The Gately Report: Impero Software Says U.S. Power Grid Attacks Likely in Months Ahead

U.S. power grid attacks, including cyberattacks, are likely to increase this year as malicious actors are realizing just how vulnerable and exploitable it truly is.

Impero Software’s Paul Hafen

That’s according to Paul Hafen, cybersecurity expert at Impero Software Solutions. It provides cybersecurity to the public sector, including school districts, as well as secure remote connect from device to device.

According to Politico, citing a top cybersecurity executive, hackers tied to Russia last year got close to knocking out a major portion of the U.S. power grid. And the malware they used is still out there.

The attack occurred early in Russia’s invasion of Ukraine. Hackers deployed malicious software to try to take down “around a dozen” U.S. electric and liquid natural gas sites.

U.S. Power Grid Vulnerable to Both Cyber, Physical Attacks

The power grid is vulnerable to both cyber and physical attacks, which are on the rise. Earlier this month, the U.S. Justice Department charged a neo-Nazi leader and his associate with plotting to attack Baltimore’s power grid, according to Reuters. The FBI prevented the attack with the help of a confidential informant.

“What’s been of interest to me over the years is what more organized groups are able to do,” Hafen said. “We’ve heard a lot about Ukraine lately and there was an attack years ago on the grid that took them down. And that was attributed to Russia. These people are what we call advanced persistent threats (APTs).”

These APTs are slow, low and incognito, he said. They use tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs), which are basically malware.

“I don’t know if I’m expecting more this year, but my antenna are up, it’s top of mind with everybody,” Hafen said. “There’s been a lot of news about it. There’s precedent for it. We’ve seen it in Ukraine. A lot of people who have geopolitical focus are saying Ukraine is a test bed for an attack on the United States. For foreign actors, that’s the little leagues and they’re looking to come to the big leagues. And In more smaller, regional ways, there’s been attacks. So when there’s a precedent, that makes the possibility of another one or a bigger one all the more likely in the minds of people.”

In addition, the federal government has announced its efforts to ramp up grid security and what it still needs to do to safeguard it, he said.

“So all of that information, together with the precedent, makes a lot of us concerned that we are not without risk,” Hafen said.

Scroll through our slideshow for more from Hafen about potential cyber threats on the U.S. power grid, and more cybersecurity news.