There aren’t many instances of hackers targeting physical infrastructure, but the few that make themselves known tend to be quite catastrophic. Take, for example, the devastating cyber attack on the Ukrainian power infrastructure, which left thousands of citizens powerless. Now, several months later, authorities believe that other major countries could also become a target of similar attacks.
On December 23rd, 2015, workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn’t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it’s thought that these hackers were very meticulous and sophisticated in the execution of this attack.
The malware used in the attack, dubbed BlackOut, is known to be Russian in origin, but security analysts are hesitant to point fingers at any particular threat actor. Instead, it’s suggested that the attack was orchestrated by several different parties who were each responsible for various stages of the attack, and worked together to bring about the resulting blackout. This wasn’t an opportunistic attack; it was a carefully planned strike that could have led to much more damage than it did. Researchers believe that the attack was designed to, more or less, send a message, though the intent of the attack is unclear.
The threat of an attack on the United States’ infrastructure, though improbable, is a very real possibility that needs to be considered. Researchers found that, in all actuality, the systems targeted in Ukraine were more secure than the United States’ current assets. In order to shore up the possibility of such an attack happening stateside, the FBI has begun a campaign to raise awareness of this issue, which includes several briefings to inform electrical power companies of the risks that they face.
One of the major reasons why attacks like these could become more common is due to the aging infrastructure of the United States power grid. Digital security wasn’t nearly as necessary back then as it is now, and the infrastructure hasn’t adapted to the changing times. Naturally, it’s only a matter of time before an attack, opportunistic or not, occurs. In fact, it’s estimated that there are at least a dozen reported breaches of the power grid to this day.
What this indicates is clear enough; old technology components that aren’t designed for future threats can quickly become a liability and a risk to security. We recommend that, if possible, you always keep your organization’s infrastructure up to date with the latest technology solutions. This way, you can take advantage of powerful security measures that are designed to protect your systems from threats that could be particularly catastrophic.
What we recommend to your business is a Unified Threat Management (UTM) solution that combines several enterprise-level security tools in one convenient package. Organizations can effectively leverage proactive services, like a firewall, content blocking, and spam blocking, with reactive solutions like an antivirus that are designed to detect and eliminate potential problems. To learn more, give us a call at (610) 828- 5500.