nced countries in the world,
hnologically vulnerable countries in the world.”
SEN. ANGUS KING (I-MAINE)
reconnecting to the grid for a certain amount of time during a cyberattack, said Gib Sorebo, chief cybersecurity strategist at Leidos.
But expanding that approach to a broader swath of grid devices comes with risks, he added.
“From a security point of view, it may limit your ability to have visibility into parts of the grid by turning it into ana- log,” he told FCW. “The best approach is probably a targeted one where you’re focused on certain critical elements where the economic and efficiency losses would not be significant.”
Utilities can deploy out-of-band sen- sors or those without control functions that would be vulnerable to attacks. But beyond that, significantly retrofit- ting the grid with analog systems could be costly and might require utilities to hire employees to operate the systems — and those skills have become less common with grid automation, Sorebo said.
On the ground in Ukraine
Ann Barron-DiCamillo led DHS’ U.S. Computer Emergency Readiness Team when the Ukrainian grid was attacked last December. In February, she sent a team of analysts to Ukraine to study the cyberattack. The delega- tion included industrial control sys- tem (ICS) experts from DHS and offi- cials from the FBI and DOE.
US-CERT’s report states that dur- ing the cyberattack, multiple hackers remotely operated circuit breakers using existing administration tools or remote ICS software. The Ukrainian power companies “believe that the actors acquired legitimate credentials prior to the cyberattack to facilitate remote access,” the report adds.
Barron-DiCamillo declined to elab- orate on her team’s findings beyond what is in the report, but she did say US-CERT’s preexisting relationship with its counterpart in Ukraine made for a smooth investigation.
In general, it is problematic if industrial control systems are com- pletely digitized because they might be unable to operate in a degraded mode when attacked, said Barron- DiCamillo, who is now chief technolo- gy officer at Strategic Cyber Ventures. “You can’t have all your eggs in one basket,” she added.
Even if a utility hedges against digi- tization, it faces another huge chal- lenge in responding to a cyberattack. The concept of mutual assistance that U.S. utilities have relied on to help one another restore power after natu- ral disasters, for example, could be much more difficult to apply after a large-scale cyberattack. Stockton and other outside advisers made that point in a recently submitted report to Homeland Security Secretary Jeh Johnson.
Restringing power lines is a similar process from one utility to the next, but “much greater variation exists
July 15, 2016 FCW.COM 19