Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Venezuelan ‘Cyber-Attack’ Possible But Unlikely, Experts Say

Venezuelan President Nicolas Maduro’s government has accused the United States of “cyber sabotage” to knock out the country’s central hydroelectric complex and leave the nation largely without electricity since Thursday afternoon.

Venezuelan President Nicolas Maduro’s government has accused the United States of “cyber sabotage” to knock out the country’s central hydroelectric complex and leave the nation largely without electricity since Thursday afternoon.

Experts say it’s possible, but a simple breakdown of ageing equipment is much more likely.

Venezuela has the fourth largest hydroelectric complex in the world that lies on the Orinoco river at Guri in the southern state of Bolivar.

But the power went out in late afternoon on Thursday and five days later, authorities were still struggling to reconnect electricity nationwide.

Jeff Middleton, the chief technology officer at TheVault, a company that secures crypto currency transactions, says a cyber attack on a power plant using a virus is possible by a “state actor.”

“But knowing Venezuela, it was likely an internal failure,” he told AFP.

“Typically, if you want to bring any industrial plant or power grid down, you need to affect the machinery that is operating it.

“What you want to do is cause it to overload by bypassing any of the built-in safety features that prevent such a thing from occurring.”

Middleton pointed to the stuxnet virus as an example. The bug was believed to have caused substantial damage to Iran’s nuclear program in 2010.

“Basically you find a way to put a virus on the computers that control the industrial systems,” added Hong Kong-based Middleton.

“You force them to overload and put them in a state that prevents them from being shut down manually.

“Russia did something similar with its attack on the Ukraine.”

In December 2016, a cyber attack in Ukraine, probably caused by a virus, cut the power in part of the capital Kiev for just over an hour.

“In fact, the virus they used escaped and infected Maersk and FedEx causing hundreds of millions of dollars of damage,” said Middleton.

– ‘Why bother’ –

James Lewis, senior vice president and director of the technology and public policy program at the Center for Strategic and International Studies in Washington, said a US attack was “unlikely.”

“The US usually does finance and internet, not electricity. What would we get and why would we bother.”

French cyber security expert at TrendMicro, Loic Guezo has no doubt that a state actor could carry out such an attack.

“It’s a scenario that all the major operators around the world are preparing for,” said Guezo.

“Venezuela’s systems are old and the whole network must be quite fragile — a limited attack could have major consequences.”

However, Guezo admitted that he had seen no “clear signs indicating a cyber attack.”

Government critics blame the problems on lacking investment in infrastructure in a country that regularly suffers from electricity failures, although never before on this scale or for this long.

Venezuela is in the midst of an economic crisis.

It has been in recession for more than four years, its GDP has shrunk by half since 2014 and inflation is expected to reach a staggering 10 million percent this year.

The Guri hydroelectric complex supplies three quarters of Venezuela.

In 2016, the government rationed electricity due to a serious drought that affected the water level at the plant’s dam.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.