ERCOT, the Texas Power Grid, Under Constant Russian Cyber ​​Threats While Facing Peak Demand as Temperatures Rise

ERCOT, the Texas Power Grid, Under Constant Russian Cyber ​​Threats While Facing Peak Demand as Temperatures Rise
HOUSTON, Texas (KTRK) — In a week when ERCOT, the state energy regulator, is warning of peak demand this weekend as temperatures rise, ABC13 has found that extreme heat and cold are not the only threats to energy production and supply. The Department of Energy, the FBI, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency have issued an alert and advisory of an advanced persistent threat to the energy sector.

SEE RELATED ARTICLE: ERCOT Positioning for Potential Record Demand as Texas Temperatures Expected to Soar This Weekend

It was in May 2021 that hackers shut down the Colonial Pipeline, a gas pipeline between southeast Texas and the East Coast. For six days, hackers stopped the movement of gasoline, diesel, and jet fuel. They demanded a ransom, which the company paid to regain control of their systems.

SEE RELATED ARTICLE: Colonial Pipeline temporarily closes 2 fuel lines as Hurricane Ida makes landfall

Ramanan Krishnamoorti, director of energy at the University of Houston, said the threats extend throughout the energy industry.

“When you saw the Colonial Pipeline, that incident is such a stark reminder of what can happen with cyber attack,” Krishnamoorti said. “Your weakest link is someone’s USB stick that they put into a local computer which then starts leading to this whole cyberattack.”

Colman Ryan calls the threat “cyber warfare.”

Ryan is a forensic investigator in Houston who helps companies identify their weaknesses and harden their systems against everything from attacks by foreign actors to email phishing. He demonstrated how simple it is to learn enough information about a company to probe its systems for weaknesses using automated query chains.

“It’s public. There’s no way to stop these queries,” Ryan said. “These electricity generation companies, not all of them have the same level of security.”

ABC13 also contacted Matt Morris, managing director of 1898 Security and Risk Consulting. Morris explained that hackers are always looking for the weakest point anywhere they can find it.

“This gives a wide range of targets to a potential adversary looking to disrupt, negate, or even remove aspects of power or the energy system,” Morris said.

Another expert paints an equally bleak picture, despite real efforts at all levels to fend off would-be hackers. Chris Bronk, who wrote a book on cyber security threats, frequently advises the government and the military.

Bronk said there is constant vigilance among energy providers to stay ahead of hackers, with the biggest threats coming from Russia and Russian-affiliated groups. Unlike a conventional attack, which could also easily disrupt reliable power, it is an attack that could instantly switch the supply in the wrong direction.

“It’s a patchwork quilt of many different uses, big and small,” Bronk said of the network. “This system, when it gets out of balance, it causes a lot of pain in every place. It’s, you know, what makes everything work.”

It’s a 24-hour fight across a spectrum of the industry to keep the very real threats, ignition and fuel moving, at bay. As the threat unfolds, the University of Houston announced that on Monday, May 2, it would join a US Department of Defense consortium to launch a virtual institute that plans to recruit and train the next generation to combat the cyber warfare, including cyber espionage and attacks on the electromagnetic spectrum.

For updates on this story, follow Tom Abrahams on Facebook, Twitter Y Instagram.

Copyright © 2022 KTRK-TV. All rights reserved.

Leave a Comment