Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

DoS Attack Blamed for U.S. Grid Disruptions: Report

A denial-of-service (DoS) attack has been blamed for disruptions to electrical grid operations in the United States.

According to the National Energy Technology Laboratory’s OE-417 Electric Emergency and Disturbance Report for the first quarter of 2019, a cyber event caused “interruptions of electrical system operations.”

A denial-of-service (DoS) attack has been blamed for disruptions to electrical grid operations in the United States.

According to the National Energy Technology Laboratory’s OE-417 Electric Emergency and Disturbance Report for the first quarter of 2019, a cyber event caused “interruptions of electrical system operations.”

The report shows that the incident impacted an unidentified utility in the region overseen by the Western Electricity Coordinating Council (WECC), which is responsible for compliance monitoring and enforcement in the Western Interconnection, and affected California (Kern County and Los Angeles County), Utah (Salt Lake County) and Wyoming (Converse County).

However, the report shows that the incident did not result in any power outages. The cyber event occured on March 5 — it started at 9:12 AM and systems were restored by 6:57 PM on the same day.

DoS attack hits US gridThe report does not include any other details, but E&E News, which provides news for energy and environment professionals, learned from an official at the U.S. Department of Energy (DoE) that the disruption involved a DoS attack.

According to E&E News, the attack was not part of a coordinated hacking operation and involved a known DoS vulnerability for which a patch is available. It’s unclear what type of equipment was targeted.

Learn More About Grid Security at SecurityWeek’s 2019 ICS Cyber Security Conference

The Electricity Information Sharing and Analysis Center reportedly sent out an alert to inform other utilities of the threat.

Cybersecurity professionals have often warned that DoS vulnerabilities can have a much higher impact in the case of industrial systems compared to IT systems.

Advertisement. Scroll to continue reading.

“This filing indicates continued tampering with and intrusion into the electrical grid,” Barak Perelman, CEO of industrial cybersecurity firm Indegy, told SecurityWeek. “These types of events underscore the importance of having monitoring systems in place.”

“To detect and protect against malicious activity, both governments and businesses can implement industrial and critical infrastructure security at the network and device level. This has long been the approach used in IT networks, yet we have not applied the same controls to critical infrastructure operations,” Perelman added.

The DoE has invested tens of millions of dollars in cybersecurity in the past year, which is not surprising considering that the energy sector has been an important target for threat actors and the cybersecurity industry has often warned of serious risks.

Reports published last year showed that the energy sector was the most impacted by vulnerabilities in industrial control systems (ICS), and that many internet-connected human-machine interfaces (HMIs) expose energy facilities to attacks.

It was revealed earlier this year that a US energy company received a $10 million fine from the North American Electric Reliability Corporation (NERC) for nearly 130 violations of the Critical Infrastructure Protection (CIP) standards.

Related: U.S. Energy Department Announces Office for Cyber, Energy Security

Related: U.S. Energy Department Unveils Multiyear Cybersecurity Plan

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...