Nation's Power Grid Ripe for Ransomware, Other Cyberattacks

Nation’s Power Grid Ripe for Ransomware, Other Cyberattacks

Written by Edward Gately
April 23, 2021

There are unique challenges to securing power companies.

This week, the Biden administration launched a 100-day plan to strengthen the cybersecurity of the nation’s power grid.

The administration wants to increase the cybersecurity of electric utilities’ industrial control systems and secure the sector’s supply chain.

At the same time, the U.S. Department of Energy issued a request for information to enable the electricity sector and other bodies to provide input on future recommendations for supply chain security.

This follows a water supply hack in Oldsmar, Florida, that could have poisoned that city’s drinking water. Someone remotely accessed a computer for the city’s water treatment system. They then briefly increased the amount of sodium hydroxide, aka lye, by a factor of more than 100.

NCC Group’s Damon Small

Damon Small is an energy cybersecurity expert and consultant at NCC Group. It’s one of the largest security consultancies in the world with 15,000 clients and 35 global offices. He said we’re likely to see more power grid attacks in the coming months.

The goal of cyber terrorism is to “mess up people’s lives,” he said. And if you want to disrupt a lot of people, you start attacking energy companies — energy producers specifically.

Remote Access a Growing Problem

In a Q&A with Channel Futures, Small talks about why energy production is an increasing target for cybercriminals.

Channel Futures: What are the main cyber threats facing the power grid today? Are there examples of recent attacks?

Damon Small: Within the last couple of years, ransomware has been a big problem. That’s when some sort of malicious software gets on a device and makes the information on the device unavailable until they pay. Remote access is causing a problem. The ability to move malicious software onto an industrial control system didn’t used to exist. The ability for a malicious user to do some sort of cyber network-based attack wasn’t really possible until some things happened in the last several years. Ransomware is kind of indiscriminate. So if you’re vulnerable, you might get hit. But targeted, even state-sponsored attacks, are something that I would tell energy producers to worry about.

CF: What sort of damage can be inflicted by these attacks on power grids?

DS: A lot. The damage can be [merely] annoying, like maybe a website is defaced and it’s a high-tech vandalism. But it can [also] be mission-critical and disrupt the energy company’s ability to serve their companies and produce energy. That’s bad for the business, because if they’re not producing energy, they’re not generating revenue. And that’s also bad for the customers that the producer serves.

I’m in Houston, so I know from firsthand information what happens when a large power grid becomes unstable, as happened in Texas during that big freeze. So it doesn’t just affect the business. It affects the people who depend on having their modern society powered. So this has happened before and it’s going to continue to happen, not just because of opportunistic reasons, but also because if you want to disrupt lives, messing with public utilities is a very effective way to do that.

Scroll through our gallery above for more of Small’s comments and the week’s other cybersecurity news.