How safe is the grid from cyberattacks?

The next major attack against the energy sector may be by a state actor, Graeber writes, and it may come from a computer.

By , Guest blogger

  • close
    The Department of Homeland Security logo is reflected in the eyeglasses of a cybersecurity analyst at the watch and warning center of the Department of Homeland Security's secretive cyber defense facility in Idaho Falls, Idaho.
    View Caption

An annual index from IHS Jane's Terrorism and Insurgency Center said acts of violence committed by non-state actors since 2009 increased by more than 150 percent. But for Internet security company Kaspersky Lab, it may be a state actor that launches the next major attack against the energy sector and it may be from a computer.

Matthew Henman, manager of JTIC, said the Middle East was the "epicenter" of violence last year, though it spilled out of the region to endanger parts of Africa and South Asia.

"In 2009, a worldwide total of 7,217 attacks were recorded from open sources," he said. "In 2013, that number increased by more than 150 percent to 18,524." (Related Article: How Prepared is the Oil Industry for a Cyber War?)

Recommended: US energy in five maps (infographics)

But according to U.S. President Barack Obama, it's cybersecurity that's emerging as the next great threat to national security. 

"Cyberthreats pose one the gravest national security dangers that the United States faces," he said.

Last week, Kaspersky Lab said it uncovered a threat it called The Mask, describing it as one of the most advanced cyberespionage operations it's ever seen.

It warned the threat actor was likely from a Spanish-speaking part of the work and its target is usually oil and natural gas companies, or other high-profile victims.

"Several reasons make us believe this could be a nation-state sponsored campaign," warned Costin Raiu, director of global research for Kaspersky Lab.

Two years ago, the internet security company uncovered the Flame malware, which essentially rendered computers used in the Iranian energy sector useless. When it was discovered, Kaspersky said that was "the largest cyberweapon discovered to date."

But now there's The Mask. Flame forced Iran to disconnect its services from the main oil terminal on Kharg Island as a security precaution, but the government had its servers back up and running relatively quickly given the severity of the attack. Kaspersky warns The Mask, which it says has been around at least since 2007, has already targeted more than 1,000 IP addresses in 31 countries, including Iran, the United States and at least three European countries. (Related Article: Oil Explorers Beware: Hackers Are Eyeing What You Know)

President Obama unveiled a roadmap last week designed to protect the electrical grid, oil and gas distribution networks and other parts of the nation's critical infrastructure from a cyberattack. Last year, the Department of Defense said it was stepping up its effort to protect national interests from attacks originating in cyberspace. The level of protection, the Defense Department said, needs to be intense.

Recent extreme weather events this season have strained the nation's ability to keep the lights on and, with energy independence the new buzz word in energy security circles, protecting against cyberattacks may be the name of the 21st century game. U.S. Energy Secretary Ernest Moniz said protecting the energy sector was a "vital" national interest. The consequences of not acting, the Federal Energy Regulatory Commission warned, would be "devastating."

The Christian Science Monitor has assembled a diverse group of the best energy bloggers out there. Our guest bloggers are not employed or directed by the Monitor and the views expressed are the bloggers' own, as is responsibility for the content of their blogs. To contact us about a blogger, click here. To add or view a comment on a guest blog, please go to the blogger's own site by clicking on the link in the blog description box above.

Share this story:
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
Follow Stories Like This
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...