilities are consistently and effectively protecting themselves against cyberattacks, Robert M. Lee, a former NSA hacker who founded the cybersecurity company Dragos, said during a panel discussion I moderated Thursday.

But Lee also warned against overreacting to such attacks, which he said are sure to become more prevalent in coming years. After all, he said, electricity services are quite resilient and it would be exceptionally difficult to shut off power across a large area for a long time.

"I don't want to make light of threats poking and prodding our infrastructure," he said. "But we also don't want to hype up the challenge."

Every weekday JewishWorldReview.com publishes what many in the media and Washington consider "must-reading". Sign up for the daily JWR update. It's free. Just click here.