CATEGORIES
home News

First Ever DoS Cyber-Attack On A US Power Grid Detailed In Startling Report

by Chris HarperSunday, September 08, 2019, 03:30 PM EDT
cyberattack power grid
On March 5th, 2019, an unprecedented Denial of Service (DoS) cyberattack occurred on American soil, targeted at the US power grid. This attack mainly affected the Western United States, and was a fortunately low-impact attack. No blackouts were caused, and the machines in question were out of commission for no more than five minutes, according to the North American Electric Reliability Corp, or NERC.

Even so, this leaves a historical mark on American infrastructure, and clearly demonstrates the dangers of increased connectivity. A simple firewall vulnerability was enough to cause multiple devices to be compromised and rebooted from a single point of failure. While the impact this time around was minimal, this could have gone much worse.

According to NERC's report, this problem was caused by outdated firmware. A firmware fix to patch the vulnerability that allowed this attack to happen had been released prior to the attack, but internal processes had been too lax to ensure that patch was applied before it was too late. Even after applying the patch, NERC continued to address the problem by implementing more safeguards in their networks. The steps they took (and recommend to others to protect from attacks like these) include the following:
  • Employing virtual private networks (VPNs)
  • Having fewer devices connected directly to the Internet, which reduces "attack surface" or potential points of failure
  • Implementing ACLs (access control lists) as an additional filter to inbound traffic, even before the firewall
  • ...and many others, mostly stricter monitoring of exploits out in the wild and the network itself
As the United States and other countries shift to a more digital infrastructure, cybersecurity becomes more important than ever. An attacker with the ability to control an entire city's power grid and other utilities could grind that city's entire economy to a halt near-instantly, and devastate countless lives in the process. The only way to prevent issues like these from arising in the future is to further improve security measures, or stick with technology so old that it can't reasonably be exploited.

Note: Denial of Service (DoS) and Distributed Denial of Service (DDoS) are actually slightly different things. Other sources are incorrectly reporting this as the latter, which involves a large number of devices performing an attack on a single source, hence the "Distributed". NERC refers to this attack as a regular old DoS, though, so we are identifying it as that.
Tags:  security, dos, cybersecurity, cyberattack, utilities
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

HotTech

Reprints/Permissions

MORE

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2023 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment