Skip to: Content
Skip to: Site Navigation
Skip to: Search

Energy Voices: Insights on the future of fuel and power

Energy sector cyberattacks jumped in 2012. Were utilities prepared?

The number of cyberattacks on the computer systems of power grid and gas pipeline companies rose in 2012, a federal report shows, as cyberspies zeroed in on the energy sector.

(Page 2 of 2)

"Unfortunately, most utilities just aren't prepared from a resources perspective for the coming threats," says Robert Huber, a principal at Critical Intelligence, a cybersecurity firm in Idaho Falls, Idaho, that specializes in protecting critical infrastructure. "They have neither the necessary people, nor the budget."

Skip to next paragraph

Staff writer

Recent posts

Debate has been rising over how best to protect "critical infrastructure" companies, including those that operate the power grid, gas pipelines, transportation, water, chemical, financial, and other networks. But awareness of the depth of the problem is giving at least some company officials a fresh perspective on the risks involved.

Over the past decade many companies have linked their Internet-connected business networks to the industrial control networks. While these connections allow company managers to tap real-time production data and lower costs, they also have created a point of entry for cyberattackers intent on gaining access to the control systems.

President Obama has promised to soon deliver a new executive order increasing federal agency oversight of cybersecurity involving industrial sectors if Congress does not act.

One example: In response to a distress call, ICS-CERT sent a rapid-response team to provide onsite support at a power generating plant "where both common and sophisticated malware had been discovered in the industrial control system environment."

The malware had been discovered when an employee, who routinely used a USB drive to back up control system configurations, asked the company IT staff to inspect his USB drive after experiencing problems with the drive’s operation. A scan with up-to-date antivirus software revealed three positive hits, including one sample "linked to known sophisticated malware." (Such infections spread by USB drive are believed to be the way that the cyberweapon Stuxnet infected Iran's nuclear fuel complex.)

After that, the ICS-CERT team found the same sophisticated malware on the two engineering workstations. A check of 11 other workstations showed them to be clear. But the two with the infection were so vital that, at the time, they could not be shut down to have the malware removed.

"The organization also identified during the course of the investigation that it had no backups for the two engineering workstations," the ICS-CERT report last week said. "Those workstations were vital to the facility operation and, if lost, damaged, or inoperable, could have a significant operational impact."


  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer


Doing Good


What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

Become a fan! Follow us! Google+ YouTube See our feeds!