"They went after our gas and they went after our hot dogs. No one is out of bounds here. Everyone is in play here," warned Christopher Krebs, former director of cybersecurity at Department of Homeland Security. From natural phenomena to cyberattacks like the massive SolarWinds operation and recent attack on the Colonial Gas Pipeline, security experts warn it is clear that most businesses and key infrastructure like power grids across this country are pitifully unprepared to meet such threats.
US lawmakers are worrying that means hackers could be just a few keystrokes away from turning the lights out in cities around our country. A US Representative recently exclaimed that, "We are certainly vulnerable across the board to natural and man-made threats to our electrical grid system that could render it unrepairable in our lifetime." The Congressman is especially concerned about an Electronic Magnetic Pulse or EMP attack against the grid. "It entails simply one small nuclear weapon being detonated above the central part of the United States, over Nebraska, Kansas area that would create a pulse from coast to coast, from border to border, that would totally annihilate our electric system," he explained.
A former CIA intelligence officer who sits on the US Department of Homeland Security's EMP Task Force released a report this past week concluding that North Korea is now in possession of EMP weapons so strong that no electric grid could survive such an attack. "North Korea almost certainly has developed super EMP weapons," he reported.[1] "These are nuclear weapons that are specialized to produce extraordinarily powerful electromagnetic pulse effects and it would make it, along with Russia and China, one of the few nations in the world that has these weapons."
One southwestern US city, San Antonio Texas, is leading the US efforts to defend against such electromagnetic threats. The US Air Force's Joint Base San Antonio, along with teams of researchers, scientists, and security experts are studying grid vulnerabilities and deploying measures to protect them from getting cooked. For obvious security reasons the military command will not divulge specifics, but they says their goal is, "to really look across the board at training, education and the technologies that are going to help make the electrical grid both resilient to attack but also able to recover more quickly."
Meanwhile, electric grid operators in some regions of the country are also heeding warnings to prepare for solar storms and sunspots blasting particles into space called Coronal Mass Ejections or CME. The US National Oceanic and Atmospheric Administration or NOAA maintains a direct line with all the electric companies in the event of a geomagnetic eruption. "When we see one of these large eruptions occurring in the sun, what we call Coronal Mass Ejection, coming towards Earth, we initiate this hotline call and we make communication with essentially the entire grid, owners and operators across the nation," says the program coordinator at NOAA's Space Weather Prediction Center. Researchers with the US Geological Survey released a map last year showing grid systems in the Midwest and Eastern Seaboard that are particularly vulnerable to solar storms. NOAA says electricity operators are now constantly assessing areas of vulnerability. "If there's vulnerability in certain equipment, maybe they can modify that equipment, the manufacturing of that equipment, to make it hardened, to make it better protected against a geomagnetic storm," reports NOAA. "There are many different actions they can take to ensure that the grid stays up and running during these big geomagnetic storms."
Many of the world’s electricity systems were not designed or built with the thought of being protected against cyber threats or EMP attacks. "The systems themselves are very antiquated, they are very old, security is very difficult to do on these type of devices and we've seen in prior attacks where Russia has infiltrated our power grid from a military preparedness perspective which means in the event there's a conflict could Russia impact our grid," said a cybersecurity expert and founder of TrustedSec and Binary Defense Systems. The researcher is a former NSA hacker and said only a few of these electric grids are even prepared to handle today's level of hacking sophistication, especially those attacks coming from China. "China is very pressing because they have a very long term view, they are very focused on intellectual property theft as well as their military capabilities from a cyber warfare perspective, I mean, they are handing it to us here in the United States from a cyber warfare perspective and they are definitely scary," he told media sources.
The energy industry is the third most targeted critical infrastructure sector for cybercriminals, behind only finance and manufacturing. And according to the US Energy Department, hackers now have the capability to shut down America's power grid. "There are very malign actors who are trying, even as we speak, there are thousands of attacks of all aspects of the energy sector and the private sector generally, it's happening all the time," Secretary of Energy Jennifer Granholm told CNN. Studies regarding costs run the scale from more than $25 billion to protect the grid to as much as $7 trillion to upgrade and modernize the US grid system. Russia proved to the world, electric grids can be shut down, with the shut down of the Ukrainian system several years ago. A recent survey from the non-partisan group Protect Our Power showed a majority of US citizens support more federal funding to secure our nation's electric grid ahead of a potential catastrophe. "As is so often the case when we face challenges or threats on the horizon we are better off dealing with it before it hits as opposed to after it hits," Protect Our Power said.
Shutting down any country’s electric grid would be devastating and is a true national security threat. Regarding cyber threats, the protection of IT and operating technology, or OT is a cyber security necessity. An ounce of prevention is ALWAYS worth a pound of cure. Red Sky Alliance strongly recommends ongoing monitoring from both internal and external perspectives. Internal monitoring is common practice and very important, however, external threats are often overlooked and can represent an early warning of impending attacks. Red Sky Alliance can provide both internal monitoring in tandem with RedXray dark web notifications on external threats to include, botnet activity, public data breaches, phishing, fraud, and general targeting.
Red Sky Alliance is in New Boston, NH USA. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.
Interested in a RedXray subscription to see what we can do for you? Sign up here: https://www.wapacklabs.com/RedXray
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
[1] https://www1.cbn.com/cbnnews/us/2021/june/experts-warn-cyber-hackers-emp-attacks-and-solar-storms-could-annihilate-our-electric-system