Recent Electric Grid Articles

Security of the Electric Grid is an occasional interest of mine after I wrote a paper about the subject at National War College.  So here's some of the latest articles:

  • 9 March 2016 - Defense One Article - "The Ukrainian Blackout and the Future of War". This article goes into a bit of detail on the event, some Russian/Ukraine background, talks about the famous "green men" and postulates future scenarios.  The ESCC is quoted as saying the same cyber attack couldn't happen in the US (because they built in protections against that one cyber vector).

  • 4 March 2016 - Christian Science Monitor Article - "Protecting critical electric infrastructure from today’s cyberthreats". NOTE - this is sponsored content!  But related none-the-less.  This is the President of the Edison Electrical Institute talking about the Electricity Subsector Coordinating Council (ESCC) and all the things they do as a liaison organization.

  • 2 March 2016 - PC Mag article - "Update: Yes, Hackers Did Steal Your Taxes and Shut Off the Power".  This article is one of many that discusses the Ukraine cyber theft of IDs and the resulting blackout of cities.
  • 25 Feb 2016 - Department of Homeland Security ICS-CERT Report - "Alert IR-Alert-H-16-056-01, Cyber-Attack Against Ukrainian Critical Infrastructure".  Report that discusses the incident and mentions the known malware BlackEnergy could be related since its signature was on several systems.
  • 23 December 2015 - A cyber attack was conducted against Ukraine power, causing blackouts.
  • 21 December 2015 - AP Article - "AP Investigation: US power grid vulnerable to foreign hacks".  This is a long detailed article, apparently from a year-long AP investigation.  Among other things this article implies Iranian hackers gained access to passwords and engineering drawings of power plants.  
    • It's dubbed the Calpine breach, and there is debate on the actual value and ability to use the information stolen:
      • User names and passwords that could be used to connect remotely to Calpine's networks, which were being maintained by a data security company. Even if some of the information was outdated, experts say skilled hackers could have found a way to update the passwords and slip past firewalls to get into the operations network. Eventually, they say, the intruders could shut down generating stations, foul communications networks and possibly cause a blackout near the plants.
      • Detailed engineering drawings of networks and power stations from New York to California — 71 in all — showing the precise location of devices that communicate with gas turbines, boilers and other crucial equipment attackers would need to hack specific plants.
      • Additional diagrams showing how those local plants transmit information back to the company's virtual cloud, knowledge attackers could use to mask their activity. For example, one map shows how information flows from the Agnews power plant in San Jose, California, near the San Francisco 49ers football stadium, to the company headquarters in Houston.
    • It also briefly mentions other recent events over the years:  
      •  "In 2012 and 2013, in well-publicized attacks, Russian hackers successfully sent and received encrypted commands to U.S. public utilities and power generators; some private firms concluded this was an effort to position interlopers to act in the event of a political crisis. And the Department of Homeland Security announced about a year ago that a separate hacking campaign, believed by some private firms to have Russian origins, had injected software with malware that allowed the attackers to spy on U.S. energy companies."