DHS intel report downplayed cyber threat to power grid
Three months after a Department of Homeland Security intelligence report downplayed the threat of a cyber attack against the U.S. electrical grid, DHS and the FBI began a nationwide program warning of the dangers faced by U.S. utilities from damaging cyber attacks like the recent hacking against Ukraine’s power grid.
The nationwide campaign by DHS and the FBI began March 31 and includes 12 briefings and online webinars for electrical power infrastructure companies and others involved in security, with sessions in eight U.S. cities, including a session next week in Washington.
The unclassified briefings are titled “Ukraine Cyber Attack: Implications for U.S. Stakeholders,” and are based on work with the Ukrainian government in the aftermath of the Dec. 23 cyber attack against the Ukrainian power infrastructure.
“These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack,” the announcement by the DHS Industrial Control Systems Cyber Emergency Response Team read.
“The attacks leveraged commonly available tools and tactics against the control systems which could be used against infrastructure in every sector.”
Security researchers have concluded the attack was carried out by Russian government hackers based on the type of malicious software, called BlackEnergy, that was detected in the incident.
The threat briefings followed an internal DHS intelligence report published in January that stated the risk of a cyber attack against U.S. electrical infrastructure was low.
“We assess the threat of a damaging or disruptive cyber attack against the U.S energy sector is low,” the report, labeled “for official use only,” says.
The report said advanced cyber attackers, such as nation states like Russia and China, are mainly seeking to conduct “cyber espionage.”
The report also sought to dismiss public references to “cyber-attacks” as exaggeration. “Overuse of the term ‘cyber attack,’ risks ‘alarm
“Overuse of the term ‘cyber attack,’ risks ‘alarm fatigue,’ which could lead to longer response times or to missing important incidents,” the report said.
The report raises questions about whether DHS, which has primary responsibility for protecting U.S. government computer networks and works with the private sector to prevent cyber attacks, understands the infrastructure cyber threat and is seeking to downplay the threat for political reasons.
The Obama administration has adopted an approach that seeks to play down foreign national security threats under conciliatory foreign policies pursuing warmer relations with states such as Russia, China, and Iran.
The DHS report, however, contrasts sharply with recent statements by Adm. Mike Rogers, commander of the Cyber Command, who warned recently that a major cyber attack by nation-states against critical infrastructures poses a major security threat.
“It is only a matter of the ‘when,’ not the ‘if’—we’re going to see a nation-state, group, or actor engage in destructive behavior against critical infrastructure in the United States,” Rogers, who is also director of the National Security Agency, said in a speech March 2.
Rogers described the Ukraine cyber attacks as “a well-crafted attack” that temporarily disrupted electrical power in Ukraine.
The four-star admiral said the cyber attack also included the use of sophisticated monitoring of how Ukrainian authorities reacted to the attack. The attackers then took additional cyber measures designed to slow down the process of restoring electrical power, he said.
“Seven weeks ago it was the Ukraine. This isn’t the last we’re going to see this, and that worries me,” Rogers said.
Full article: FBI Warns of Cyber Threat to Electric Grid (Washington Free Beacon)