To protect the U.S. electric grids from cyberattacks, cybersecurity experts testifying before the Senate Energy and Natural Resources Committee Oct 26th urged for moving the grid off of the public internet and utilizing quantum encryption capabilities.
The experts also advised for greater government participation and public/private sector coordination.
An archived video of the testimony from representatives of the Pacific Northwest, Oak Ridge and Idaho National Laboratories, Qubitekk, and New Context Services is available here.
U.S. Sen. Lisa Murkowski, (R-Alaska), chairman of the Senate Committee on Energy and Natural Resources, said that there is significant research underway to enhance the safety and reliability of U.S. energy systems. “Whether it is the application of quantum encryption, artificial intelligence, or moving control of grid infrastructure off of the public internet,” she noted in a statement.
Targeted attacks are increasing against organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors, warned a recent technical alert from the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).
The goal of the campaign is to compromise networks with malicious emails and websites to obtain credentials for accessing computer networks of their targets.
Historically, energy sector attacks have yielded various results like the ability for cyber espionage operations to the disruption of energy systems, according to the report.
Accordingly, Symantec in September detailed the resurgence in energy sector attacks, with the possibility of sabotage, linked to the re-emergence of Dragonfly cyber espionage group, which has been in operation since about 2011.
“The energy sector in Europe and North America is being targeted by a new wave of cyberattacks that could provide attackers with the means to severely disrupt affected operations,” the cybersecurity enterprise said in a blog post.
The campaign is “still ongoing and threat actors are actively pursuing their objectives over a long-term campaign,” according to Homeland Security.
In July, the Cisco Talos Intelligence team wrote about email-based attacks targeting the energy sector using a toolkit called Phishery.