A DDoS attack caused "interruptions" in the operations of the power system: DoE

Power grid operations in two densely populated areas of the United States – Los Angeles County, California and Salt Lake County, Utah – were interrupted by a denial-of-service attack in March, according to the Disturbance and Disturbance Report Electrical Ministry of Energy for March. .

The attack did not disrupt the power distribution or cause a breakdown, confirmed the Department of Energy, but caused "interruptions" in "the operation of the electrical system". In this case, the term "operations" does not refer to the provision of electricity to consumers, but may cover all computer systems used in utilities, including those that handle office functions or computer software. exploitation.

Although the attack did not interrupt the service, denial-of-service attacks are easily preventable and most large companies no longer regard them as major threats. The success of this operation raises the question of whether public services are prepared for a much more sophisticated attack, as the US government has warned.

A Ministry of Energy official told CNBC: "The DOE received a report on a denial of service situation that occurred on March 5, 2019 from an electricity supplier, related to a known vulnerability requiring a previously released software update to mitigate this incident, no impact on generation, network reliability or customer outages. "

The incident, which occurred between 9:12 and 18:57, also shut down the electrical system in Kern County, California and Converse County, Wyoming.

A distributed denial of service, or DDoS, is to provide a significant flow of information and internet traffic, usually using a network of hacked computers, in order to overwhelm the systems. of a target.

DDoS attacks are one of the simplest forms of cyber attack to execute. These were very common, but there are common practices to prevent them, and most large organizations have virtually eliminated them as threats. The fact that such an easily avoidable attack has been successful against a system serving such a large electricity distribution area is of concern, particularly because energy is one of the most important sectors of the "critical infrastructure" sector. from the US government, subjecting them to the strictest protections.

The DOE has not published any information on the origins of the attack. US authorities have indicated that several countries, including Russia, Iran and China, have organized attacks against the US power grid, often for the purpose of infiltrating the network or collecting intelligence.

But a DDoS attack is a relatively unsophisticated type of attack designed to quickly destroy a computer network. This means that the culprit could be almost anyone, from an individual to a larger group.

"DDoS is the fruit at hand in the world of hackers.It is very noisy and it is easy to detect quickly.One who operate at the level of nation-states do not need to be aware of it. use DDoS, "said Chris Grove, director of the industrial sector. cybersecurity at Indegy, a cybersecurity firm for industrial systems and utilities. "If it was an attack on a nation-state, they would not conduct a DDoS attack to attack it, they would probably do a better job."

This is the first cyber disruption reported by the Ministry of Energy in 2019.

Last year, the DOE reported four reported cyber-events. One of them, like the March 5 incident, caused interruptions in the electrical system in Midland and Genesee counties, Michigan. The other three have been reported as "potentially affecting the adequacy or reliability of the power system".