In May of last year, a significant ransomware attack shut down the Colonial Pipeline for five days. This critical pipeline provides 45% of fuel for the East Coast. And the sudden shutdown left thousands of service stations without gas, pushing prices to the highest levels in six years. The Colonial ultimately paid millions of dollars in ransom to get the pipeline back online. However, this devastating attack left consumers wondering: Can this happen again?
Unfortunately, the answer is yes. A recent study found that cyberattacks on oil and energy infrastructure are rising. At least 35 have occurred in the past five years, accounting for one-third of cyberattack incidents. The U.S. has been the most targeted country, followed by the U.K. and Saudi Arabia.
The threat of cyberattacks seems even more dire in light of the recent unprovoked Russian invasion of Ukraine. As we’ve highlighted in the past, Russia’s GRU (military intelligence) hacker group has targeted the U.S. power grid before. For example, GRU’s Sandworm hacker group placed malware on the U.S. power grid in 2014. Another GRU hacker group called APT28 was caught cyberspying on the grid between December 2018 and May 2020. Russian hackers are also widely believed to be responsible for the Colonial Pipeline attack.
Thus far, the U.S. has managed to avoid the catastrophic cyberattack-induced blackouts like those inflicted upon Ukraine in 2015 and 2016.
However, leading up to Russia’s invasion of Ukraine, the GRU launched a fresh round of cyberattacks. While the attacks have so far focused on government and bank websites, they are obviously part of a broader cyber offensive, possibly targeting the media, transportation networks, and of course, the power grid.
U.S. officials warn that, even though Russia is focusing its energy on Ukraine now, the country has a long track record of launching cyber operations that extend far beyond its borders.
“While there are currently no specific or credible cyber threats to the homeland, the U.S. government has been preparing for potential geopolitical contingencies since before Thanksgiving,” says Anne Neuberger, the deputy national security advisor for cyber and emerging technology.
The Biden Administration has selected a proactive approach going full “shields up” to protect critical U.S. infrastructure. This protection includes pipelines, banks, airlines, and hospitals. In addition, the FBI has asked local and state officials to consider how ransomware attacks could disrupt their critical services. Nevertheless, officials continue to stress that vigilance is vital.
If anything productive has emanated from the previous hacking of the U.S. Bulk Electric System, it has shed a spotlight on this engineering marvel’s potential vulnerabilities. But vigilance is still paramount in light of Russia’s unprovoked aggression in Ukraine. More than ever, the integrity of an affordable, reliable, and resilient energy supply depends on it.