Hackers Threaten Power Grid. FERC Strengthens Security Standards

While I enjoyed the first two Bruce Willis <i>Die Hard</i> movies, <i>Live Free or Die Hard</i> was a different story. The coordinated, near simultaneous cyberattacks of the power grid, financial systems, government databases, and media satellites was so over-the-top that I couldn't suspend my disbelief long enough to enjoy the movie. Maybe that's because I've long been suspicious of the terms cyberterrorism and cyberwarfare. In fact, the threats of thunderstorms, tornadoes, and overgrown trees

2 Min Read
Dark Reading logo in a gray background | Dark Reading

While I enjoyed the first two Bruce Willis Die Hard movies, Live Free or Die Hard was a different story. The coordinated, near simultaneous cyberattacks of the power grid, financial systems, government databases, and media satellites was so over-the-top that I couldn't suspend my disbelief long enough to enjoy the movie. Maybe that's because I've long been suspicious of the terms cyberterrorism and cyberwarfare. In fact, the threats of thunderstorms, tornadoes, and overgrown trees are a greater threat to the daily delivery of your electricity fix than hackers. So are strategically placed explosives.But in light of some of the news that's been trickling out, I'm starting to up my concern level. According to several news reports, including this story by Thomas Claburn, hackers, apparently profit motivated, managed to turn the lights off in several cities while also demanding extortion money. Fortunately, these events occurred outside the United States.

I wouldn't get too worked up over these events. But we need to be prepared, probably better prepared than we are today. Fortunately, just this week, the Federal Energy Regulatory Commission is strengthening how it secures the IT systems underlying the power grid.

I've long argued that if the utilities protect themselves from traditional cyberattacks using standard best IT security practices then they'd be prepared against most types of attacks that could be levied against them. The tools available to cyberterrorists are no different than those available to anyone else. There's no special class of cyberterrorist attack tools.

The same is true for physical terrorism. If the utility industry is adequately prepared for natural disasters such as hurricanes, tornadoes, and earthquakes, then we're prepared for most anything a small group of terrorists could do. There's not much difference between the response to unexpected natural disasters and unexpected terrorist attacks. In fact, natural disasters would likely be worse, and cover a wider geographic area.

About the Author

George V. Hulme, Contributing Writer

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights