Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

DoS Attack Blamed for U.S. Grid Disruptions: Report

A denial-of-service (DoS) attack has been blamed for disruptions to electrical grid operations in the United States.

According to the National Energy Technology Laboratory’s OE-417 Electric Emergency and Disturbance Report for the first quarter of 2019, a cyber event caused “interruptions of electrical system operations.”

A denial-of-service (DoS) attack has been blamed for disruptions to electrical grid operations in the United States.

According to the National Energy Technology Laboratory’s OE-417 Electric Emergency and Disturbance Report for the first quarter of 2019, a cyber event caused “interruptions of electrical system operations.”

The report shows that the incident impacted an unidentified utility in the region overseen by the Western Electricity Coordinating Council (WECC), which is responsible for compliance monitoring and enforcement in the Western Interconnection, and affected California (Kern County and Los Angeles County), Utah (Salt Lake County) and Wyoming (Converse County).

However, the report shows that the incident did not result in any power outages. The cyber event occured on March 5 — it started at 9:12 AM and systems were restored by 6:57 PM on the same day.

DoS attack hits US gridThe report does not include any other details, but E&E News, which provides news for energy and environment professionals, learned from an official at the U.S. Department of Energy (DoE) that the disruption involved a DoS attack.

According to E&E News, the attack was not part of a coordinated hacking operation and involved a known DoS vulnerability for which a patch is available. It’s unclear what type of equipment was targeted.

Learn More About Grid Security at SecurityWeek’s 2019 ICS Cyber Security Conference

The Electricity Information Sharing and Analysis Center reportedly sent out an alert to inform other utilities of the threat.

Cybersecurity professionals have often warned that DoS vulnerabilities can have a much higher impact in the case of industrial systems compared to IT systems.

“This filing indicates continued tampering with and intrusion into the electrical grid,” Barak Perelman, CEO of industrial cybersecurity firm Indegy, told SecurityWeek. “These types of events underscore the importance of having monitoring systems in place.”

“To detect and protect against malicious activity, both governments and businesses can implement industrial and critical infrastructure security at the network and device level. This has long been the approach used in IT networks, yet we have not applied the same controls to critical infrastructure operations,” Perelman added.

The DoE has invested tens of millions of dollars in cybersecurity in the past year, which is not surprising considering that the energy sector has been an important target for threat actors and the cybersecurity industry has often warned of serious risks.

Reports published last year showed that the energy sector was the most impacted by vulnerabilities in industrial control systems (ICS), and that many internet-connected human-machine interfaces (HMIs) expose energy facilities to attacks.

It was revealed earlier this year that a US energy company received a $10 million fine from the North American Electric Reliability Corporation (NERC) for nearly 130 violations of the Critical Infrastructure Protection (CIP) standards.

Related: U.S. Energy Department Announces Office for Cyber, Energy Security

Related: U.S. Energy Department Unveils Multiyear Cybersecurity Plan

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.