DOE: Cyberattack Interrupted US Electrical Services

The Department of Energy (DOE) has confirmed that a distributed denial-of-service attack (DDoS) perpetrated against an energy company caused “interruptions of electrical system operations,” according to a report.

The “cyber event” occurred on March 5 and lasted almost 10 hours. The DOE said the attack pushed the energy company’s systems offline with an overload of traffic. The name of the energy company was not released.

“DOE received a report about a denial-of-service condition that occurred at an electric utility on March 5, 2019 related to a known vulnerability that required a previously published software update to mitigate,” a spokesperson for DOE said. “DOE continues to work with our industry partners through the ISACs to ensure the dissemination of the appropriate mitigation information to manage their associated risks.”

The affected power company provides electricity to Los Angeles, Salt Lake County in Utah and Converse County in Wyoming.

“The incident did not impact generation, the reliability of the grid or cause any customer outages,” the DOE said.

The government considers power grids as critical infrastructures, and successful attacks against them are rare. In Christmas of 2015, Russian hackers were blamed for a power outage in the Ukraine. The ensuing blackout left an estimated 250,000 without power for two days.

As early as 2017, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) warned that sophisticated hackers were targeting nuclear, energy, aviation, water and critical manufacturing industries, as well as government entities.

The goal of the hackers was to use malicious emails and websites to obtain credentials in order to access the computer networks. The hackers were able to compromise some of the targets, but the government didn’t provide information about any specific incidents. Authorities had been monitoring the activity for months, noted Reuters, citing a confidential report that was distributed to firms determined to be at risk of attack. The report provided information on activities that targeted nuclear energy and critical manufacturing sectors.