The U.S. Computer Emergency Readiness Team alerted earlier this week that some of the most important sectors such as water, aviation, domestic, and government entities, nuclear, and energy, without which the country cannot function, have been hacked by Russia. Could the nuclear sector become the next target?
Electric Grid System Vulnerable to Attacks
It doesn’t come as a surprise – especially in light of Russia’s role in 2016 U.S. presidential elections – that the country has made hacking into America’s cyber security system its favorite past-time. There is already plenty of evidence of Russian interference in the electric grid system, which is a vast data network connected to tens of thousands of sensors and managed by an army of computers and IT personnel.
It is speculated that the data flowing through the grid system will outgrow the electricity flow in the next two decades. With the recent revelation of Russian attacks on the electric grid, Washington is becoming increasingly fearful that it may lose the energy sector if the government doesn’t respond to the hacking in a potent manner.
While the protection of electric grid from cyber-attacks becomes critical at this point in time, experts from MIT are speculating that protecting the grid system from hacking may not be possible in the future. The only way to cope with the threat is to create a mechanism that is able to respond quickly in the event of a cyber-attack and recover the systems as rapidly as possible.
Cyber-Attacks on Electricity Sector May be Impossible to Avoid
Considering the vast structure of our current grid system, it becomes increasingly difficult to oversee all aspects of its cybersecurity. According to the Technology Cybersecurity Working Group and the National Institute, at least 137 different types of interfaces exist within the grid systems.
The smart sensors and meters use components manufactured by hundreds of companies and software applications outsourced from developers across the globe. Currently, there is no single entity which has the responsibility of tracking the health of the country’s energy systems.
The first step to cope with any potential threats to grid cybersecurity, is the appointment of a comprehensive federal agency overseeing the entire energy sector whose sole responsibility is to prepare for cyber-attacks and devise an efficient recovery and response system. Unfortunately, this security measure could take the government years to implement.
What About the Nuclear Plants?
But is the country’s nuclear system also at a risk of meltdowns or cyber-attacks? Luckily, the country’s nuclear sector is analogous and is isolated from the internet, which means that even though the Russian hackers may be able to penetrate wind and natural gas-operated power plants, they cannot disrupt the nuclear plants because of their complete isolation from the rest of the energy sector.
A report from the FBI assured that the public safety will not be affected by potential attacks on the country’s nuclear reactors because of the way they are protected from cyber threats. Nuclear Energy Institute has learned important lessons from the attack on Iran’s nuclear program which was caused by a computer virus transmitted over the internet. Since the incident, the reactors operating in the U.S. have been completely isolated from the internet and other business networks.
Why Firewalls Aren’t Adequate
In the old days when the nuclear industry was connected to the internet, firewalls were used to prevent the systems from being hacked, but the cyber criminals outsmarted the NRC and managed to break the firewall protection by sending a malicious worm called Slammer which taught the country a hard lesson that the nuclear reactors are better off isolated from the internet.
As a stronger, impenetrable replacement to firewalls, the nuclear powerplants use diode technologies which allow one-directional data flow: information can go out but can’t flow back in. There are also restrictions on the use of outside equipment and devices such as laptops and USB drives to prevent system contamination. National Nuclear Infrastructure Council says that the plant systems have an extremely robust cybersecurity protocol with many layers of protection through digital and physical means.
Ransomware attacks have cost the world almost $450 billion in 2016 alone and experts predict that cybersecurity threat will only get worse with time. Unfortunately, it will still take the internet many more years to strengthen its immune system against attacks in today’s cyber age.