Hackers are targeting the remote workers who keep your lights on

More from author

CDC welcomes PBA in Clark

THE Clark Development Corp. (CDC) welcomed the decision of the Philippine Basketball Association (PBA) in choosing the...

Marcial flying to U.S. to start pro training

TOKYO Olympics-bound boxer Eumir Felix Marcial will fly to Los Angeles anytime this month to begin his...

Coach Pido’s advice to next UST coach: Love the school

PIDO JARENCIO—who coached University of Santo Tomas (UST) to its last University Athletic Association of the...

In July alone, hackers took over the Twitter accounts of US politicians, stole terrabytes of coronavirus research and even infiltrated the UK’s Premier League soccer clubs. Can they cut off your electricity, too?

They’re trying. With millions of Americans now working from home—including the people who help keep the grid running—cyber attacks targeting the power sector have surged. In many cases, hackers use phishing e-mails to gain access to the computers of remote workers, looking to disable company systems for a ransom. But security experts warn that about a dozen state-sponsored actors are also trying to infiltrate these networks.

The pandemic has created “a once in a lifetime opportunity to get access during a time of heightened remote access usage,” said Rob Lee, chief executive officer at industrial security firm Dragos Inc. “The bulk electric system is absolutely too important to allow adversaries access. It’s a matter of public safety as well as national security.”

Cyber attacks of all kinds have intensified during the Covid-19 pandemic, with hackers targeting public figures, banks, health-care providers and others as the rise in remote work creates new access points. An assault on the power grid could have wide-ranging implications across sectors. While no outages have so far been attributed to hackers, grid companies are beefing up security amid an unprecedented onslaught that, in a worst-case scenario, could trigger blackouts or damage vital equipment.

“Every major company in our industry gets attacked millions of times every day,” said Tom Fanning, chief executive officer of utility Southern Co. “But it is very clear there have been no interruptions in service on the electrical side.”

Even before the pandemic, hackers succeeded in infiltrating some energy infrastructure. In 2016, an Iran-based hacker gained remote access to an electric dam in New York for weeks. Earlier this year, ransomware shut down a natural gas facility for two days.

The largest US grid operator, PJM Interconnection LLC, recently told regulators it’s facing increasing attacks. In May, the UK’s grid data system was hacked, although electricity supplies weren’t affected. And in March, an attack against Europe’s association of grid operators, ENTSO-E, affected its internal office systems.

“If you notice an attack going on, it’s already too late,” said Andrea Carcano, cofounder of Nozomi Networks, which provides Web security services for utilities and other industries.

Nozomi estimates that grid attacks have increased 35 percent since Americans began quarantining. That correlates with more electric-sector employees working from home. As an example, one US utility that previously allowed only 9 percent of its power plants to operate remotely now allows 80 percent to do so, Carcano said.

“With people working from home, there’s an increased attack surface to go after,” said Scott Aaronson, vice president of security and preparedness at the Edison Electric Institute.

Off-site employees

In response to the onslaught, utilities are implementing heightened defense campaigns. That includes Avangrid Inc. and National Grid PLC, which provide power in New York and New England.

“We’ve increased our vigilance and focus since the start of the pandemic to ensure our employees working outside the office continue to access our systems in a safe and controlled manner,” said Edward Crowder, an Avangrid spokesman. He declined to share specific actions the company is taking, citing security.

Before National Grid moved thousands of employees off-site, “we ensured that our systems could accommodate this change, and that there would be no impact to our security controls,” said spokeswoman Molly Gilson, without elaborating on particular measures the company took.

PJM declined to comment on how it’s making its systems safer, but its Senior Vice President of Operations Mike Bryson told regulators in June that “PJM’s remote access infrastructure was already prepared both for the capacity needed for remote operations and for the security configuration needed to protect PJM while in remote operation.

Still, intrusions can happen, and even the most tightly guarded systems can be taken down.

“Yes, it could happen,” said EEI’s Aaronson. “You could get in and move laterally but it would be very, very difficult to do so without people noticing anomalies.” He said he’s been on regular calls with utilities, the Department of Homeland Security and the White House since February to share information on potential threats.

US hacking

The recent attacks have focused on corporate computer systems rather than the ones that run the physical operations of power plants and grids. The latter are overseen by engineers, many of whom were, until recently, isolated in strictly protected control centers for weeks at a time due to the pandemic.

But it’s happened elsewhere. Hackers believed to be linked to Russia hit Ukraine’s grid in 2015, cutting power to 230,000 people. Last September, malware affected an Indian nuclear power plant. And since at least 2012, the US government has worked to penetrate Russia’s electric power grid in a warning to President Vladimir Putin.

“Although North America has not experienced similar attacks,” Dragos said in a January report, bad actors “exhibit the interest and ability to target such networks.” Dragos highlighted a group of state-sponsored hackers linked to Iran that have carried out so-called “password spraying campaigns” on US oil, gas and electric infrastructure.

“Electric sector community members should be more proactive than ever before,” Lee said. “But that doesn’t mean the public should be freaking out.” Bloomberg News

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More updates

US cases breach 6.7 million as deaths approach 200,000

US coronavirus cases increased by 49,299 on Friday, a 0.7 percent increase that compares with a 0.6...
- Advertisement -

Protesters in Thailand reinstall plaque symbolizing democracy

BANGKOK—Anti-government demonstrators occupying a historic field in the Thai capital on Sunday installed a plaque symbolizing the country's transition to democracy to replace the original one that was mysteriously ripped and stolen three years ago, as they vowed to press on with calls for new elections and reform of the monarchy.

Trump, California leaders clash over climate’s role in wildfires

Donald J. Trump and California state officials sparred over whether climate change is contributing to out-of-control wildfires across the West, after the president insisted that poor forest management drives the conflagrations. Wade Crowfoot, the secretary of California’s Natural Resources Agency, told Trump in a recent meeting in Sacramento that...

U.S.-China mutual investment slumps as ties sour–Report

Two-way investment between the US and China slumped to the lowest in almost nine years during the first half of 2020 as relations between the world’s biggest two economies deteriorated to their worst in decades. Combined direct and venture-capital investment between the countries totaled $10.9 billion in the period,...

This upstart Chinese brokerage is now bigger than Credit Suisse

East Money Information Co., founded by a 49-year-old former stock commentator, is one of the big winners in China’s wildest stock frenzy in half a decade. Shares in the online broker and market data provider have rocketed 78 percent this year, giving it a market value of more than...
- Advertisement -

In case you missed it