ORIGINAL REPORTING: Cybersecurity Threats Go Deeper Than U.S. Preparations
Biden executive order on power system cybersecurity leaves critical operations vulnerable, experts say; From mysterious electronics in Chinese transformers to sensors without password protections, analysts see growing vulnerabilities in U.S. power system operations.
Herman K. Trabish, July 25, 2022 (Utility Dive)
Editor’s note: Though Biden administration efforts to set cybersecurity standards have expanded, threats are proliferating and insiders confide that intrusions cannot be stopped but only mitigated.
A Ukraine war-provoked Russian cyberattack on the U.S. power system has not happened, but experts agree the threat is real because of a key shortcoming in cybersecurity preparations.
The 2021 Colonial Pipeline shutdown that disrupted Eastern U.S. gasoline deliveries hinted at the danger of cyberattacks on the energy sector. A May 12, 2021, Biden executive order, requiring major power system cybersecurity actions, implicitly acknowledged that Russia’s 2015 attack on Ukraine’s power system can happen here. But current and planned responses to the Biden order may not be enough to protect electricity delivery, cyber specialists said.
Russia may have so far withheld cyber warfare against the U.S. and its allies because of “a balance of power issue,” OPSWAT operations technology and industrial cybersecurity expert Oren Dvoskin said. “If a cyberattack is stopped, whoever stopped it knows the adversary, which is why nation-states are careful about if and when to deploy cyber weapons,” he said.
But the cyber threat to the energy sector goes beyond attacks to communications networks like the recent headlined ransomware attacks, analysts said. Using the growing internet access of power system operations that allow companies to monitor and control engineering processes online, attackers could disrupt critical infrastructure to create environmental devastation, losses of life, and severe economic impacts, they said.
Power system “security and safety” depends on “the reliability and accuracy of sensor data that informs operations,” Applied Control Solutions Managing Partner and Cybersecurity Analyst Joe Weiss told Utility Dive. And “Russia, China, and Iran are aware of the lack of cybersecurity in process sensors and have access to them” in critical electric system operations, he said.
The recent discovery of cryptocurrency’s vulnerability is a reminder that cybersecurity requires constant attention. But threats can be minimized by first recognizing protections to internet technology networks are inadequate to protect operational technology hardware, and then putting the best people, processes and technologies in place to protect electricity delivery, cyber analysts said… click here for more