New Cyberweapons Heighten Grid Concerns

The threat level against grid assets and Internet of Things (IoT) devices keeps rising—or at least we are witnessing a heightened sense of potential disasters. The latest eye opening news was the revelation, or perhaps better put, the confirmation that Russia has developed a cyberweapon that can disrupt power grids—which is not all that surprising considering the suspicious blackout reported last year against the grid in Ukraine.

CrashOveride

Researchers say the Russian malware—known as CrashOveride—is a cyberweapon that could be modified and then deployed against the US electrical grid or the grids of other Russian adversaries. One cybersecurity expert called the latest news a game-changer, while another expert says the latest information connects to an ongoing Russian effort that at one point targeted US industrial control systems in 2014.

The potential threat to the US grid has reached the highest levels of the government. President Trump met recently with leaders from the energy sector and experts in the field of cybersecurity to address the issue and to reiterate his plea for improving the cooperative work between the public and private sectors to protect critical infrastructure like the grid. The meeting followed the president’s May executive order, which in part called for an assessment of how prepared the country is should a significant cyber attack cause prolonged power outages.

Little Known Nuclear Site Intrusion

While the Russian cyberweapon story captured headlines, a lesser known threat against US nuclear power generation sites has surfaced. Officials are investigating a cyber intrusion affecting several nuclear power sites, according to E&E News. Details are few, but officials have confirmed they are unpacking a secretive cyber event code-named Nuclear 17. There is no evidence nuclear energy assets were compromised, but such a cybersecurity breach at closely guarded nuclear reactors would appear to indicate an escalation of hackers’ abilities to probe such sensitive infrastructure.

In the IoT world, no new major attacks have been reported, but the threat against connected devices remains relatively high. One noted expert believes the situation is worse than most people think. We are “one disaster away from government doing something,” says Bruce Schneier, CTO of IBM Resilient, a fellow at Harvard’s Berkman Center and a board member of Electronic Frontier Foundation. He argues that IoT industry stakeholders need to help shape smart regulations or run the risk of operating under stupid government rules. His point is well taken, and aligns with what I’ve said in a previous blog about stakeholders focusing on strong security measures. It’s a way to keep systems and people safe and to shape best practices that regulators could view as a framework for reasonable or smart IoT regulations.

Pay Attention, Don’t Panic

Given where we are with cyber attacks, whether against grid assets or IoT devices, we should be concerned, but I see no need for panic. As bad actors with increasingly powerful tools come to light, there is a clear need for stepped up action by grid operators, technology vendors, and regulators. Presumably, important action is taking place behind the scenes. But it would be comforting to know with more certainty that government and industry stakeholders are cooperating and pushing real measures to minimize the risks to the grid and to people.