SEE RELATED ARTICLE: ERCOT Positioning for Potential Record Demand as Texas Temperatures Expected to Soar This Weekend
It was in May 2021 that hackers shut down the Colonial Pipeline, a gas pipeline between southeast Texas and the East Coast. For six days, hackers stopped the movement of gasoline, diesel, and jet fuel. They demanded a ransom, which the company paid to regain control of their systems.
SEE RELATED ARTICLE: Colonial Pipeline temporarily closes 2 fuel lines as Hurricane Ida makes landfall
Ramanan Krishnamoorti, director of energy at the University of Houston, said the threats extend throughout the energy industry.
“When you saw the Colonial Pipeline, that incident is such a stark reminder of what can happen with cyber attack,” Krishnamoorti said. “Your weakest link is someone’s USB stick that they put into a local computer which then starts leading to this whole cyberattack.”
Colman Ryan calls the threat “cyber warfare.”
Ryan is a forensic investigator in Houston who helps companies identify their weaknesses and harden their systems against everything from attacks by foreign actors to email phishing. He demonstrated how simple it is to learn enough information about a company to probe its systems for weaknesses using automated query chains.
“It’s public. There’s no way to stop these queries,” Ryan said. “These electricity generation companies, not all of them have the same level of security.”
ABC13 also contacted Matt Morris, managing director of 1898 Security and Risk Consulting. Morris explained that hackers are always looking for the weakest point anywhere they can find it.
“This gives a wide range of targets to a potential adversary looking to disrupt, negate, or even remove aspects of power or the energy system,” Morris said.
Another expert paints an equally bleak picture, despite real efforts at all levels to fend off would-be hackers. Chris Bronk, who wrote a book on cyber security threats, frequently advises the government and the military.
Bronk said there is constant vigilance among energy providers to stay ahead of hackers, with the biggest threats coming from Russia and Russian-affiliated groups. Unlike a conventional attack, which could also easily disrupt reliable power, it is an attack that could instantly switch the supply in the wrong direction.
“It’s a patchwork quilt of many different uses, big and small,” Bronk said of the network. “This system, when it gets out of balance, it causes a lot of pain in every place. It’s, you know, what makes everything work.”
It’s a 24-hour fight across a spectrum of the industry to keep the very real threats, ignition and fuel moving, at bay. As the threat unfolds, the University of Houston announced that on Monday, May 2, it would join a US Department of Defense consortium to launch a virtual institute that plans to recruit and train the next generation to combat the cyber warfare, including cyber espionage and attacks on the electromagnetic spectrum.
Copyright © 2022 KTRK-TV. All rights reserved.