Three months ago, the Department of Homeland Security downplayed the threat of a cyber attack against the U.S. electrical grid. But today, the DHS and the FBI are warning of the possibility of a damaging cyber attack.
The nationwide campaign by DHS and the FBI began March 31 and includes 12 briefings and online webinars for electrical power infrastructure companies and others involved in security, with sessions in eight U.S. cities, including a session next week in Washington.
The efforts by the DHS and FBI are based on unclassified briefings entitled, “Ukraine Cyber Attack: Implications for U.S. Stakeholders,” and are based on work with the Ukrainian government in the aftermath of the Dec. 23 cyber attack against the Ukrainian power infrastructure.
Security researchers have concluded the attack was carried out by Russian government hackers based on the type of malicious software, called BlackEnergy, that was detected in the incident.
The Obama administration has adopted an approach that seeks to play down foreign national security threats under conciliatory foreign policies pursuing warmer relations with states such as Russia, China, and Iran.
The DHS report, however, contrasts sharply with recent statements by Adm. Mike Rogers, commander of the Cyber Command, who warned recently that a major cyber attack by nation-states against critical infrastructures poses a major security threat.
“It is only a matter of the ‘when,’ not the ‘if’—we’re going to see a nation-state, group, or actor engage in destructive behavior against critical infrastructure in the United States,” Rogers, who is also director of the National Security Agency, said in a speech March 2.
Rogers described the Ukraine cyber attacks as “a well-crafted attack” that temporarily disrupted electrical power in Ukraine.
The four-star admiral said the cyber attack also included the use of sophisticated monitoring of how Ukrainian authorities reacted to the attack. The attackers then took additional cyber measures designed to slow down the process of restoring electrical power, he said.
On Dec. 23, the Ukrainian power provider Prykarpattyaoblenergo, in the western Ukrainian region of Ivan-Frankivsk, was hit by a large-scale breakdown that left 200,000 people in the region without power for several hours.
“A unique feature of BlackEnergy 3 is its KillDisk function, enabling the attacker to rewrite files on the infected system with random data and blocking the user from rebooting their system, rendering it inoperable,” the report said. “The virus also searches victim computers for software that is primarily used in electric control systems, indicating a potential focus on critical infrastructure systems.”
The State Department report said some analysts believe power failures from malware cyber attacks “could entice nation-states and other nefarious threat actors to execute similar cyber attacks in the future.”
Sign up to get alerts about Dennis Michael Lynch's upcoming Donald Trump film and breaking news.
TRUMP WILL REGAIN MOMENTUM