Three months after a Department of Homeland Security intelligence report downplayed the threat of a cyber attack against the U.S. electrical grid, DHS and the FBI began a nationwide program warning of the dangers faced by U.S. utilities from damaging cyber attacks like the recent hacking against Ukraine’s power grid.
The nationwide campaign by DHS and the FBI began March 31 and includes 12 briefings and online webinars for electrical power infrastructure companies and others involved in security, with sessions in eight U.S. cities, including a session next week in Washington.
The unclassified briefings are titled “Ukraine Cyber Attack: Implications for U.S. Stakeholders,” and are based on work with the Ukrainian government in the aftermath of the Dec. 23 cyber attack against the Ukrainian power infrastructure.
“These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack,” the announcement by the DHS Industrial Control Systems Cyber Emergency Response Team read.
“The attacks leveraged commonly available tools and tactics against the control systems which could be used against infrastructure in every sector.”
The briefings will outline the details of the attacks, the techniques used by the hackers, and strategies to be used to limit risks and improve cyber security for grid organizations.
Security researchers have concluded the attack was carried out by Russian government hackers based on the type of malicious software, called BlackEnergy, that was detected in the incident.
The threat briefings followed an internal DHS intelligence report published in January that stated the risk of a cyber attack against U.S. electrical infrastructure was low.
“We assess the threat of a damaging or disruptive cyber attack against the U.S energy sector is low,” the report, labeled “for official use only,” says.
The report said advanced cyber attackers, such as nation states like Russia and China, are mainly seeking to conduct “cyber espionage.”
Penetration by foreign hackers into industrial control systems used to remotely control the electrical power grids as well as water and other infrastructure “probably is focused on acquiring and maintaining persistent access to facilitate the introduction of malware, and likely is part of nation-state contingency planning that would only be implemented to conduct a damaging or disruptive attack in the event of hostilities with the United States,” the eight-page report states.
The majority of malicious cyber attacks against energy companies was downplayed as “low-level cybercrime that is likely opportunistic in nature rather than specifically aimed at the sector, [and] is financially or ideologically motivated, and is not meant to be destructive.”
The report also sought to dismiss public references to “cyber-attacks” as exaggeration. “Overuse of the term ‘cyber attack,’ risks ‘alarm
“Overuse of the term ‘cyber attack,’ risks ‘alarm fatigue,’ which could lead to longer response times or to missing important incidents,” the report said.
The report raises questions about whether DHS, which has primary responsibility for protecting U.S. government computer networks and works with the private sector to prevent cyber attacks, understands the infrastructure cyber threat and is seeking to downplay the threat for political reasons.
The Obama administration has adopted an approach that seeks to play down foreign national security threats under conciliatory foreign policies pursuing warmer relations with states such as Russia, China, and Iran.
The DHS report, however, contrasts sharply with recent statements by Adm. Mike Rogers, commander of the Cyber Command, who warned recently that a major cyber attack by nation-states against critical infrastructures poses a major security threat.
“It is only a matter of the ‘when,’ not the ‘if’—we’re going to see a nation-state, group, or actor engage in destructive behavior against critical infrastructure in the United States,” Rogers, who is also director of the National Security Agency, said in a speech March 2.
Rogers described the Ukraine cyber attacks as “a well-crafted attack” that temporarily disrupted electrical power in Ukraine.
- 20yr-Old Chick Draws Gun on Man Who Ran Over Her Family Members at Funeral
- Dude Waves Communist Flag at Trump Rally — Watch What Happens to Him Next
- Imran Awan Allegedly Steals House Democrats’ Laptops, is Arrested; DWS Fights With Capitol Police — This is Big
- Dude Goes on Streaking Rampage After Cutting Off His Penis While High on Drugs [Video]
- Hollywood Freaks After Trump Declares No Transgendered People to Serve in Military: ‘You just pissed off the wrong community.’
- Alert: 18 ‘ISIS Fighters’ Have Been Executed in Libya
- Debbie Wasserman-Schultz’s IT Staffer Tries Fleeing Country After FBI Seize Bashed in Hard Drives
- FBI Grabs Smashed Hard Drives from Debbie Wasserman-Schultz’s IT Aides
- Fast & Furious Eric Holder Attacks Trump for Corruption
- Illegal Immigrant in New York Charged with Raping 12yr-Old Girl More than Once
- Trump Says No To Trans People In The Military
- RNC Chairwoman Ronna Romney McDaniel Warns DWS Obstructed Potential National Security Threat [VIDEO]
- SANCTUARY CITY: Releases Dominican Accused of CHILD RAPE
- Python Swallows Deer Whole in Seconds in Jaw Dropping Video, Or So We Think…
- Trump’s Travel Ban Stops a MAJOR THREAT — But You Won’t Hear the MSM Talking About It
- Regis and Her Father on Fox and Friends
- Hey Ladies: Here is a List of Compact 9mm Concealed Carry Guns that Cost Less Than $600
- Watch: CNN’s Poppy Harlow Confuses American National Anthem for French Anthem