Cybersecurity

Are U.S. chemical plants ready for cyberattacks?

Copyright: VanderWolf Images / Shutterstock.com

Photo credit: VanderWolf Images / Shutterstock.com

A top cybersecurity official at the Department of Homeland Security said the coordinated cyberattack on the Ukrainian power grid last year should be a wake-up call for critical infrastructure providers in the U.S.

"Every CEO should ask their IT and control systems if you're protected" against a coordinated cyber assault like the one that happened in Ukraine last December, said Andy Ozment, assistant secretary for cybersecurity and communications at DHS, during the Chemical Sector Security Summit on July 21.

Even though DHS officials have said there is no evidence of similar activity in the U.S., they have been increasingly concerned about the event, and the department sent forensics teams to Ukraine to assess how invaders got into the system and took control.

The attack, which hit regional electricity distribution companies, left more than a quarter of a million people without electricity for days and wiped data from company computers. Officials have called it the first known instance of a cyberattack taking out a power grid.

In his remarks to chemical-sector executives, Ozment said the implications of the attack reach beyond the electrical grid and deep into other critical infrastructure arenas.

"If you haven't taken notice of that, you should," he said, adding that any company that runs control systems could be vulnerable to a similar attack. "It is the template to defend against."

According to Ozment, the Ukraine power grid had "average" security precautions and had not lagged behind in its security measures. He said the attack showed an intricate knowledge of the choke points on control system networks, and the hackers destroyed interfaces between IT and industrial control systems, preventing companies from using the latter systems.

The attack was sudden and complete, he said, and electric company employees saw their computers taken over in front of them, with mouse click commands hijacked for attack purposes. Some employees recorded the action on video, he added.

DHS widened its warning about the attack in March. Ozment and Greg Touhill, deputy assistant secretary of cybersecurity and communications, said at the time that the department had stepped up its briefings with U.S. critical infrastructure providers.

In February, DHS issued a detailed report on the incident on its Industrial Control Systems Cyber Emergency Response Team website. According to the report, the electronic assaults came within half an hour of each other, hit multiple central and regional locations around the country, used remote administration tools at the operating system level, and attacked control system software via a virtual private network connection.

Ozment said a classified version of DHS' findings is available to infrastructure providers through its secure portal.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.