The U.S. power grid is subject to being hacked from abroad, and foreign hackers have gained remote access to American power operations about a dozen times over the last decade, an Associated Press investigation has found.
The investigation began when security researcher Brian Wallace discovered that hackers, likely in Iran, had exploited a vulnerability within networks running the U.S. power grid and had stolen passwords and engineering drawings of a significant number of power plants. At least one of the documents was stamped “Mission Critical,” the AP reported.
“The drawings were so detailed,” the AP wrote, “that experts say skilled attackers could have used them, along with other tools and malicious code, to knock out electricity flowing to millions of (American) homes.”
That breach, the AP investigation found, was hardly the only one. There have been about a dozen other cases over the last 10 years in which foreign hackers had “gained enough remote access to control the operations networks that keep the lights on, according to top experts who spoke only on condition of anonymity due to the sensitive nature of the subject matter.”
A Republican congressman said in October that the grid is being attacked every few days.
Knowledge about these breaches has been kept from the public, the AP reported. “Information about the government’s response to these hacks is often protected and sometimes classified; many are never even reported to the government.”
The investigation did note that, to date, none of these breaches have resulted in “the kind of cascading blackouts that are feared by the intelligence community.” But its conclusion is that hackers have made enough inroads into the power grid systems that “experts say they likely have the capability to strike at will.”
That latent attack potential has Wallace and other security experts worried.
“If the geopolitical situation changes and Iran wants to target these facilities, if they have this kind of information, it will make it a lot easier,” Robert Lee, a former U.S. Air Force cyberwarfare operations officer, told the AP. “It will also help them stay quiet and stealthy inside.”
The investigation cited attacks in 2012 and 2013, in which Russian hackers were said to have sent and received encrypted commands to American public utilities and power generators. At the same time, the U.S. Department of Homeland Security said a year ago that a hack of potentially Russian origin had planted spyware inside U.S. energy company networks.
Other countries and organizations thought to be targeting U.S. power grids include China and the Islamic State terrorist group.
Still, despite the many breaches, not every security expert believes our national power infrastructure is at any immediate risk of being affected.
“Although the U.S. power grid appears to be under constant cyber attack, there have been no reported power outages attributed to rogue nation-states,” Seth Rosenblatt, the editor of the cybersecurity news site The Parallax told Fast Company. “Blimps cause more power outages right now than hackers.”