The Department of Energy confirmed that in March a cyber event disrupted power grid operations in California, Wyoming, and Utah.
The Department of Energy confirmed that on March 2019, between 9 a.m. and 7 p.m., a cyber event disrupted energy grid operations in California, Wyoming, and Utah.
The report states that interruptions of electrical system operations were observed in California (Kern County, Los Angeles County), Utah (Salt Lake County), Wyoming (Converse County). The report doesn’t include the name of the utility company that suffered the incident. It must be clear that a report of a cyber incident doesn’t necessarily imply that the company has been hacked, in some cases human errors or system misconfigurations could be the root causes of a cyber incident.
U.S. utilities are required to notify DOE within one hour of a cyber attack against their systems. DoE could fine up to $2,500 per day power companies that fail to file an OE-417 electric disturbance report.
Media outlets like E&E News and Motherboard correctly defined the report as cryptic, Department of Energy has not responded to a request by Motherboard for more information about the cyber event.
“A “cyber event,” according to infrastructure hacking experts, could be anything from hackers messing with the grid remotely, to a much less dramatic hardware or software bug.” reported MotherBoard.
Anyway, if confirmed that hackers remotely interfered with power grid networks in the US, the event would be unprecedented for the country. The unique power grid hacks recognized by the cyber security community is the one that caused massive power outages in Ukraine in 2015 and in 2016.
The E&E News cited for instance the incident occurred in January 2018 at a Michigan utility Consumers Energy. It filed the same type of DOE notice when an employee in training accidentally caused a blackout for about 15,000 people (Energywire, March 8, 2018).
“There was no malicious intent” in that case, a spokeswoman said at the time, and Consumers Energy brought the lights back on within a few hours.
Cyber attacks against critical infrastructures, including power grids, are dangerous threats and possible consequences are unpredictable, for this reason, it is essential to share knowledge about attacks and attackers’ TTPSs.