Squirrels outrank hackers as threat to U.S. electrical grid
Mon 20 Feb 2017
According to an expert on the integrity of national electric grid systems, the recent years of paranoia about the potential of state hackers to undermine infrastructure have greatly over-emphasised the risks of nation state attacks on infrastructure.
Marcus Sachs, CSO of the North American Electric Reliability Corporation (NERC), told an RSA conference last week that wildlife is likely a greater threat to the stability of the San Francisco electric grid than concerted state-led cyberattacks.
“Yes,” Sachs said. “we have a few mouse clicks here and there – but the real threat is Mother Nature and humans doing stupid stuff.” Sachs believes that threats such as physical attacks, acts of nature and theft of power infrastructure equipment greatly outweighs the risk of online assaults on the grid.
Sachs emphasised that squirrels, snakes and birds pose a more significant threat than cyber-adversaries.
The topic of remote attacks on essential infrastructure has been a political point of contention and concern since hackers successfully left 230,000 people in the Ukraine without power by means of BlackEnergy malware. One source attested that the incident was repeated late in 2016.
Sachs, who helped to investigate the potential vulnerability of U.S. power grid systems in the wake of the Ukraine hack, concludes that the lack of uniformity in America’s power systems actually makes hacking them much harder to achieve than in the former Soviet state. He commented “What makes Ukraine different from U.S. is their grid is synchronous and lacked the type of diversity and separation of infrastructure that we have in the North America.”
The Ukraine cyberattack was facilitated by one of the oldest tricks in the hacker’s arsenal – a Microsoft Office document containing an infected macro, enabling the originators to exfiltrate credentials from the host machine.
However it was the heterogeneous nature of the Ukrainian infrastructure that permitted the kind of templating which allowed the hackers to penetrate so deep into the system, according to Sachs.
“Here in North America,” Sachs said “we encourage diversity. No two substations are the same no two companies run their infrastructure the same. It’s all over the place here. In the Ukraine it’s homogenous. If you find a mistake one place, you can probably find the same mistake somewhere else; and that’s a problem.”