North American energy utilities are more vulnerable than ever to cyber attacks launched by criminals, terrorists and foreign states, says an article in the Globe and Mail.
The article, reporting on a regulators’ conference held in Halifax, said that attendees were told utilities need to devote more resources to securing their infrastructure.
“There is a growing appreciation among utilities that this is real, and it is part and parcel of doing business now,” said Francis Bradley, vice president of the Canadian Electricity Association.
The threats include ‘nuisance’ hacking that can disrupt software, and attacks by clandestine, state-backed groups looking for sensitive secrets or trying to disable infrastructure.
“Hacktivists,” who seek to disable transmission lines or pipelines as a protest action, are also a threat. One hacktivist group, Anonymous, has publicly opposed TransCanada Corp.’s proposed Keystone XL pipeline project and has vowed to fight the project.
At the same conference, US energy regulator Philip Jones said there are a “number of actors” who are targeting the North American energy infrastructure.
“It’s not a question of if but when we are going to have some sort of cyberattack on the grid,” Jones told attendees. “My biggest nightmare is that there is a coordinated physical and cyber attack.” Jones is a member of Washington State’s utilities and transportation commission and former president of the national regulators’ association in the US.
A large-scale effort to identify and prevent thefts to critical infrastructure is being conducted by officials from Homeland Security, Public Safety Canada, state and provincial government as well as the utilities themselves.
Bradley says security experts have identified threats from China, Russia and Syria that specifically target North American industrial control functions.
While the rapid digitization of the electricity transmission and distribution infrastructure means that the threat of cyber attack has increased as well, information such as what is relayed by smart meters probably isn’t valuable enough to be a serious target, he said.
However, Robert Gordon, a special adviser to Public Safety Canada on cyber threats, said many companies still don’t have adequate safeguards, and often don’t know their systems have been compromised.