9074511465?profile=RESIZE_400xThe world seems to be getting more perilous day by day.  Many nations are being hit with an epidemic fueled by a virus, but it is not COVID-19. Ransomware in the US has already raised the prices of beef and gas nationwide, and now federal officials are finally being more vocal and warning about cyber-attacks on public utilities.

Ransomware is malware that locks a computer until the user pays the hacker a ransom which is often demanded in the form of cryptocurrency or gift cards.  Hawaiian Electric (HECO) is no stranger to cyber-attacks.  HECO spends millions every year on cybersecurity, a number that is increasing by 20% annually as hackers get more sophisticated.

US and state elected officials are currently discussing federal cyber security following the crippling SolarWinds hack.  “Every single day we are repelling thousands of attacks and probes,” a HECO spokesperson said.  HECO adds that if an attack were to get through, staff would still be able to keep the power on with a manual system. That is extremely important because Hawaii is the home to several military bases.  “On Oahu, it’s not just about grid security, it’s about national security so we take that responsibility to keep the lights on for armed forces really seriously,” HECO said.   A retired Hawaii-based US Marine LT Colonel says nations like Russia and China have advanced attacks, as does the US, but the US offense is ahead of its defensive capabilities.  “The concern was that they had bots in our utilities, and they generally thought we had bots in their utilities, and there wasn’t so much mutually assured destruction but another MAD, which is Mutually Assured Dimming.  Which is if they turn off our lights, we turn off their lights.” The Colonel said.

The Hawaii State Energy Office (HSEO) oversees coordinating resources and responses between the energy sector and the government during an emergency. Hawaii’s power grid is isolated, unlike most states in America.  “Our grid does have it’s unique challenges because we cannot leverage a large bulk energy system and bring in power from other areas,” explained HSEO managing director. 

Hawaii is looking at participating in a national training exercise that takes place every two years.  “There is a biennual GridX exercise that is organized by the national Association of Regulated Utilities and so regulated utilities are invited to participate as participants in the grid exercise and that’s coming up this year and there’s a focus on cyber elements,” said an HSEO program manager. 

Targeting a victim is quite simple even though ransomware itself can be very sophisticated.  Whether it is a utility, big business or an individual, it usually just takes a click.  “You click on a link, suspicious link it appears to be legit and it directs you to a website where it uploads this ransomware,” says a cybersecurity.  He says to avoid any links from unknown senders. Even if the sender is familiar, check addresses to make sure that they match up with the name of the sender.  Be careful of what kind of USB drives go into a personal computer.

Employees can be trained to spot ransomware attacks and analysts say it is important that organizations train workers to spot suspicious emails and links.  They are only as secure as their least-trained employee, however.  “We could have the greatest technological defenses on all of these networks but the problem is as long as everybody who works for an organization has an email address the human is the weakest link on the inside of those defenses,” says a high level tech expert.

We are living in perilous cyber times and any country’s electric grid is a huge target.  An ounce of prevention is ALWAYS worth a pound of cure.  Red Sky Alliance strongly recommends ongoing monitoring from both internal and external perspectives.  Internal monitoring is common practice and very important, however, external threats are often overlooked and can represent an early warning of impending attacks.  Red Sky Alliance can provide both internal monitoring in tandem with RedXray notifications on external threats to include, botnet activity, public data breaches, phishing, fraud, and general targeting. 

Red Sky Alliance is in New Boston, NH   USA.     We   are   a   Cyber   Threat   Analysis   and   Intelligence Service organization.     For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.

Interested in a RedXray subscription to see what we can do for you?  Sign up here: https://www.wapacklabs.com/RedXray