Discussion response needed, needs to be a dialogue
Based on your research what are some of the continuing concerns?
Power outage would be the number one concern due to Russiaâ€™s cyberattack on Ukrainian power companies. Russia cyber-attack caused blackouts in several regions in Ukraine (FireEye, Inc., 2016).
What is the impact if a cyber-attack is launched against the Energy Sector?
Russia demonstrated what a cyber-attack can accomplish on an adversary grid. Such as Russia used spear phishing to plant BlackEnergy3 malware, which was used to disable control system computers. As a result, the utilities relied on manual efforts to restore power (FireEye, Inc., 2016).
BlackEnergy3 malware provided a foothold for key access to networks that allowed the hackers to then open circuit breakers that cut power (Kirk, 2016).
Do you think that type of attack would have a significant impact or is our infrastructure robust enough to withstand an attack?
To analyze, Ukrainian power companies control systems technology or vulnerability to cyber-attack is not unique. Due to BlackEnergy3 malware has been found within organizations that operate critical infrastructure in the United States and abroad (FireEye, Inc., 2016). It’s the same method of attack that was used against a number of U.S. critical infrastructure targets in 2014. The author mentions that â€œthough it’s not clear if any of those incidents led to a similar electricity failureâ€ (Stone, 2016).
What recommendations would you make if you were a Cyber Analyst giving your opinion to Congress?
The author recommend that â€œPower companies around the world should review the security architecture of ICS networks, log and monitor ICS events and traffic, search for indicators of compromise, and prepare incident response plansâ€ (FireEye, Inc., 2016).
FireEye, Inc. (2016). Cyber-attack on the Ukrainian Grid: What Should you know. Retrieved from https://www.fireeye.com/content/dam/fireeye-www/gl…
Kirk, J. (2016). Malware alone didn’t cause Ukraine power station outage. Retrieved from http://www.pcworld.com/article/3020631/malware-alo…
Stone, J. (2016). US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack. Retrieved from http://www.ibtimes.com/us-confirms-blackenergy-mal…