US Lawmakers and security experts have expressed disappointment that US President Joe Biden’s $2.25 trillion infrastructure plan does not include funding to protect vital facilities against the growing threat of cyberattacks. This infrastructure package failed to provide money to defend critical systems, such as the US power grid, against hackers, according to media sources last week. “Any critical infrastructure modernization must take cybersecurity into account from the start,” said the OT division of cybersecurity group Tenable. “As we become more and more reliant on the electric grid, increasingly advanced adversaries are looking to disrupt our way of life in any way possible, including by attacking our most critical infrastructure.”
Biden’s plan did include $100 billion for improving grid resiliency, the creation of new jobs, and developing more clean electricity, but nothing specifically for security measures. “It is a bit of an eyesore of not seeing a more prominent listing of cybersecurity in this, but I think there will be more to come,” said Energy Security Solutions at Fortress Information Security, which works with grid operators. Capitol Hill officials have warned that foreign adversaries were actively attempting, and have the ability, to disrupt the power grid during the COVID-19 pandemic.
A senator from Wyoming who sits as the ranking member on the Senate Energy and Natural Resources Committee, criticized numerous aspects of Biden’s plan, including the lack of specific cyber funding. Protecting the grid has become an increasing concern as hackers in recent years have intensified efforts to target critical systems. The former Director of Intelligence recently compiled the 2019 Worldwide Threat, which found that Russia, China, and Iran all were capable of launching cyberattacks that “cause localized, temporary disruptive effects on critical infrastructure.” A report last month by the Government Accountability Office (GAO) said US systems were increasingly vulnerable to cyberattacks. The country’s power grid has suffered disruptions in recent years, due to a 2019 cyberattack on an undisclosed Western utility, and because of frigid temperatures this past February that caused millions in Texas to lose power.
The executive director of Protect Our Power, said his organization is urging the administration to invest between $20 billion and $25 billion in cybersecurity for the grid and explained these networks are “attacked millions of times per day. I think it is absolutely an essential part of any infrastructure plan. The reality is the tragedy that we witnessed in Texas a short time ago thankfully only lasted a week, week and a half … but if the grid goes down, we’re looking at months, maybe God forbid even a year. So, electricity plays a critical role in the functioning of our society.” Although the infrastructure proposal did not include specific cybersecurity funds, administration officials said Biden soon will sign an executive order that will include actions to improve the security.
The latest COVID-19 relief bill included $650 million for the Cybersecurity and Infrastructure Security Agency (CISA), along with other funding for technology modernization. Bloomberg News reported the current US Energy Secretary and other administration officials informed top utility executives last month on a new plan to defend the US grid from cybersecurity threats. Bipartisan senators on the Senate Energy and Natural Resources Committee sent the Secretary a letter last month urging her to prioritize cybersecurity of the grid. “The reliability and resilience of the electric grid is critical to the economic and national security of the United States,” said several lawmakers. Some in Congress are saying that “securing our critical energy infrastructure is one of the most pressing national security issues facing our nation. There is strong bipartisan agreement that protecting the electric grid and other critical infrastructure is of paramount importance and must be a key component of any plan.”
Red Sky Alliance has been has analyzing and documenting these type of cyber threats for 9 years and maintains a resource library of malware and cyber actor reports available at https://redskyalliance.org at no charge. Many past tactics are often dusted off and reused in current malicious campaigns – which target many country’s infrastructure. Red Sky Alliance can provide actionable cyber intelligence and weekly black-lists to help protect your network.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or firstname.lastname@example.org
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings