Hackers increasingly threaten sites in the U.S. ranging from nuclear power plants to water processing systems, according to a member of the Federal Energy Regulatory Commission, adding his voice to warnings from several agencies and officials in recent weeks.
"Cyberattacks have the potential to cause significant, widespread impacts on energy infrastructure," Commissioner Neil Chatterjee said Friday in an emailed response to questions. "Sophisticated hacking tools are becoming more widely available, and cyber threats are constantly evolving, making such attacks more versatile."
Chatterjee’s remarks underscore the alarm growing after the FBI and the Department of Homeland Security issued a report earlier this month saying that Russian hackers have been attacking the electric grid, power plants, air transportation facilities and targets in the commercial and manufacturing sectors -- attempting to gain remote access or install malware or make spear phishing attempts.
A report released by the Energy Department last year warned that the country’s power grid was in "imminent danger" from a cyber attack.
Energy Secretary Rick Perry said on Thursday agreed that the attacks linked to the Russians were an "act of war."
"We are making I think every effort to protect the electrical grid from those types of attacks," Perry said in testimony before the Senate Armed Services Committee. "I agree the United States and the rest of the world need to send a very powerful message to Russia relative to some of their activities."
He has said cyber-attacks are happening hundreds of thousands of times a day.
Even the Energy Regulatory Commission, which oversees the reliability of the electric grid, hasn’t been immune from the attacks. The U.S. Justice Department on Friday charged nine Iranian citizens with hacking hundreds of companies, academic institutions and government agencies to steal more than $3.4 billion in trade secrets and other data on behalf of the Islamic Revolutionary Guard Corps.
Among the victims: FERC.
“While the administration has taken significant steps to address cyber threats to our critical infrastructure, I believe that these threats will continue to grow," Chatterjee said.
Among the more recent targets are the Colorado Department of Transportation, where more than 2,000 computers shut down after it was breached in a ransomware attack; and the Alyeska Pipeline Service Company, which operates the Trans-Alaska oil pipeline that transports roughly roughly 500,000 barrels of crude a day.
"We know they are trying" but have so far been unsuccessful, Kate Dugan, a spokeswoman for Alyeska, said. "The number grows every year."
By Ari Natter