Skip to main content
close search
site logo
Dive Brief

Cyber risk to US utilities seen as limited as Biden sets red line

Critical infrastructure is on high alert, but — at least for now — the conflict in Europe could signal a lull in utility ransomware attacks.

Published March 4, 2022
Robert Walton's headshot
Senior Reporter
High Voltage Electric Power Lines At Sunset
imaginima via Getty Images

First published on

Utility Dive

Dive Brief:

  • Russia's invasion of Ukraine has heightened global tensions and U.S. critical infrastructure sectors are on high alert for potential cyberattacks. But experts say there is no immediate increase in the threat to electric companies, and it may not be necessary for utilities to take additional defensive actions immediately.
  • President Joe Biden last week warned Russia that if it "pursues cyberattacks against our companies, our critical infrastructure, we are prepared to respond." The federal government has been working for months to bolster the defense of 16 critical sectors, Biden said, including energy, communications, financial services and agriculture.
  • Russia has sophisticated cyberwarfare capabilities and in 2015 hackers believed to be backed by the nation shut down parts of Ukraine's power grid. But a similar attack on the United States could be considered an act of war, say experts, meaning state-affiliated hackers may be more cautious right now rather than provoke a response.

Dive Insight:

With a war now unfolding in Europe, are there additional defensive measures that U.S. utilities should be rolling out to protect their systems?

"Not that I can think of. Utilities have been under constant cyberattack for years," energy sector security consultant Tom Alrich said in an email.

U.S. utilities are "closely monitoring the situation" and are coordinating across the industry and with the federal government, according to the Edison Electric Institute, which represents investor-owned utilities. However, the specter of cyber or physical attacks on the U.S. grid "is not new," EEI Senior Vice President for Security and Preparedness Scott Aaronson said in a statement.

"Protecting the nation's energy grid and our critical energy infrastructure is the top priority for America's electric companies," Aaronson said.

Utilities can't let down their guard, but they might actually see a reduction in the near-term threat, according to Mark Lance, senior director of cyber defense at GuidePoint Security.

"It's kind of taboo for ransomware gangs to hit critical infrastructure," Lance said. "Because if there are ties to the Russian government, which, you know, very likely there are ... you would think that [Russia's] government is going to be pretty pissed off that they just initiated some sort of cyber warfare against critical infrastructure for a ransom when they're in the middle of a physical war against Ukraine."

"Right now, if anything, those criminal groups are probably staying away," Lance said. If a hacking group has ties to a nation-state, "they're going to be much more cautious because the state would not want them taking those actions without giving the prior approval."

Sophisticated hackers do have the capability to shut down parts of the U.S. power grid, government officials have confirmed. But security experts say reprisals from the federal government would be swift.

"I don't think even some of the biggest state actors are going to poke that bear," according to Lila Kee, general manager for GlobalSign's North and South American operations and the company's chief product officer.

Last year's attack on the Colonial Pipeline is a good example of the danger that ransomware attacks pose to critical infrastructure, Lance said. Hackers attacked Colonial's information technology systems but the company proactively shut down its operational systems as well, setting off gasoline shortages along the U.S. east coast. 

"I don't think that threat actors wanted that large of an impact," he said. "I don't think that's their idea of being successful. If anything, it puts too much of a spotlight on [the attack]."

But all experts say utilities must remain on guard, and some are focused on the potential for the conflict to expand.

"The current Russia/Ukraine conflict presents a threat to all Western utilities," Ron Brash, vice president of technical research and integrations at industrial control software cybersecurity firm aDolus Technology, said in an email.

"Should a global conflict result, or if Russia (and its allies) decides to target the US (and its western allies), then utilities, among other industries, could be disrupted to create unrest and panic," Brash said.

He added, "if utilities are compromised as a result of Russian cyberattacks, unfortunately, the impacts are likely to cascade" and could potentially lead to a "full-scale war."

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell