Top members of the Senate Homeland Security and Governmental Affairs Committee this week cited energy infrastructure vulnerabilities as a leading threat to the nation’s safety. Here’s what federal officials are doing in an effort to address the threats.
Wisconsin Sen. Ron Johnson, who chairs the committee, said that Homeland Security officials should consider the nation’s aging electrical grid one of the nation’s top vulnerabilities.
“Through hearings over the course of the last three years, we have made great strides in identifying problems, finding areas of agreement, and exploring root causes of America’s security challenges,” said Johnson.
“Through 22 hearings related to border security, for example, we have learned that our borders are not secure and America’s insatiable demand for drugs is a root cause of that insecurity. We have held 11 hearings on cybersecurity and critical infrastructure protection, exploring how nation-states and other adversaries continue to attack information networks to disrupt business and steal our nation’s secrets. And we have learned how critical infrastructure sectors, including our electric grid, remain vulnerable to attack in ways that could disrupt our way of life for extended periods of time,” he added.
Recent hurricanes along the nation’s southern coast and in Puerto Rico have increased focus on just how fragile our critical infrastructure is in the United States. Today, nearly a week after a hurricane made landfall in Puerto Rico, hundreds of thousands of residents remain without power.
As devastating as the impact of a natural disaster can be however, infrastructure experts are far more worried about the destruction which could result from a nation state, or even a lone actor, capable of hacking in to the nation’s electrical power systems.
A nuclear attack or solar flare could totally cripple the nation’s electrical grid, rendering useless 24,000 substations and 430,000 miles of transmission cables.
That’s according to a Government Accountability Office audit of the power grid that began in 2014 after industry leaders and members of Congress expressed concern about vulnerabilities in the nation’s energy infrastructure.
More concerning than how easily the grid could be taken down by disaster or attack, the GAO report revealed, is that the government has failed to identify which electrical assets would need to be repaired first to avoid chaos and massive loss of life as water purification systems, transportation infrastructure, the financial system and hospitals throughout the nation go dark.
And it’s already happening.
Core systems of the U.S.’s power grid have been compromised by hackers outside the country, according to a leading infrastructure security firm. The news has officials rushing to find companies able to provide a solution to the biggest threat critical U.S. infrastructure has ever faced.
Warnings of a potentially catastrophic hack emerged via the security firm Stymantec earlier this year when its analysts noticed that a string of malware attacks on energy providers that began as a trickle back in 2015 increased drastically around April.
In the months since, frequency and intensity of the attacks has increased.
The energy sector has become an area of increased interest to cyber attackers over the past two years. Most notably, disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyber attack and led to power outages affecting hundreds of thousands of people. In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the U.S. being compromised by hackers.
The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so. Symantec customers are protected against the activities of the Dragonfly group.
Symantec has strong indications of attacker activity in organizations in the U.S., Turkey, and Switzerland, with traces of activity in organizations outside of these countries. The U.S. and Turkey were also among the countries targeted by Dragonfly in its earlier campaign, though the focus on organizations in Turkey does appear to have increased dramatically in this more recent campaign.
In response to growing threat indicators, President Trump signed an executive order to strengthen the cybersecurity defenses of federal networks and critical infrastructure.
The order specifically requires government to work with public corporations to mitigate risks and help defend critical infrastructure organizations “at greatest risk of attacks that could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security.”
The order, along with reports like the latest from Symantec, are creating a massive boom in a new tech sector working to create solutions to strengthen the nation’s critical infrastructure against outside attacks.
We recently prepared a thorough report on three companies making big news in the industry as they mount a defense to the biggest threat that almost no one outside of the infrastructure industry seems to want to talk about, follow this link to learn more.
The post Top lawmakers sound the alarm on infrastructure vulnerability as a MAJOR threat to the homeland appeared first on Personal Liberty®.