IBJNews

MISO data breach latest in hackers’ efforts to reach power grid

Back to TopCommentsE-mailPrintBookmark and Share

Operating cost data from participants in a Carmel-based power network stretching from the Midwest to the Gulf Coast was compromised in a computer breach that highlighted the rising vulnerability of the U.S. electricity infrastructure.

Midcontinent Independent System Operator Inc. said it was notified June 26 that a computer server tied to its independent monitor was breached. The grids serving California, Texas, New York and New England, which use the same market monitor, weren’t affected because their data isn’t housed on the same server, according to an email MISO sent to market participants.

Utilities have stepped up their information security efforts as new sources of power have made grids more vulnerable by adding potential entrances for hackers. Last week it was disclosed that intruders known as “Dragonfly” and “Energetic Bear” gained access to U.S. and European power networks in the past 15 months.

“These attacks over the past three to five years have increased in level and intensity from the information I’ve seen,” Jon B. Wellinghoff, a San Francisco attorney who served as chairman of the Federal Energy Regulatory Commission from 2009-2013, said in a telephone interview after the alert was issued.

President Barack Obama signed an executive order in February calling for work to assess which parts of the grid are most at risk.

MISO, based at 720 City Center Drive in Carmel, said it reported the intrusion to FERC and began investigating. In separate statements, the Electric Reliability Council of Texas Inc. and ISO New England Inc. said they took precautions to protect their systems.

There was no disruption of U.S. power supplies or the markets from the breach, which MISO was alerted to by market monitor Potomac Economics, John Goode, MISO chief information officer, said in a conference call with reporters.

MISO severed its computer connection to Potomac’s systems as a precaution after it was notified of the breach. While the perpetrator could have seen the market data on the affected server, there is no indication that happened, Goode said. MISO advised market participants to update passwords.

Potomac Economics President David Patton didn’t immediately respond to an email requesting comment. A message on the firm’s website today said the site was temporarily unavailable while maintenance was being performed.

While hackers have taken down U.S. utility websites with denial-of-service attacks and jeopardized customer files, “to my knowledge, there has not been a successful attack in the U.S. that has disrupted power,” Scott Aaronson, senior director for national security policy at the Edison Electric Institute, a trade group, said in a June 30 telephone interview.

Hackers will keep trying, Emile Trombetti, a Linthicum, Maryland-based senior vice president and cybersecurity expert at Booz Allen Hamilton, said today in a telephone interview.

“As long as there is a computer, there will be a vulnerability,” Trombetti said.

ADVERTISEMENT

Post a comment to this story

COMMENTS POLICY
We reserve the right to remove any post that we feel is obscene, profane, vulgar, racist, sexually explicit, abusive, or hateful.
 
You are legally responsible for what you post and your anonymity is not guaranteed.
 
Posts that insult, defame, threaten, harass or abuse other readers or people mentioned in IBJ editorial content are also subject to removal. Please respect the privacy of individuals and refrain from posting personal information.
 
No solicitations, spamming or advertisements are allowed. Readers may post links to other informational websites that are relevant to the topic at hand, but please do not link to objectionable material.
 
We may remove messages that are unrelated to the topic, encourage illegal activity, use all capital letters or are unreadable.
 

Messages that are flagged by readers as objectionable will be reviewed and may or may not be removed. Please do not flag a post simply because you disagree with it.

Sponsored by
ADVERTISEMENT

facebook - twitter on Facebook & Twitter

Follow on TwitterFollow IBJ on Facebook:
Follow on TwitterFollow IBJ's Tweets on these topics:
 
Subscribe to IBJ
ADVERTISEMENT