If you think the pandemic caused economic chaos with our supply chain, just wait until you see what hackers can do when they get into America’s power grid.
Several U.S. federal government agencies put out a warning recently that our industrial control system (ICS) is the target of hackers using malware to mess with the systems. These devices are critical to the country’s infrastructure.
Warnings about this issue were released on April 13 and they came from the following agencies: The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI).
Hackers can use tools that can scan, compromise, and control ICS devices. And these devices are relatively easy targets for hackers because they were designed without a focus on security.
Mike Parkin, the senior technical engineer at Vulcan Cyber, said, “That makes them an inviting target for attack, since once the attackers get into the environment, they’ll find it reasonably easy to take over the ICS and other similar devices. This is one of the reasons ICS, SCADA, and IoT devices need to be deployed with compensating controls in place.”
Targeting these industrial control systems will result in disrupted supply chains, but it will also affect power and energy systems that are crucial to emergency services and even national defense.
Brian Contos is chief security officer of Phosphorus Cybersecurity, he recently said in an interview, “This is a powerful capability for a nation-state or non-state entity such as a criminal organization or terrorist group to have.”
It’s clear that an attack on an ICS would potentially shut down a power grid that covers a massive amount of people and it would impact their safety and the economy.
One expert indicated that if an organization wanted to defend against these kinds of attacks, it would have to follow the recommendations of CISA and implement continuous monitoring. They would have to segment OT from IT networks so that it would be more difficult to move from one network to another.
Unfortunately, the bad actors hacking in this way seem to have significant financial resources and it is very difficult to find out where they are located. It is tricky to tell whether the hacker is Russian, for instance, or whether the hacker just wants you to think they are in Russia.
The real threat is not from those who are trying to steal information but from bad actors who are focused on disruption and even destruction. The for-profit hacker is usually a lone wolf, but those who are bent on destruction are fluid and they work together.
Experts agree that it is important to realize that the people who have the needed information to stop this threat are not willing to take about it, and that means the information that we do have is just speculation. What is out there today is the knowledge that people have been gaining for years and their agenda is to leverage infrastructure for their dangerous purposes.
The hacker’s purposes range from financial gain to political motivation. But some are seeking industrial espionage and a competitive advantage in the industry.
The biggest threat to America today comes from well-financed state or state-sanctioned groups. The warning from federal agencies does not specify which groups around the world are responsible, but most agree that it’s “the usual suspects” involved in creating the malware.
The focus is always on the Russians, but those responsible could very well be living right here in America. The truth is that a number of countries have created ICS malware, including the United States.
It’s probably not a question of “if” anymore, but “when.” There is likely greater chaos ahead, not just in our supply chain, but in our power and our defense.