The Power Grid Is Far More Vulnerable to Cyber Attacks Than Most People Realize
In December of 2015, 230,000 people in Western Ukraine lost power after 30 substations were mysteriously shut off. Contrary to what most people assumed at the time, this wasn’t an innocuous power outage. The authorities would later admit that the loss of power was caused by a cyber attack, which marked the first time that malware was successfully used to attack a power grid. A similar, albeit more sophisticated cyber attack, occurred one year later just outside of Kiev. Given the current tensions between Russia and Ukraine, it’s widely believed that the Russian government was responsible for these incidents.
However, there’s more to this story than meets the eye. A computer security company has been investigating these attacks, and has discovered the malware that was used to take down the grid. They’ve found that it’s far more dangerous and easier to use than anyone realized before.
The danger of the malware is that it can automatically trip the breakers within a power system that keep the electrical lines from being overloaded. If one breaker is tripped, the load is shipped to another portion of the power grid. If enough are tripped, in the right places, it’s possible to create a cascading effect that will eventually overload the entire system, said Weatherford, who was formerly the chief security officer at the North American Electric Reliability Corporation, the regulatory authority for North American utilities.
“In some cases, it could then take days to restart all the plants,” he said.
Two things stand out about the malware, dubbed “Industroyer” by the researchers — it’s an order of magnitude easier to use than previous programs and it wasn’t actually deployed to do any real damage, meaning whoever’s behind the December attack might simply have been testing the waters.
…click on the above link to read the rest of the article…
