By Editors of Power Engineering
A new analysis of industrial control components used by utilities indicated 61 percent of them could cause “severe operational impact” if affected by a cyberattack.
The research from cybersecurity firm Dragos, as reported by The Daily Beast, looked at 163 new security vulnerabilities that came to light last year. So far, 72 percent of the vulnerabilities have no known way to be closed.
However, only 15 percent of the vulnerabilities are accessible from the outside, with the rest requiring the attacker to have already gained access to a plant operations network. The majority of the security holes are in equipment that are already tightly secured in other ways.
The report by Dragos, which covers an array of potential cybersecurity threats worldwide, notes Russian hackers caused an electrical outage in Ukraine over a year ago, and North Korea may be looking to do the same in the United States. Currently, malware known as Covellite is attacking electric utilities in the United States, Europe and parts of east Asia with spear-phishing attacks.