Address
304 North Cardinal St.
Dorchester Center, MA 02124
Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM
Address
304 North Cardinal St.
Dorchester Center, MA 02124
Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM
A group of Democratic lawmakers has expressed concern over the potential for domestic terrorists to use cyberattacks against energy infrastructure. They have asked for a briefing from the Cybersecurity and Infrastructure Security Agency and Department of Homeland Security on the matter. The congressmen cited a report by cybersecurity company Dragos on an incident involving the malware PIPEDREAM, which is believed to be Russian, targeting critical infrastructure. The letter was precipitated by a bulletin from the FBI warning of “continued interest by some racially- or ethnically- motivated violent extremists in conducting attacks against US critical infrastructure, particularly electrical infrastructure.”
The lawmakers are concerned that as racially- or ethnically- motivated violent extremists embrace the use of grid disruptions for ideological means, they could exploit cyber vulnerabilities, particularly where the malware and tactics used to carry such an exploit are known. They also worry that such groups could deploy malware to target energy infrastructure, citing the example of the PIPEDREAM malware, which nearly caused a dozen U.S. electric and liquid natural gas sites to be taken down.
The congressmen highlighted the fact that physical attacks have been connected to the sorts of cyber threats the U.S. energy infrastructure has typically faced with regard to incidents originating from Russia, China, Iran, and North Korea. The Department of Energy reported 163 direct physical attacks against electrical infrastructure across the country in 2022 alone. The FBI and Justice Department also recently announced they stopped a physical attack by two neo-Nazis on five electrical substations in Baltimore.
The lawmakers want to understand evolving cybersecurity threats to the energy sector, such as the PIPEDREAM malware, and how domestic extremists might seek to exploit cyber vulnerabilities for ideological purposes. They note that both CISA and DHS have tools and resources that can be used to protect energy infrastructure from domestic extremists.
The Dragos report on the PIPEDREAM malware found that it targeted critical infrastructure and came “‘the closest we’ve ever been’ to having to take down ‘around a dozen’ U.S. electric and liquid natural gas sites.” Cybersecurity firm Mandiant has also tracked a strain of malware called INCONTROLLER, which similarly “contains capabilities related to disruption, sabotage, and potentially physical destruction.”
Reports from Malwarebytes and Recorded Future’s Inskit Group have also found that Black communities were targeted more than other groups with malware and fraud campaigns by nation-states and criminal groups alike. The lawmakers are concerned that domestic extremists could exploit cyber vulnerabilities to target energy infrastructure for ideological purposes.
The congressmen believe that both CISA and DHS have essential roles in ensuring that local governments are informed and prepared to prevent attacks against electrical facilities. They have asked for a briefing to better understand evolving cybersecurity threats to the energy sector and how domestic extremists might seek to exploit cyber vulnerabilities for ideological purposes.
CISA and DHS have not yet responded to requests for comment about whether they will provide the briefing. The lawmakers’ concerns come as there is an alarming rise of domestic violent extremism and attacks against critical infrastructure generally, and the energy sector in particular. The potential for cyberattacks against energy infrastructure by domestic terrorists is a significant concern that needs to be addressed by the government and industry stakeholders to ensure the security of the nation’s critical infrastructure.