THE REAL THREAT OF A CYBERATTACK
The power grid is the lifeblood of the American infrastructure, and even minor hiccups can quickly to lead major disruptions. In 2003, power lines simply brushing against tree branches quickly cast more than 50 million people into darkness. Is the U.S. ready for a cyber-attack?
• While there has never been a significant, successful cyber-attack on the U.S. infrastructure, many say that the threat is growing.
• In a 2013 congressional report on grid vulnerability, more than a dozen utilities reported “daily”, “constant” or “frequent” attempted cyber-attacks, including phishing and malware infection, with one reporting approximately 10,000 attempts per month.
• This spring, officials told The New York Times about a new wave of attacks on energy companies originating in the Middle East, while the Department of Homeland Security testified that it processed 68 per cent more cyber incidents involving our government and infrastructure in 2012 than in the previous year.
• The Obama administration has accused China’s military of attacking American government computer systems.
• With 70 per cent of the transmission lines and power transformers more than 25 years old and the average age of power plants more than 30 years old, the U.S. infrastructure is aging. At the same time, it is asked to do more.
• According to a Bloomberg Government survey, energy companies would have to increase their investment in cyber security by more than seven times current spending levels in order to reach an ideal level of protection.
• This November, more than 200 utility companies and government agencies spanning the United States, Canada and Mexico will conduct a large-scale power grid security exercise to try to find out just how ready we are.
REAL ATTACKS, REAL CONSEQUENCES
• In August 2013, The New York Times’ website was the target of a cyber-attack by a group believed to be the Syrian Electronic Army, a pro-Assad hacker group. That group previously hacked the Associated Press’s Twitter account to falsely report an explosion near the White House. This led to a drop in the Standard & Poor’s 500 Index that temporarily wiped out more than $100 billion USD in market value.
• In the same month, at least three United States banks lost millions of dollars after attackers gained control of wire transfer payment applications.
• A March 2013 attack by a Dutch Web-hosting firm on the anti-spam organization Spamhaus impacted Internet speeds around the world, particularly in Europe.
• In 2007, programmers hired by the Department of Homeland Security gained remote access to a power station generator, spinning a turbine out of control as part of a system security test.
• As early as 2005, American and Israeli officials deployed a computer worm that contaminated the Iranian uranium enrichment process by burning out centrifuge motors. Believed to be America’s first sustained use of cyber weapons, Stuxnet is a computer worm designed in partnership with Israel that targeted uranium enrichment facilities in Iran.