It’s been an open secret that several hostile foreign powers could engage in cyberattack American grid and knock out our power supply. That is how vulnerable we are to such a terror attack. And Iran is one of countries can do it. It would be devastating. And the government has no answer for that threat. We need to be concerned:
…The Department of Homeland Security issued a bulletin from its National Terrorism Advisory System. “Iran maintains a robust cyber program and can execute cyber attacks against the United States,” the alert said. “Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.” Another bullet point noted that “an attack in the homeland may come with little or no warning.” Shortly after, hackers claiming to be affiliated with Iran took over the Web site of the Federal Depository Library Program, an American government agency that distributes government publications, and inserted a picture of Trump being punched in the face, with blood dripping from his mouth. “Martyrdom,” the accompanying message read, was Suleimani’s “reward for years of implacable efforts.
…In 2010, the United States and Israel covertly inserted malware into the automated control system at Iran’s Natanz nuclear facility, causing nearly a thousand centrifuges to self-destruct. The centrifuges were necessary to enrich uranium for nuclear weapons, and the Stuxnet attack, as it came to be known, was credited with slowing down Iran’s nuclear program and driving the Iranians to the negotiating table. Though neither Israel nor the United States has claimed credit for the attack, the ensuing nuclear deal, signed in 2015, was seen as a triumph for the Obama Administration. (Trump unilaterally walked away from the deal in 2018.) But an unintended consequence of Stuxnet—along with the inadvertent release of the virus into the “wild,” where it continues to be used by nation-state and rogue hackers—was that it inspired the Iranian government to accelerate the development of its own cyber army within the Islamic Revolutionary Guard Corps. The government also recruited thousands of volunteer “patriotic” hackers—among them, criminal gangs and ideologically aligned terrorist groups such as Hezbollah—who work independently, but with the regime’s implicit blessing. (In its most recent bulletin, the D.H.S. noted that “Homegrown Violent Extremists could capitalize on the heightened tensions to launch individual attacks.”) As Ed Parsons and George Michael, who research cyber threats in the private sector, have pointed out, “The Iranian regime has demonstrated greater appetite towards destructive or disruptive cyber-attacks in peacetime than any other nation.”
Such an attack would be devastating. It’s also very doable:
The U.S. power grid has long been considered a logical target for a major cyberattack. Besides the intrinsic importance of the power grid to a functioning U.S. society, all sixteen sectors of the U.S. economy deemed to make up the nation’s critical infrastructure rely on electricity. Disabling or otherwise interfering with the power grid in a significant way could thus seriously harm the United States.
Carrying out a cyberattack that successfully disrupts grid operations would be extremely difficult but not impossible. Such an attack would require months of planning, significant resources, and a team with a broad range of expertise. Although cyberattacks by terrorist and criminal organizations cannot be ruled out, the capabilities necessary to mount a major operation against the U.S. power grid make potential state adversaries the principal threat.
…Iran, as an emergent cyber actor, could acquire such capability. Rapid digitization combined with low levels of investment in cybersecurity and a weak regulatory regime suggest that the U.S. power system is as vulnerable—if not more vulnerable—to a cyberattack as systems in other parts of the world.
Iran has been preparing for cyberterror against the U.S. for some time. This article is from June 2019:
Iran may attempt to retaliate against the U.S. with disruptive cyberattacks if tensions between the two nations over a series of incidents across the Middle East continue to escalate, according to current and former U.S. officials, as multiple cybersecurity firms said they had already seen signs Tehran is targeting relevant computer networks for intrusion.
We were warned 10 years ago. And nothing has changed:
Experts and lawmakers are increasingly warning that terrorists or enemy states could wage that exact type of attack, idling electricity grids and disrupting everything from communications networks to military defenses.
The Federal Energy Regulatory Commission is pushing Congress for authority to require power companies to take protective steps, which could include building metal shields around sensitive computer equipment.
An expert panel that Congress created to study such an attack says it would halt banking, transportation, food, water and emergency services and “might result in defeat of our military forces.”
“The consequences would be catastrophic,” said Joseph McClelland, director of the energy commission’s Office of Electric Reliability.
“It would bring down the whole grid and cost between $1 trillion and $2 trillion” to repair, said Rep. Roscoe Bartlett, R-Md. Full recovery could take up to 10 years, he said.