Cyberattackers successfully compromised U.S. Department of Energy computer systems 159 times over a span of 48 months.
After filing a Freedom of Information Act request, USA Today scored on the Energy Department's Joint Cybersecurity Coordination Center report. Federal records revealed that between 2010 and 2014:
- The DOE was attacked 1,131 times.
- There were 159 successful cyber intrusions.
- 53 of the 159 successful compromises "were 'root compromises,' meaning perpetrators gained administrative privileges to Energy Department computer systems." It is unclear if those DOE computers were office PCs, or if the root compromises were on computers managing critical infrastructure. The DOE is not known for having good operational security habits; after the Inspector General audited the Energy Department last year, the report said 41 DOE servers and 14 workstations "were configured with default or easily guessed passwords."
- 90 of the 159 successful hacks "were connected to the DOE's Office of Science, which directs scientific research and is responsible for 10 of the nation's federal energy laboratories."
- Over the same 4-year period, "the National Nuclear Security Administration, a semi-autonomous agency within the Energy Department responsible for managing and securing the nation's nuclear weapons stockpile, experienced 19 successful attacks."
"The potential for an adversary to disrupt, shut down (power systems), or worse ... is real here," stated Scott White, Drexel University Professor of Homeland Security and Security Management and Director of the Computing Security and Technology. "It's absolutely real."
NSA Chief Admiral Michael Rogers, head of US Cyber Command, said nation states devote a lot of time trying to gain access to the US power grid and other critical infrastructure because those nation states want to have "options and capabilities."
In a letter (pdf) to the Government Accountability Office, Rep. Don Beyer cited a USA Today investigative report that found 348 physical attacks and 14 cyberattacks had caused power outages between 2011 and 2014. USA Today previously reported that attacks on the power grid happened about once every four days. "More often than once a week, the physical and computerized security mechanisms intended to protect Americans from widespread power outages are affected by attacks, with less severe cyberattacks happening even more often." Beyer asked the Government Accountability Office to review federal programs aimed at making the grid more resilient.
Although "the electric grid is one of the nation's 16 critical infrastructures," it "is considered a 'unique' critical infrastructure because so many of the other sectors, such as emergency services, communications, water and wastewater systems, financial services, and transportation systems are dependent on uninterrupted access to electricity to operate effectively." Rep. Beyer added, "When the electric grid goes down, all the other services it enables stop functioning."
Sign up for Computerworld eNewsletters.