The US Power Generation System Is Under Siege

Being a detective means investigating and solving crimes. President Trump said about Russia’s cyber meddling in the US voting process, “No one can really know who’s doing it.”

It’s not unusual for someone not familiar with the computer industry to make such a statement. Chances are most adults would come to that conclusion, but they would be wrong. Cyber detectives within government security agencies have the tools to know whose meddling.

A cybercrime detective is no different than a burglary-crime detective; they consider motive, clues and evidence. The low-level, email-based cyber criminal tries to conceal themselves in the “From” line of an email. Those types are relatively easy to detect by looking at the hidden, detailed, return address information. However, when dealing with sophisticated cyber criminals, especially when they’re part of an elite group run by a foreign government, it requires the talents of cyber detectives.

It’s important to understand that computer code is just another language. How code is written is not that dissimilar from writing a letter. Each person has their own style: their use of certain words, where they’re placed in phrases; their use of punctuation; and their choice of verbs and pronouns. It’s their fingerprint. Further, people in different countries have distinct ways of expressing the same idea. In the United States, they say “Mom”; in the United Kingdom, it’s “Mum.” It’s tough to conceal who you are or where you’re from no matter how hard one tries; it’s part of their psychological makeup.

It’s unfortunate some people in the US government cannot grasp this concept or just don’t want to. As such, multifaceted, complex attacks by a foreign government will go completely over or blocked from entering their head, and that’s dangerous to our country.

Our society is run by computers and communication systems and, of course, requires power. An attack aimed at our power-generation infrastructure can be catastrophic. The Wall Street Journal reported that a federal analysis indicated that a coordinated terrorist strike on just nine key electric transmission substations could cause cascading power outages across the country in each of the nation’s three synchronised power networks. A loss would not only affect personal power use but also money, health and food supply, to mention just a few.

To acquire additional information a security expert working at a major power generating system in the United States was asked, “How often has your plant been probed by cyber attackers, have they been able to infiltrate your facility and who are the perpetrators?” He indicated that cyber non-web attacks occurred on average 17,000 times a day, representing 50 percent of all attacks. Add to that, 6,300, or 17 percent, blocked email web attacks, with the remaining 33 percent being crime-ware and insider or third-party misuse.

That’s a total of 34,000 attacks per day that a power system must deflect.

Surprisingly, most attacks are not through the Internet, since that path is reasonably well protected. Internet hackers must bypass multiple layers of firewalls, a difficult job. However, a remote substation working through a supervisory system not connected through the Internet may have less physical or software security, and is often an entry point. Whatever are the attacker’s intent, obviously, it was not to say hello, but rather to damage the network, to see if they could get in later or put in a “Trojan Horse” for future activation? 

Hackers used several different techniques to compromise plant computers, including fake email personnel resumes that contained malicious code. Fortunately, administrative/corporate computer systems are kept separate from operational ones.
On the more positive side, hacking in the United States is a more complex feat than in countries where their grid system is homogenous. Our power systems are diverse; no two substations are the same, and no two companies run their infrastructure the same. In countries where systems are “state run,” if a hacker finds a mistake in one place, they can probably find the same mistake somewhere else.

According to Marcus Sachs, CSO with the North American Electric Reliability Corporation, squirrels, birds and snakes may be a bigger threat to local power grids than cyber adversaries. So watch out, the little ones may inadvertently sacrifice themselves to kill your power!

Inside Sources

You Might Aldo Read: 

Russia Suspected As Hackers Breach Power Plant Systems:

Ageing Energy Systems Hold Huge Potential For Cyber Attack:

 

« Singapore’s Mounting Cyber Threats
Who Are The Shadow Brokers? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

QinetiQ

QinetiQ

QinetiQ is one of the world's leading defence technology and security companies. Areas of activity include air, land, sea and space systems, weapons, robotics, C4ISR and cyber security.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

NDIA - Cyber Division

NDIA - Cyber Division

NDIA Cyber division’s contributes to US national security by promoting interaction between the cyber defense industry, government and military.

CTR Secure Services

CTR Secure Services

CTR Secure Services provides a broad range of security consulting services from asset protection to cyber security.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

Micro Strategies Inc.

Micro Strategies Inc.

Micro Strategies provides IT solutions that help businesses tackle digital transformation in style.

Ten Eleven Ventures

Ten Eleven Ventures

Ten Eleven is a specialized venture capital firm exclusively dedicated to helping cybersecurity companies thrive.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

VectorRock

VectorRock

Save Your Business From Cyber Criminals. We specialize in uncovering cyber risks which threaten your organization and fixing them.

Deloitte

Deloitte

Deloitte is a multinational professional services firm providing audit, consulting, financial advisory, risk management, tax, and related services to clients.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

Cenobe Cyber Security

Cenobe Cyber Security

Cenobe provides customized solutions to keep you ahead of potential threats and ensure the security of your organization's systems and data.

Allot

Allot

Allot are a global provider of leading innovative network intelligence and security solutions for Service Providers and Enterprises worldwide.