WASHINGTON – In the past eight months, federal authorities have issued public warnings about foreign hackers penetrating the US power grid and other critical infrastructure. Cybersecurity experts say the intent is to plant digital grenades in those systems until they decide to pull the pin.
These attacks are from an enemy who may never step on US soil. But they could cripple vital systems like electricity, food, water, and manufacturing.
"Right now we are tracking about eight different teams that specifically target industrial networks," said Robert Lee, Founder, and CEO of Dragos, Inc.
Lee spent five years working at the National Security Agency and Pentagon Cyber Command before forming Dragos, Inc.
Lee and his crew protect industrial control systems by acting like detectives investigating a crime scene.
Tracking the Enemy in Cyber Space
Marc Seitz is a threat analyst for Dragos.
"They're leaving breadcrumbs the entire way through," Seitz said of the foreign hackers he's tracking. "They are giving us pieces to find their behaviors until they get to that impact."
Working from a warehouse in Hanover, Maryland, Dragos employees track foreign hacking groups in real time, then hunt them down to prevent damage to facilities that produce oil, gas, and other energy.
"We've seen these are not theoretical attacks," Lee told CBN News. "My team was involved in the two different Ukraine attacks. Ukraine 2015 and 2016, a national level adversary compromised a portion of their power grid and were able to turn off the lights in those regions."
The Potential: Casualties on a Massive Scale
Lee says these cyber enemies are now going way beyond controlling light switches.
"Now we are starting to see really aggressive behavior," Lee said
An attack on the United States could create casualties on a massive scale. Research shows a cyber attack on the power grid that shuts off electricity would potentially leave millions of Americans without food, clean water, access to money, health care and more.
"Frankly, the United States is under attack. Under attack by entities that are using cyber to penetrate virtually every major action that takes place in the United States," said Dan Coats, Director of National Intelligence at a Congressional hearing on national security threats.
Multi-Pronged Threats to US Security
Coats also told Congress that cyber weapons exist in the hands of not only countries but also terrorists and other activists.
"While Russia, China, Iran, and North Korea pose the greatest cyber threats, other nation-states, terrorist organizations, trans-national criminal organizations and other more capable groups and individuals use cyber operations to achieve strategic and objectives," he said.
Dr. Peter Pry, Executive Director for the Task Force on National and Homeland Security agrees.
"This isn't a sideshow," he said. "This is the way the primary way our enemies would come after us in a future war, cyber, physical sabotage and nuclear EMP attack."
Pry worked on the US commission assessing the threat of an electromagnetic pulse (EMP) attack, which would wipe out electrical systems.
EMP Could Kill 90% of Americans Within One Year
As an example, he says a country like North Korea could target the US by transporting a nuclear weapon over the south polar region, then detonating it to create a high-altitude EMP.
A Congressional report shows such an attack could shut down the US power grid indefinitely. That could lead to the deaths of up to 90 percent of all Americans within a year.
How much would it cost to secure our power grids? In 2008, the EMP Commission estimated it would cost around two billion dollars. But former CIA Director James Woolsey says the amount to strengthen the grid would likely be in the tens of billions of dollars.
Still, Pry says the DC bureaucracy and political influence prevents that from happening.
"The electric power industry doesn't want to do it. They have vast lobbying resources on K Street. They own basically the US Federal Regulatory Commission, which recently defied Secretary of Energy, Perry and his effort to come up with a more secure power grid. They actually defied the Secretary of Energy," Pry told CBN News.
Another major issue: While larger utilities have beefed up cyber defense, smaller regional companies often overlook the need for such security.
"Anywhere between 80 to 90 percent of the critical infrastructure in this country is held in private hands. Other than the regulators, there is no real control over doing the things that you need to do. Doing the basic blocking and tackling of cyber hygiene and so forth," said John Felker, DHS Director of National Cybersecurity.
Since our critical infrastructures depend on each other, Homeland Security holds exercises like Cyber Storm 6.
It simulates various cyber attacks simultaneously on a variety of facilities forcing federal, state and local agencies to work with private companies to quickly find solutions.
"The ability to exercise how we coordinate, how we collaborate, how we share information," Jeanette Manfra, the Assistant Secretary of National Cybersecurity said. "Because that is just as important as we've seen in real life situations, as the technical means of identifying whose doing it and get them off the computers."
Bottom line, enemies both big and small want to plant cyber sleeper weapons within our infrastructure so they can eventually use them to destroy our way of life. The challenge will be ensuring a full team effort between government and private enterprise to fully protect us.