AP Investigation: U.S. Power Grid Vulnerable to Foreign Hacks

WASHINGTON – About a dozen times in the last decade, sophisticated foreign hackers infiltrated the operations networks that control the United States’ power grid, according to an investigation by The Associated Press.

The AP’s investigation tells the story of security researcher Brian Wallace, who was on the trail of hackers who had snatched a California university’s housing files when he stumbled upon the far more ominous power grid cyber breach.

RELATED: Threats to Power Grid Challenge Industry to Secure Alarm Communications

Digital clues pointed to Iranian hackers. And Wallace found that they had already taken passwords, as well as engineering drawings of dozens of power plants, at least one with the title “Mission Critical,” according to top experts who spoke to AP only on condition of anonymity due to the sensitive nature of the subject matter.

The drawings were so detailed that experts say skilled attackers could have used them, along with other tools and malicious code, to knock out electricity flowing to millions of homes. The breach, the AP reported, was not unique.

The public almost never learns the details about these types of attacks – they’re rarer but also more intricate and potentially dangerous than data theft. Information about the government’s response to these hacks is often protected and sometimes classified; many are never even reported to the government.

These intrusions have not caused the kind of cascading blackouts that are feared by the intelligence community. But so many attackers have stowed away in the systems that run the U.S. electric grid that experts say they likely have the capability to strike at will.

And that’s what worries Wallace and other cybersecurity experts most.

“If the geopolitical situation changes and Iran wants to target these facilities, if they have this kind of information it will make it a lot easier,” Robert M. Lee, a former U.S. Air Force cyberwarfare operations officer, told AP.

In 2012 and 2013, in well-publicized attacks, Russian hackers successfully sent and received encrypted commands to U.S. public utilities and power generators; some private firms concluded this was an effort to position interlopers to act in the event of a political crisis, the AP reported. And the Department of Homeland Security announced about a year ago that a separate hacking campaign, believed by some private firms to have Russian origins, had injected software with malware that allowed the attackers to spy on U.S. energy companies.

“You want to be stealth,” Lillian Ablon, a cybersecurity expert at the RAND Corp., told AP. “That’s the ultimate power, because when you need to do something you are already in place.”

SURVEY: Utilities Struggle to Detect and Deter Physical Security Threats

The hackers have gained access to an aging, outdated power system. Many of the substations and equipment that move power across the U.S. are decrepit and were never built with network security in mind; hooking them up to the Internet over the last decade has given hackers new backdoors in. Distant wind farms, home solar panels, smart meters and other networked devices must be remotely monitored and controlled, which opens up the broader system to fresh points of attack.

Hundreds of contractors sell software and equipment to energy companies, and attackers have successfully used those outside companies as a way to get inside networks tied to the grid, according to AP.

To read the full report, click here.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

Hardening Access Control With Biometric Multi-Factor Authentication (MFA)

On the RISE: Jonah Azarcon, Project Manager at M.C. Dean, Shares Her Journey

The Evolving Role of AI Embedded Cameras

i-PRO Now Supports Genetec Security Center SaaS