Key infrastructures are in the crossfire of cyberwarfare. Growing threats and sophisticated nation-state attacks backed by North Korea, China and Russia jeopardize public safety and national security. Which one is the bigger threat?
The US has already sanctioned against Russia for its involvement in NotPetya attacks, while this spring the FBI again warned that Russia-sponsored hacker groups were actively targeting the country’s critical infrastructures. China is not only suspected of breaching Marriot hotels, but also allegedly selling technology to Iran and trying to spy on the US and Australian government through tiny sensors. North Korea, in particular the Lazarus hacker group, has turned out to be responsible for the notorious, largest so far, the WannaCry ransomware infection, as well as attacks on the Bangladesh Central Bank and Sony Pictures Entertainment, plus a number of other banks in a three-year span. The country may currently be the number one threat to the US power grid.
What would happen if a cyberattack and a natural disaster both hit the US utility sector at the same time? The consequences of a major blackout would be catastrophic because the US government still lacks a clear, solid contingency plan, says a report by the President’s National Infrastructure Advisory Council (NIAC). An attack could incapacitate the entire country for months, leave it without even the most basic services such as power, food, water, transportation and healthcare.
There is a strong need for an obvious shift in national focus that requires firm collaboration between government organizations and the public and private sectors. 48 percent of CEOs leading power and utilities companies share government concerns about the gravity of an attack on critical networks, saying a cybersecurity attack on their infrastructure is inevitable, according to KPMG.
The utility sector is a “prime target for terrorists,” but judging by current efforts and strategy, the report warns that the US would not be able to thwart “a catastrophic power outage of a magnitude beyond modern experience, exceeding prior events in severity, scale, duration and consequence.”
The government must join forces with different stakeholders in industry to ensure it is properly prepared to handle two simultaneous attacks of different origins. Following extensive reviews, for now, the report says, the country can only properly handle a low-scale, short-term attack on its electrical grid and is seriously unprepared for a more serious attack.
“Significant action is needed to prepare for a catastrophic power outage that could last for weeks or months,” the report found. “Although emergency authorities are understood at a high-level, how they are implemented in practice is unclear. There is a better understanding for physical events that are more frequently practiced, but it is less clear for cyber-physical events and larger-scale disasters.”
The global increase in malicious cyber activity on grid security prompted the US Department of Energy to invest $28 million in 11 projects developing cybersecurity technology to reduce vulnerabilities.