Iranian hackers have successfully penetrated America’s power grid and accessed passwords and engineering drawings of power plants, and security experts say it’s only a matter of time before such an attack leads to widespread blackouts, the Associated Press reported.
In fact, hackers from Iran and other countries such as China and Russia have infiltrated America’s power grid at least a dozen times over the past decade, gaining enough “remote access to control the operations networks” that run the power grid, experts told AP.
“If the geopolitical situation changes and Iran wants to target these facilities, if they have this kind of information it will make it a lot easier,” former Air Force cyberwarfare officer Robert M. Lee told AP.
The AP investigation found that the danger of cyberattack on the grid is far greater than the US government wants us to believe.
Some of the other frightening details of the AP report include:
- Some of the attacks over the past decade were so sophisticated that attackers could have gained control over portions of the grid or power plants, if they wanted to do so.
- ISIS is trying to hack into America’s power grid.
- Hackers took “detailed engineering drawings” of 71 “networks and power stations” from New York to California. That information shows “the precise location of devices that communicate with gas turbines, boilers and other crucial equipment attackers would need to hack specific plants.”
- Some of the hackers stored their stolen data on unencryptedcomputers, meaning the data was easily accessible by others, too.
Security researcher Brian Wallace discovered that Iranian hackers had stolen passwords and detailed information from Calpine Corp., which operates 82 power plants in 18 states and in Canada.
“We’re still in this era where everybody believes [the power grid is] secure and it’s not,” Eireann Leverett of the Cambridge Center for Risk Studies told AP.
Fixing the damage done by a large cyberattack could take far too long. Many of the parts that would be damaged by an attack are custom-made, meaning there literally are no spare parts.
“In the case of a large cyberattack on the US we can’t be calling up vendors and having them say, ‘Sorry, it’s going to take us eight months to get this patched,’” Leverett pointed out.
We’ve been warned.
Are you concerned about a cyberattack on the power grid? Share your thoughts in the section below: