On Wednesday, US law enforcement officials revealed a series of cyber attacks in which ISIS attempted to sabotage the American electrical system. The disclosure was given at a conference of American energy firms which were meeting about national security concerns.
Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security, warned company executives that “ISIS is beginning to perpetrate cyber attacks.”
According to investigators, who would not reveal specifics, the attacks by the Islamic State have been unsuccessful. The reason given for this was that the systems which cyberterrorists are currently using are not the most sophisticated hacking tools on the market.
John Riggi, a section chief at the FBI’s cyber division, called this a situation of “strong intent, but thankfully, low capability.” However, Riggi said, he worries that this will not always be the case, adding, “The concern is that they’ll buy that capability.”
Hacking software is already available in most countries on the black markets, and various mafias have already made use of this technology to break into companies and steal large databases of information which they then sell to fraudsters.
Currently the FBI’s most immediate worry is that the Islamic State or one of its supporters will buy malicious software which can sneak into computers and destroy electronics, causing a loss of data, or, in a worst-case scenario, an economic crisis. Such an attack on power companies’ software or systems could in theory disrupt the flow of energy to a portion of US homes and businesses.
Riggi added that the US electrical system as a whole isn’t likely to go down from just one attack, saying that it would take a large and expensive team of highly technical spies to understand the layout of computers and machines at an energy company. Following that, it would take “stellar hackers” to sneak into the system and sabotage it.
According to Riggi, “The likelihood of a hack taking out the entire US energy grid – or even a section of it – is extremely low. The grid isn’t as uniform and connected as people might believe. Currently, it’s a chaotic patchwork of ‘grids’, each with different types of machines and software that don’t smoothly coordinate or communicate with each other.”
Mark Lemery, a critical infrastructure protection coordinator who helps coordinate defenses against attacks in Utah, said at the conference, “There’s an equal threat from domestic terrorists and hate groups as well as those from abroad. They’d love to do damage, but they just don’t have the capability.” He added, “Terrorists have not gotten to the point where they’re causing physical damage.” The danger remains, however, that rogue agencies could develop or purchase the technology to cause harm.