Iran's Threat to our Grid and PROTECT
image credit: ID 63284462 © Wollertz | Dreamstime.com
- Jan 10, 2020 10:56 pm GMT
- 540 views
Sorry to pile onto the Iran media frenzy, but this story seems to relevant to EC to pass up.
A recent article in WIRED details how an Iranian state-sponsored hacking unit has been harassing the States’ grid for the past year.
The articles author, Andy Greenberg, dives into the groups’ discovery and tactics, writing: “On Thursday morning, industrial control system security firm Dragos detailed newly revealed hacking activity that it has tracked and attributed to a group of state-sponsored hackers it calls Magnallium. The same group is also known as APT33, Refined Kitten, or Elfin, and has previously been linked to Iran. Dragos says it has observed Magnallium carrying out a broad campaign of so-called password-spraying attacks, which guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms.”
The positive side of this news clip is that it seems fears of what Iran could do to our grid, as retaliation for the assignation of Maj. Gen. Qassim Suleimani, may have been overblown. Basically, Iran had already been trying to damage the grid and was not able to do so.
Greenberg explains: “Dragos declined to comment on whether any of those activities resulted in actual breaches. The report makes clear, though, that despite the IT system probes they saw no sign that the Iranian hackers could access the far more specialized software that controls physical equipment in electric grid operators or oil and gas facilities. In electric utilities in particular, digitally inducing a blackout would require far more sophistication than the techniques Dragos describes in its report.”
However, despite the group’s failure to deliver a big hit, it’s still possible they’ve identified vulnerabilities, and it would be naif to assume Magnallium will remain as ineffective forever. Greater sophistication on their end moving forward could allow them to take advantage of those same vulnerabilities.
Still, some grid experts aren’t so concerned. Jim McIntosh, who was director of grid operations from 2000 to 2009 at the California Independent System Operator, was quoted by the San Diego Union-Tribune saying: ““We spend a lot of time, money and energy to harden the system so this doesn’t happen … And the system is broken up into a lot of pieces. We can isolate areas very readily and keep control of the system. So it’s a very difficult task to take the grid down — very difficult.”
Luckily, as I wrote about a few weeks ago, the government is not asleep at the wheel when it comes to cyber security for our utilities. In early December, the Senate Energy and Natural Resources Committee pushed through legislation that would invest $250 million into our grid’s cyber defense systems from 2020-2024. The bill, dubbed the Protecting Resources on the Electric Grid with Cybersecurity Technology (PROTECT), would make such funds possible through a federal grant program designed to help small utilities harden their cyber protection mechanisms. In addition to forking over cash, the program, headed by the Energy Department, would give recipients technical help in detecting, responding to and recovering from cyber breaches.