One hot day in August 2003, much of the northeastern United States and the Canadian province of Ontario suffered the biggest blackout North America has ever seen. A sudden power surge crippled hundreds of power plants and knocked out service to some 50 million people — darkening homes and businesses, halting trains and subway cars, snarling airline service and trapping people in elevators. Most of the affected places didn’t get the lights back on for two days.
It was a sobering lesson in the vulnerability of modern communications networks and electrical grids, which are crucial to modern life. This blackout was an accident, traced to a computer problem. But the next one might be a deliberate act by a foreign adversary.
Americans have long experience worrying about airline hijackings, truck bombs and mass shootings by terrorists. The Russian hacking of Democratic National Committee networks and use of social media to influence the 2016 presidential election is well-known. The broader danger of the power grid being sabotaged — causing our economy and society to grind to a halt — is easy to forget.
It’s not just a speculative worry. It’s a real-life possibility that Russian hackers have already explored — with disturbing success.
Last year, the Trump administration called out a “multi-stage intrusion campaign by Russian government cyber actors” in which “they staged malware, conducted spear phishing, and gained remote access into energy sector networks.”
The hackers managed to compromise utility control rooms. Similar efforts, believed to be the work of Russians, caused a major blackout in Ukraine in 2015.
In the U.S. case, The Wall Street Journal recently reported, the culprits used a variety of common tactics: “The hackers planted malware on sites of online publications frequently read by utility engineers. They sent out fake resumes with tainted attachments, pretending to be job seekers. Once they had computer-network credentials, they slipped through portal used by utility technicians, in some cases getting into computer systems that monitor and control electricity flows.”
One cybersecurity firm said the attack breached systems at some two dozen utilities. But the government admits it doesn’t know how many companies were penetrated. More alarming, some of the hackers may still have access to such systems, waiting patiently for the right moment to strike.
The danger has been apparent for some time, but our leaders have not impressed on the public the urgency of the challenge. A recent draft report of the President’s National Security Telecommunications Advisory Committee said it is “one the United States simply must enduringly address as a matter of national strategic imperative.” The panel urged a major effort, akin to the 1960s effort to land astronauts on the moon, to “make the internet safe and secure for the functioning of government and critical services for the American people by 2028.”
What has emerged about the 2017 intrusion gives new weight to that recommendation. Americans are exposed to hostile hackers with alarming capabilities. There is no time to waste in building defenses to foil them.
— Chicago Tribune