The U.S. power grid is vulnerable to cyber-attack, and that could be just as damaging as a weapon of mass destruction, according to a major Department of Energy (DOE) report.
In the second installment of the Quadrennial Energy Review, the DOE urged more investment in cyber-defense while asking lawmakers for emergency powers to deter imminent cyber-attacks. The report also highlighted how a large-scale cyber attack could cost billions of dollars and millions of lives.
“In the current environment, the U.S. grid faces imminent danger from cyber attacks,” reads the report. “Widespread disruption of electric service because of a transmission failure initiated by a cyber attack at various points of entry could undermine U.S. lifeline networks, critical defense infrastructure, and much of the economy; it could also endanger the health and safety of millions of citizens.”
The increased networking of electrical grids worldwide is the weakest link in the U.S. power system. Although new networking allows for various time and money-saving features that make the day-to-day operations simpler, they also make it easier for the grid to be hacked.
“There’s the weak-link issue for the whole system,” Dr. Ernest Moniz, President Obama’s Secretary of Energy, told The Washington Post. “The reality is, for a lot of rural, smaller utilities, it’s a very difficult job to have the kind of expertise that will be needed in terms of cyber, so we suggest for example, grant programs to help with training, to help with analytical capacity in these situations.”
Researchers backed by the National Center for Policy Analysis found the U.S. electric grid was highly vulnerable to cyber-attacks from other countries and small terrorist groups. They also determined Texas was the only state dealing with the threat since it has a self-contained power grid.
Infecting industrial systems, such as power grids, with malware is so simple that there are 5-minute YouTube tutorials on how to do it. By overwhelming network links with traffic in a Distributed Denial of Service (DDoS) attack, Internet users or cyber-terrorists can remove the ability of utilities to communicate with their own electrical grids, effectively causing a blackout. The estimated price for 24 hours of consistent DDoS attack is a mere $40, making such attacks available to pretty much anybody.
A Freedom of Information Act request revealed that hackers successfully infiltrated the DOE’s computer system more than 150 times between 2010 and 2014. The DOE was targeted 1,131 times over the same period.
An electric industry group tied to the American government advised electrical utilities review their cyber defenses last January, according to a confidential document obtained by Reuters.
Cyber-attacks have already shut down Ukraine’s power grid using well-engineered malware called BlackEnergy, which disconnected electrical substations from the main power grid. The Ukrainian government has publicly blamed Russian-backed hackers for the attack, which left approximately 700,000 homes without power for several hours Dec. 23. Similar malware was used against Ukrainian media organizations during 2015 local elections.
Send tips to andrew@
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact [email protected].