- A new report released on Monday from Connecticut state officials described a growing cybersecurity threat that the state's four major utilities, Aquarion, Avangrid, Connecticut Water and Eversource, managed to hold at bay in the past year.
- While there were no successful intrusions in the past year, officials say there were millions of attempts, with issues consuming more and more time and effort to combat. The analysis also cites "significant improvements and areas of progress" and concluded there were "no known cyber breaches" despite millions of attempts in the last year.
Protecting critical infrastructure from intruders has become a major challenge and priority in recent years, and has risen the ranks of utility concerns. This summer the Department of Energy announced a new initiative to test the power grid's ability to recover from outages caused by cyberattacks.
Connecticut utility efforts to protect their networks from cybersecurity were successful last year but the state's report highlights what has become common knowledge: hackers' efforts are increasingly targeted, sophisticated and numerous — likely to be successful eventually.
However, the report also concludes that Connecticut's utilities "are spending more time, devoting more resources, educating their workforces and transforming their cultures more thoroughly to meet the increased level of threats."
The Connecticut Critical Infrastructure 2018 Annual Report is a consensus analysis developed by four state officials and all four public utilities. The report is meant as an overall assessment of the state's electric, natural gas and large water companies' efforts to detect and prevent cybersecurity threats rather than to reflect on specific incidents or companies.
The utilities reported both "increased volume and changing forms of cyber probes on their operating systems during the past year." In particular, increasingly-customized hacking efforts are aimed at specific companies or individuals, known as "spear phishing," and the report warns these attacks may be difficult to repel.
It is "virtually impossible to prevent some success by high-quality spear phishing," the analysis finds.
The Department of Homeland Security sounded the alarm over the summer, claiming Russian-backed hackers had gained the ability to "throw switches" on the power grid and create blackouts. While that warning was ultimately tempered, and officials say it was somewhat overstated, it reflects a growing worry that widespread blackouts could be caused by bad actors.
DOE last month announced a new exercise, "Liberty Eclipse," to test the grid's blackstart capabilities after a cyber-induced blackout. That would fit alongside the North American Electric Reliability Corp.'s biennial "GridEx," simulated attack exercise, which has grown rapidly in recent years.