A cyber attack against a critical infrastructure is an event that government doesn’t exclude, for this reason, one of the pillars of their cyber strategy is the adoption of countermeasures to improve their resilience to cyber offensives.
The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of critical infrastructures, more in detail in securing the smart grid.
The US DoE under the Office of Electricity Delivery and Energy Reliability’s Cybersecurity of Energy Delivery Systems (CEDS) program has approved 12 projects with the intent to develop new solutions to protect critical infrastructure in the energy industry.
The energy industry is one of the sectors with the highest number of cyber attacks.
US oil and gas companies are under attack, over 80% of them have reported a significant increase in the number of cyber attacks in 2015. According to a study conducted by Tripwire, over the past year successful cyber attacks have increased as never before.
Tripwire interviewed 150 IT professionals in the energy industry working in oil, gas and electricity companies with the intent to evaluate the principal cyber threats and their impact on the sector.
82% of professionals declared that have seen an increase in the number of successful attacks, but most worrying data is that 53% claimed the frequency of attacks had risen between 50-100% over the last 30 days.
In March 2015, a report issued by the DHS ICS-CERT revealed that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities.
The DOE confirmed that the projects will aim to enhance the “reliability and resilience” of US smart grids through “innovative, scalable, and cost-effective research.”
An attack against a power grid could have unpredictable consequences, a major attack on the power grid would cause chaos in the country by interrupting vital services for the population.
Terrorists have several options to hit a power grid, from a cyber attack on SCADA systems to an EMP attack, said the former Secretary of Defense William Cohen one year ago.
State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.
Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that a cyber attack against the power grid could cause serious destruction and losses of lives.
Not only US power grid are under attack, In January 2015 the British Parliament revealed that UK Power Grid is under cyber attack from foreign hackers, but the emergency is for critical infrastructure worldwide.
In 2015, the Ukrainian power grid was shut down by a cyber attack, experts speculated the involvement of the infamous Black Energy malware specifically designed to target systems in the energy industry.
When dealing with cyber attacks against critical infrastructure, the most clamorous example is the Stuxnet malware that was used to compromise the Iran nuclear programme at the nuclear plant in Natanz.
Back to the DoE programs, the US Department recognized the following main areas of interest through the security projects:
The DOE Award Selections for the Development of Next Generation Cybersecurity Technologies and Tools includes the list of projects funded by the US Government. Below some example of the awarded projects:
General Electrics will “develop and demonstrate an automatic cyberattack anomaly detection and accommodation (ADA) system for power plants that will detect and respond to cyber-disruptions caused by cyber-attacks, and attacks against the cyber-physical interface.”
The Schweitzer Engineering Laboratories “will develop a technology that will detect adversarial manipulation of energy delivery control systems by allowing control system operators to automatically identify undesired behavior, contain the affected network areas, and re-route critical information to keep systems operational.”
Intel “will develop a security architecture solution to securely connect energy infrastructure devices to the cloud to allow the devices to interact with each other. Intel will demonstrate that the cyber-attack surface of energy delivery control systems can be continuously and autonomously reduced in a way that does not impede normal critical energy delivery functions”.
(Security Affairs – energy industry, power grid)