Iranian hackers were successful in opening network pathways among US power grids, making the entire country susceptible to a cyber attack, the Associated Press has revealed in a startling new report.
Over the last decade, almost a dozen foreign hackers have successfully gained enough remote access to the US power grid to cause total blackouts. While the public rarely hears of these cyber attacks, the government’s response to them are highly intricate and more often than not, classified.
Although the Iranian hacking incident is worrying, it is not unique. In 2012 and 2013, Russian hackers sent and received encrypted commands to US power generators and public utilities. In separate hacking campaigns, the Department of Homeland Security revealed that Russian hackers had planted malware in private US energy companies that allowed them to engage in espionage.
According to experts who wished to remain anonymous due to security issues, the Iranian cyber attackers gained enough power to control the entire operational capability of the US power grid.
These same experts predict that while the nationwide blackouts most feared by the intelligence community have not yet occurred, these sophisticated hackers are biding their time and have the capability to strike at will.
“If the geopolitical situation changes and Iran wants to target these facilities, if they have this kind of informations it will make it a lot easier,” explained former US Air Force cyberwarfare operations officers Robert M. Lee. “It will also help them stay quiet and stealthy inside.”
Lillian Ablon, a cybersecurity expert at the RAND Corporation, explained that hackers “want to be stealth. That’s the ultimate power, because when you need to do something you are already in place.”
As part of its investigation, the AP conducted case studies of the state of the nation’s energy infrastructure and the readiness of the industry against cyber attacks. In one disturbing incident, involving independent power production company Calpine, who calls itself “America’s largest generator of electricity from natural gas and geothermal resources,” Iranian hackers breached the company’s systems as far back as August 2013 and gained access to classified information.
Hackers collected usernames and passwords, detailed engineering drawings of power stations and networks from California to New York, as well as additional diagrams explaining how local power plants transmit information back to the company’s virtual cloud.
All this information, taken together, would eventually allow a hacker to shut down generating stations and network communications as well as cause near blackouts across the country. Cybersecurity experts believe the attack on Calpine could still be ongoing.
The US power grid is one of the most susceptible targets for hackers wishing to wreak havoc on the American government and public. The network of aging substations and decrepit equipment, which was not built with network security considerations, are easy fodder for cyber attackers. In many cases, the software running local power grids still run on Windows ‘95 and FORTAN, a programming language developed in the 1950s.
“Some of the control systems boot off floppy disks,” explained Patrick Miller, a cybersecurity expert who evaluated hydroelectric dam cybersecurity for the US Bureau of Reclamation and Army Corps of Engineers. “Some dams have modeling systems that run on something that looks like a washing machine hooked up to tape spools. It looks like the early NASA stuff that went to the moon.”
To make matters even more complicated, independent power sources, such as solar panel and wind farms, must be remotely monitored and controlled, adding weaker entry points for hackers to access the power grid.
Cyber attacks by nation-states are not the only cause for concern among intelligence and industry officials. Homeland Security spokesman SY Lee told officials in October that even ISIS is attempting to hack US power companies. Caitlin Durkovich, Assistant Secretary for Infrastructure Protection at the Department of Homeland Security, confirmed that “ISIS is beginning to perpetrate cyber attacks.”
Earlier this year, Deputy Energy Secretary Elizabeth Sherwood said in a speech that the government is in need of a wakeup call when it comes to protecting the energy grid. “If we don’t protect the energy sector,” she stated, “we are putting every other sector of the economy in peril.”