Cybersecurity and the Bulk Electric System – A New Approach May Be Needed
- Dec 21, 2020 9:41 pm GMT
The recent cyberattack, believed to be conducted by Russian threat actors, highlights the seemingly impossible task of guarding against adversaries with more resources to attack, than we can deploy for defense. The SolarWinds attack proved to be far more sophisticated than anything we’ve experienced recently, possibly ever. The extent of the damage is yet to be seen, we don’t even know all the attack vectors yet, so, how do we guard against a nation-sponsored threat with the limited resources at our disposal? The adversaries we’re contemplating are not the financially motivated hackers that use phishing attacks to gain personal information that they can then use to extract funds for themselves. These are highly trained experts focused on damaging public faith in governmental processes, attacking critical infrastructure assets, and generally sowing civil unrest in other nations. As a nation, we’ve been under this type of attack for years, but now our Bulk Electric System (BES) is potentially compromised. As a former intelligence operator, I can honestly state that this sort of patient, sophisticated attack bears the markings of the more advanced, ambitious group of hackers. The fact that this attack went virtually unnoticed for the better part of a year tells me the operation has likely yielded incredible results, and we will likely be dealing with the aftermath in the near future. In any intelligence gathering operation, sources and methods are kept secret for as long as possible, offering perpetrators the sustained ability to continue operations. As of now, the methods have since been discovered, and their sources are coming to light. SolarWinds was huge, but they are likely not the only compromised company. CISA is suggesting that there are other attack vectors that may not point back to SolarWinds, indicating there are likely other compromised entities.
Get Published - Build a Following
The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.
If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.