The U.S. Department of Homeland Security is working on a war footing to disrupt potential Electromagnetic Pulse attacks that could disrupt unprotected critical infrastructure within the U.S. and endanger thousands of lives.
DHS said that following the signing of a Presidential order in March 2019 to establish resilience against Electromagnetic Pulse attacks, it has coordinated with the Cybersecurity and Infrastructure Agency (CISA), the Science and Technology Directorate (S&T), and the Federal Emergency Management Agency (FEMA) to address known EMP-related vulnerabilities to critical infrastructure.
“EMP attacks are part of the emerging threats against our nation and demand a response. That is why DHS is taking these contingencies very seriously, working diligently to mitigate our risks and equipping our state and local partners with the resources they need to do the same. We’ve made significant progress and look forward to the work ahead,” said Senior Official Performing the Duties of the Deputy Secretary Ken Cuccinelli.
CISA Director Chris Krebs said one of his agency’s priorities is understanding and mitigating threats associated with Electromagnetic Pulse attacks and they have worked with fellow agencies to identify the footprint and effects of EMP threats and develop sustainable, efficient, and cost-effective approaches to improving the Nation’s resilience to EMPs.
Commenting on the DHS’ preparations to tackle potential Electromagnetic Pulse attacks, Jamie Akhtar, CEO and co-founder of CyberSmart, said governments like the US invest a lot of resources into investigating, monitoring, and simulating potential risks to national infrastructure and security and the fact that they have identified EMP as a potential threat already gives them an edge in protection.
“It is the businesses, and individuals, who aren’t aware or ignore the threat of cyber attack, that are truly at risk. These may not shut down power, but we have seen a substantial rise in breaches of SMEs since lockdown that have caused significant financial and reputational damage. Most of these threats to organisations can be mitigated by following basic cyber hygiene such as the standards set out in the UK’s Cyber Essentials scheme which includes making sure software is up to date and all staff members are using strong passwords and two-factor authentication,” he added.
Critical infrastructure operators must follow cyber security best practices
The possibility of massive cyber attacks targeting electricity grids worldwide is a major possibility and operators of critical infrastructure should not have any excuse for not taking urgent steps to protect their digital systems and architecture from realistic cyber threats.
For instance, in May this year, British power grid company Elexon said it suffered a cyber attack targeting its internal IT systems that locked its employees out of internal email accounts and prevented them from using laptops remotely.
According to Joseph Carson, chief security scientist at Thycotic, Elexon had reportedly been running an outdated VPN server which has been an emerging threat for companies that have failed to patch and update known vulnerabilities even security software. This, coupled with the mix between new technology and old technologies, leaves critical infrastructure that have legacy hardware and software unpatched with poor security practices, exposed to serious cyberattacks.
“In many incidents poor cybersecurity best practices have been sacrificed such as unpatched software, default credentials, poor privileged access security and no multifactor authentication leaves energy sector open to cyberattacks. Luckily for this particular incident, the attack only impacted the IT operations and not the critical services they provide,” he added.