‘Little Guys’ Play Big Part in Grid’s Cybersecurity
Don’t break into a cold sweat. You’re not being asked for your alibi. Besides, if you were in parts of the Northeast and Midwest United States, or parts of southeastern Canada, chances are you weren’t able to do much. On that day, power lines in Ohio tripped after coming in contact with overgrown trees, triggering an electrical overload that wreaked havoc on the U.S. power grid and led to the largest blackout in American history.
The effects of that epic blackout were widespread and costly. Approximately 45 million people across eight states and another 10 million in areas north of the U.S. border were without power. The estimated financial damage to the U.S. economy, based largely on lost productivity, was between $4 billion and $10 billion. Power was lost for up to two days. Paralysis, particularly in metropolitan areas, was instant. As CNN reported at that time:
“The outage stopped trains, elevators and the normal flow of traffic and life. In Michigan, water supplies were affected because water is distributed through electric pumps, a governor’s spokeswoman said.”
To think, it started with untrimmed trees. What kind of damage could a cyberattack do to a utility company or power plant whose systems use vulnerable security software?
It’s a frightening question, particularly if you read Electric Grid Vulnerability, a report released earlier this year by Congressmen Edward Markey (D-Mass.) and Henry Waxman (D-Calif.). The report’s executive summary doesn’t mince words, either. The opening sentences paint an alarming picture:
The last few years have seen the threat of a crippling cyber-attack against the U.S. electric grid increase significantly. Secretary of Defense Leon Panetta identified a “cyber-attack perpetrated by nation states or extremist groups” as capable of being “as destructive as the terrorist attack on 9/11.”
The report features its share of disturbing findings, and notes that:
- More than a dozen utilities reported “daily,” “constant,” or “frequent” attempted cyber-attacks ranging from phishing to malware infection to unfriendly probes. One utility reported that it was the target of approximately 10,000 attempted cyber-attacks each month.
- More than one public power provider reported being under a “constant state of ‘attack’ from malware and entities seeking to gain access to internal systems.”
- A northeastern power provider said that it was “under constant cyber-attack from cyber criminals including malware and the general threat from the Internet …”
- A midwestern power provider said that it was “subject to ongoing malicious cyber and physical activity. For example, we see probes on our network to look for vulnerabilities in our systems and applications on a daily basis. Much of this activity is automated and dynamic in nature – able to adapt to what is discovered during its probing process.”
There’s no debating the U.S. power grid is outdated and unequipped to handle the steady barrage of 21st century cyber threats. According to this report released in August by the Executive Office of the President, “The grid connects Americans with 5,800 major power plants” and “the average age of power plants is over 30 years.”
Talk about targets ripe for attack. Two researchers recently proved it, identifying 25 vulnerabilities in the products of critical infrastructure systems that leave servers controlling electric substations and water systems susceptible to crashes and hijackers. One made it possible to gain control of the master server and command the entire system. Another forced the server to continuously loop, which could halt data collection and result in operators unknowingly making decisions based on outdated information.
“The design of the grid never addressed cybersecurity,” Joe Weiss, widely regarded as an expert in cybersecurity of industrial control systems, recently told energy industry watchdog Utility Dive. “It’s really that simple. They accounted for reliability, safety, flexibility, interoperability and physical security – but not cybersecurity.”
And that’s where utilities of the small to mid-sized business mold come into play. Many think they are too small to be a hacker’s target, and therefore fail to properly secure their IT and operational systems. Hackers feed on this philosophy, using the “little guy” as the entry point to the big stations.
For this reason, a comprehensive network security solution is critical. Key features include:
- Patch management – Security breaches most often result from missing network patches. Automated patch management frees you from the time-consuming (albeit critical) task of keeping the machines on your network protected with up-to-date patches.
- Vulnerability assessment – Scanning your operating systems, virtual environments and installed applications through vulnerability check databases enables you to discover threats early and address them before they cause problems.
- Centralized network auditing – Visibility into the state of your network is extremely valuable. A thorough understanding of installed applications, mobile devices with server connectivity, open ports, and much more, goes a long way to thwarting threats.
A well-executed cyberattack on the U.S. power grid could disrupt the delivery of food, fuel and water. It could cripple the economy and jeopardize national security. For small utilities, ensuring their systems are secure is more important than ever.
Learn more about how your business can benefit from superior network security software today.