Breach of popular control system for power plants shows increasing hacker sophistication
Attempted cyberattacks targeting the electric industry are a daily occurrence, but this new incident, possibly in Saudi Arabia, highlights how much more sophisticated hackers are becoming.
“This is a watershed,” Sergio Caltagirone, head of threat intelligence at security firm Dragos, told Reuters. “Others will eventually catch up and try to copy this kind of attack.” According to Power Engineering, this is just the third time malware has been used to disrupt an industrial process, but more attempts are expected.
Morgan Lewis & Bockius LLP has predicted that “because of the destructive potential of these types of breaches, critical electric and other utility infrastructure will remain highly-prized targets for future cyberattacks.” The firm also expects electric utilities will begin to receive data requests or informal outreach from federal regulators “in the near future to determine whether those utilities have similar equipment that could be exploited, and if so, what steps they have taken to mitigate the threat.”
Cybersecurity has become a major focus for the electric industry. Last month, the North American Electric Reliability Corp. held its biennial GridEx exercise,…