E&E (Energy & Environment) News reported that “A recent cyber disruption to the U.S. grid involved a “denial of service condition” at a Western utility, according to a Department of Energy official [DOE].” The May 2, 2019 report entitled “Denial of service’ attack caused grid cyber disruption: DOE” included these comments:
On March 5, an unidentified power company fell victim to a “cyber event” that interfered with operations but stopped short of causing blackouts, according to a DOE filing this week.
A DOE official confirmed yesterday that the event “did not impact generation, the reliability of the grid or cause any customer outages.”
In December 2015, suspected Russian hackers used stolen login credentials and a TDOS attack to hit three distribution utilities in Ukraine, briefly cutting the lights to about a quarter-million people in a first-of-its-kind cyberattack (Energywire, July 18, 2016).
The March event doesn’t appear to be part of such a coordinated hacking campaign, based on the limited information disclosed by DOE and several organizations in the anonymous utility’s service area of Utah, Wyoming and Southern California.
Still, a malicious cyberevent wasn’t previously known to have interfered with U.S. grid operations, making the March 5 disclosure significant.
This is thought provoking news!