Cyber-attacks are maneuvers to target information systems, networks and personal devices by hacking. Usually, this act is done through an anonymous source. The U.S. provides security plans to overcome such situations. The responsibility is given to the FBI, the Department of Homeland Security and the Department of Defense. A cyber-attack usually targets infrastructure to weaken the opponent as much as possible. For example, it is common to exploit finance, telecommunications, transportation, control systems etc.
The Russian government is believed to have targeted multiple U.S. infrastructure sectors:
The Russian government is believed to have targeted multiple U.S. infrastructure sectors through cyber-attacks for up to two years now (starting from March 2016). Russia denies these allegations. The U.S. however, is taking steps to prevent exploitation. The first successful cyber-attack in late 2015 on Ukraine (which managed to shut down power grids disrupting electricity supply to around 230,000 people up to 6 hours) believed to have been the work of Russian hackers.
Russia was accused of hacking into U.S. energy infrastructure
The joint Technical Alert (TA) was issued on April 16th By the U.S. and U.K in which Russia was accused of hacking into U.S. energy infrastructure. Cyber-attacks are believed to have a number of tactics which include
- Host-based exploitation
- Spear-phishing emails (obtaining information by disguising as a trustworthy entity in telecommunication, usually targets a specific organization or person)
- watering-hole attacks
- The credential gathering.
The attack on the U.S. nation’s largest grid operator RTO (regional transmission organization)
PJM Interconnection is the RTO (regional transmission organization) in the US, headquarters situated in Pennsylvania which controls grids across the Midwest and mid-Atlantic is the nation’s largest grid operator. Former PJM CEO says that the number of attacks on the U.S power station is up to 4000 per month. PJM Chief Information Officer Tim O’Brien himself says that “You will never stop people getting into your systems, the question is, what controls you have to not allow them to penetrate?” A large number of attacks are carried out through targeted emails. Therefore employees are being trained as to how to react to such situations and to prevent them Since 2011, government organizations and grid operators have carried out “war games” every two years or so.
These are basically drills for the organization teaching them how to respond to cyber-attacks. More than 1,000 participants (including federal and local authorities) take part in these drills.
The U.S. has faced a large scale attackS?
So far, the U.S. has not faced such a large scale attack as the one that targeted Ukraine, but it does continue to get threats and small-scale attacks. Robert M. Lee (CEO and founder of Dragos, a company that provides cybersecurity solutions for industrial control system networks) was one of the analysts who authored a report on the Ukraine attacks, believes that a more complex system, the harder it is to have a scalable attack. Robert M. Lee recommends measures against such attacks in his blog saying that companies and organizations should review logs and information and TTP’s (Tactics, techniques, and procedures) seen before to detect any attacks. Basically, our defense should be strong.
U.S. Congress Response about Cybersecurity
The Congress has also released several bills aiming to boost security on the power grids. On January 18, FERC (the Federal Energy Regulatory Commission) issued a notice (NOPR) that proposes to direct the NERC (North American Reliability Corporation) to modify it standards in order to improve cybersecurity reporting. Recently, a cyber-attack on a shared data network forced four natural gas pipelines to shut down in Houston. Although it is unclear whether any data was stolen or not but it shows the vulnerability of the nation’s energy system. American pipelines have been targeted from 2012 to living day but the damage has been considered minimal. Now, Trump administration is looking to establish an office within the DOE specifically relating to cybersecurity issues in infrastructure.