by Mac Slavo, SHTF Plan: It may only be a matter of time before the power grid in the United States, which is far more vulnerable to hacking than most people realize, suffers from a catastrophic cyber attack. We know this, because there is already evidence that unknown hackers have been targeting companies that run power plants throughout the country. According to the FBI and Homeland Security, in May hackers made their way into computer systems related to a dozen power plants, including the Wolf Creek nuclear power plant in Kansas.
However, it doesn’t appear that any damage was done, and the hackers didn’t gain access to the controls for the power plants. They only infiltrated systems that were “limited to administrative and business networks.” So what were these hackers going after? According to the experts, these cyber attacks may have been a dry run for a future attack that could have a far more devastating effect.
The intruders could be positioning themselves to eventually disrupt the nation’s power supply, warned the officials, who noted that a general alert was distributed to utilities a week ago. Adding to those concerns, hackers recently infiltrated an unidentified company that makes control systems for equipment used in the power industry, an attack that officials believe may be related.
The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek — owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. — on a lake shore near Burlington, Kansas.
The possibility of a Russia connection is particularly worrisome, former and current officials say, because Russian hackers have previously taken down parts of the electrical grid in Ukraine and appear to be testing increasingly advanced tools to disrupt power supplies.
Though the government thinks Russia is responsible, they have yet to find any proof linking the attack to any particular nation (gee, where have we heard that before?). Regardless of who is responsible, these cyber attacks have some alarming traits.
Homeland Security and the FBI sent out a general warning about the cyberattack to utilities and related parties on June 28, though it contained few details or the number of plants affected. The government said it was most concerned about the “persistence” of the attacks on choke points of the U.S. power supply. That language suggests hackers are trying to establish backdoors on the plants’ systems for later use, according to a former senior DHS official who asked not to be identified.
Those backdoors can be used to insert software specifically designed to penetrate a facility’s operational controls and disrupt critical systems, according to Galina Antova, co-founder of Claroty, a New York firm that specializes in securing industrial control systems.
“We’re moving to a point where a major attack like this is very, very possible,” Antova said. “Once you’re into the control systems — and you can get into the control systems by hacking into the plant’s regular computer network — then the basic security mechanisms you’d expect are simply not there.”
Clearly, someone is trying to learn the ins and outs of our power grid, so they can exploit any weaknesses for a future cyber attack that could gain access to the control systems of our power plants. Obviously, the results of that kind of attack could devastating, if the hackers decided to turn the power plants off, and leave large swaths of the country without electricity.