Donate search
close

Share

  • Facebook
  • Twitter
  • send Email
  • print Print

Cyberattacks on Nuclear Facilities Threaten Power Grids

One of the scariest books that I have ever read is “One Second After” by William Forstchen.

By David Thornton

The book is the gripping story of what happens to a small North Carolina town after a nuclear electromagnetic pulse attack on the United States. After the EMP destroys the power grids for the entire country, starvation and anarchy become the order of the day. Now it seems that hackers may soon be able to achieve the same result without a nuclear missile.

The New York Times details an urgent joint report by the FBI and the Department of Homeland Security that says that hackers have been attacking computer networks of nuclear power and other energy companies since May. The attacks have occurred in the United States as well as other countries.

The extent of the attacks is not known. The report also did not specify whether the goal of the hackers was commercial espionage or something more destructive, such as disabling safety systems or shutting down electric power production and distribution grids. The story cites a joint statement by the FBI and DHS that said, “There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks.”

According to the report, the hackers appeared to be mapping the computer systems in possible preparation for a future attack. The code used in the attacks has not been fully analyzed to confirm this theory.

The strategy seems similar to the pattern of cyberattacks on the Ukraine by Russia. In December 2015, intrusions similar to the foray into American energy company computers preceded a hacker-caused blackout in the Ukraine. Wired reports that power was restored to most areas after a few hours, but that it took months to fully restore operational control.

The hackers in the Ukraine cyberattack rewrote the firmware that controls critical equipment at some substations so that even though the power was on, operators could not control the breakers remotely. The Ukrainians had to use manual backups to restore power to their grid in these areas, but many American companies lack these manual controls. A cyberattack on the American power grid might result in a long blackout as companies try to rewrite the malicious code.

As with the Ukraine attack, the primary suspect for the cyberattacks on American power companies is a “state actor,” most likely Russia. While Russian involvement has not been confirmed, sources in the Times report say that the attacks resemble the previous work of “Energetic Bear,” a Russian hacking group that has been linked to numerous attacks on energy companies since 2012.

Some of the attacks were reportedly initiated by “phishing” emails sent to senior engineers that contained fake resumes that were infected with malicious code. In some cases, the hackers corrupted legitimate sites that were frequented by their targets. This sort of attack is referred to as a “watering hole” attack. The hackers are also known to have used the “man-in-the-middle” strategy which redirects a target’s legitimate internet traffic through servers controlled by the hackers.

The timing of the attacks coincided with a cybersecurity Executive Order issued by President Trump on May 13. The order allows cybersecurity experts in US intelligence agencies to share their expertise with industries such as energy companies. The president also instructed the government not to buy technological equipment from Russian and Chinese companies and to focus on securing power grids and other parts of US infrastructure from cyberattacks.

There are many warning signs that our electronic infrastructure is vulnerable and at risk of a crippling cyberattack. President Trump’s Executive Order is a step in the right direction, but it will take years to fully secure power grids and company computer systems against cyberattacks. There seems to be no time to waste.

Share

  • Facebook
  • Twitter
  • send Email
  • print Print

Advertisement

More Top Stories

Paging President Obama: Your party doesn’t have a leader.

An Op-Ed calls for Obama to condemn Trump’s Tweets. Can’t they find a more current leader? I won’t wade into the debate surrounding President Trump’s Tweets this past weekend. That top …

The Jones Act Is About Protecting America

In recent weeks, opinion writers in a number of leading agriculture industry publications have been encouraging American farmers to ship their products in foreign vessels, arguing that it’s cheaper. …

Read This and Tell Me Again – Who Are the Bigots?

Last week I wrote about the incoherence of the tired “how does my gay marriage affect you?” deflection used to perfection by the LGBT political lobby in their pursuit of early legislative success. …