The US energy grid is under cyber attack from Islamic State hackers but fortunately, these attacks end up in failure because the hackers are simply not skilled enough to do much damage, Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security, reassured the audience at GridSecCon 2015.
Domestic terrorist and hate groups have the same problem, confirmed Mark Lemery, Critical Infrastructure Protection Coordinator at the Utah Statewide Information & Analysis Center.
Without giving any specific details about the attacks, John Riggi, Section Chief of FBI’s Cyber Division, says that this situation might not last, and that they fear that the attackers will be turning to online black markets to buy more sophisticated tools that could help them execute the attacks successfully.
At the moment, a greater danger to the US electric grid are state-sponsored hackers, he says, noting that some of the attacks have been traced to hackers thought to be instructed by the Russian government. They managed to tie the attacks to those hackers with the help of the CIA and the NSA.
The only good news when it comes to the security of the US energy grid is that it’s a combination of smaller grids that use different hardware and software, and that it’s more fragmented than if perhaps should be.
A successful attack will likely down one or two of these grids, and could hit a limited number of people – part of a city, or the entire city. But attackers that are not dedicated, well-financed and highly skilfull will have trouble escalating the attack to many other grids.