Whilst questions swirl over Russia’s involvement with Brexit, there are other issues at stake: that Russian hackers tried to attack the UK’s energy sector.
The head of the UK’s National Cyber Security Centre, Ciaran Martin, will make a speech today in which he will say Russian operatives tried to hack the UK’s energy, media, and telecommunication structures.
Martin will not provide details of the attacks, however, he will say:
“I can confirm that Russian interference, seen by the National Cyber Security Centre over the past year, has included attacks on the UK media, telecommunication and energy sectors.”
This week, UK prime minister Theresa May laid blame on Russia for attempting to spread disinformation and meddling in elections.
Power grid hacks have been carried out before
Hacking energy sectors and power grids is nothing new. Back in December 2015, Russian hackers decided to take out the Ukrainian power grid, deploying malware which led to an outage. Around 30 substations were taken offline, leaving 230,000 residents in the dark.
“If I remember correctly, it tampered with the firmware of the some of the control devices that were used to manage the grid,” Ryan Kazanciyan, chief security architect at security firm Tanium, told Verdict.
“It basically deployed a malicious firmware that due to a vulnerability or a gap in the security controls was allowed to run without doing the integrity checks.”
This was the first confirmed hack to take down a power grid, according to Wired, and raised concerns about what could happen if this type of hack happened in the US or the UK.
In the energy industry, in particular, the control systems and the management network are often separated, which are relatively isolated from one another. This is meant to prevent malware attacks from spreading.
“The problem is that the people who control and manage those systems are using PCs that then interface. SO if the system is infected, it can be a bridge point to control or impact systems it is technically isolated from,” explained Kazanciyan.
However, we shouldn’t completely worry about hacks of the power grid. “One of the things I’ve come to understand from people who know power control systems, the fortunate thing is that many of those systems have multiple layers of control and failure. This is an engineering discipline which is that things can fail and yet the lights stay on,” he said.
“Having that sort of redundancy which is built into the grid in many ways helps.”
But don’t panic too much about Russian hacking
Most of the nation-state attacks we see in the news come from Chinese, Russian and North Korean entities. Whilst it does sound scary, companies shouldn’t focus on these threats alone.
“For a company perspective, what I normally advise people is don’t worry about the nation-state attacks when you still can’t stop the basic opportunistic stuff,” said Kazanciyan.
“The nation-state stuff makes the headlines because it’s compelling. But if you’re worried about a sophisticated cyber espionage group hacking you and you’re still finding that you’re getting infected with every botnet or ransomware variant out there, you have bigger fish to fry.”