Could cyberattacks knock out lights in the US?
Hackers likely linked to the North Korean government targeted a U.S. electricity company last month, according to a security firm that says it detected and stopped the attacks.
John Hultquist, director of intelligence analysis for FireEye, said Wednesday that phishing emails were sent to executives on Sept. 22. The attacks didn’t threaten critical infrastructure.
It’s the latest example of cyberespionage targeting U.S. energy utilities, though experts say such attacks are often more about creating a psychological effect. It’s easier to hack into a front-end computer system than tap into industrial controls.
Concerns about hackers causing blackouts have grown since cyberattacks in Ukraine temporarily crippled its power grid in 2015 and 2016.
One thing protecting the U.S. electricity grid from a largescale outage is that it’s segmented by region. Another thing is military might: Nation-state actors know that crossing the line from routine, long-term surveillance to a true attack on the grid could merit a powerful response.
Neither of those means those protecting critical infrastructure are doing enough.
“There are many reasons to target smart grids,” said Michael Daly, the chief technology officer for cybersecurity and missions at defense contractor Raytheon, based in Waltham, Massachusetts. “Nation-states can learn a lot by watching power usage.”
Or they could lay in wait, he said, with the aim of one day pulling the trigger and targeting a grid’s customers by slowing down power or cutting it off completely.
The latest attempted intrusion spotted by Milpitas, California-based FireEye was notable for its boldness, said Hultquist: The malefactors didn’t seem worried about being discovered.
That’s a sign that even if foreign governments aren’t yet interested, or capable, of turning out the lights in New York or Los Angeles, they might at least want to signal that they’re thinking about it. Or they might be laying contingency plans to cause disruption in case of conflict.
A concrete pole carrying feeder lines stands outside an electric company substation in the U.S. Hackers likely linked to the North Korean government targeted U.S. electricity grid workers in September.