12 August 2018

Why small cyberattacks on power systems more likely than a long-running blackout

By: Justin Lynch   

Attacks on American power systems are likely to be small and localized, according to a cybersecurity firm, casting doubt on the ability of a foreign power to take down broad swaths of U.S. electric systems at once. Given current technology it is not reasonable to expect an enemy to shut down large portions of the U.S grid., but hackers do have the ability to target an individual location, Joe Slowik, an adversary hunter at the cybersecurity firm Dragos, told Fifth Domain at the Black Hat conference. “I might not be able to turn off the eastern seaboard, but if I want to cause a power blip in Washington D.C., that is feasible,” Slowik said.


His cautions come after a series of warnings from the U.S. government regarding the potential for attacks on the power infrastructure.

"Think about New England in January, the grid going down for three days. A lot of people are going to suffer and die,” Director of National Intelligence Dan Coats said during a July 13 event at the Hudson Institute.

But researchers from Dragos cast doubt on the notion attacks on the electric grid could be widespread. The firm conducts research into electric grid vulnerabilities and tracks cyber-threats.

Any hack will likely focus on “'localized short-term effects,” Sergio Caltagirone, director of threat intelligence at Dragos told Fifth Domain. He emphasized that discussions of attacks on “the grid” are far fetched because they are technically complicated to accomplish.

An attack on one small target could have the same impact as a large attack, Caltagirone said, because its sows distrust and fear. Caltagirone was clear on the type of hacks that are most likely to continue.

“Localized. Short-term. Effects.”

No comments: