(National Sentinel) Domestic threats: Unbeknownst to most Americans, there is a conference that takes place in Las Vegas every single year that draws the most competent, capable hackers in the world. For four days they meet to discuss and demonstrate the latest techniques they’ve discovered (and likely used) to essentially disrupt as much of modern society as possible.
The event is called “Black Hat,” and it just concluded last week. This year’s event drew about 16,000 hackers and information security experts from all over the world, as lawmakers, policymakers, defense experts, financial institutions, power companies and other infrastructure managers lie awake at night trying to figure out how to defend modern IT systems from these folks.
Hackers routinely come to the Black Hat convention to demonstrate how to break into electronic systems embedded in medical devices, ATMs, cars, routers and mobile phones. This year, at the 20th annual gathering, one security researcher walked attendees through a hack of a wind farm.
“Wind farm control networks are extremely susceptible to attack,” said the researcher, Jason Staggs, who works on behalf of the University of Tulsa.
He says hackers only need to find access to a single wind turbine in order to implant a virus or malware that would then spread throughout the wind farm. He said he’d been able to hack into multiple wind farms, after first obtaining permission from the operators.
“We can turn the turbine on or the turbine off or put it in an idle state,” he told the gathered attendees, as he then demonstrated his technique.
At present, wind farms provide less than 5 percent of America’s energy needs, but industry experts believe that will climb to 20 percent by 2030, so you can see that the risk to the country’s energy infrastructure is only going to grow.
Staggs said that a 250 megawatt wind farm standing idle after a malicious cyber attack can cost an electric utility between $10,000 and $35,000 an hour.
Then, of course, there are fears of attacks on the nation’s power grid itself, such as that which occurred in Ukraine in December 2015, allegedly by Russian hackers. And while some U.S. experts say that hacking the American grid is difficult because there are actually several of them and they are robust, a targeted attack in a densely populated region is very possible.
“If somebody really wanted to send a message, it hurts to have three or four days of no power to the Eastern Seaboard,” Sam Curry, the chief product officer at Boston-based firm Cybereason, told McClatchy DC. “That could be done. And there’s no quick fix.”
Now, imagine if that hack happens in the dead of an East Coast winter; the casualty rate could be enormous. (Related: U.S. Power Grid Continues To Be Vulnerable To Cyber Attack: Millions Would Die If It Were To Fail, So Are You Prepared?)
Worse, some cyber security experts believe that non-state actors or nation-states have already planted malicious code throughout the nation’s infrastructure. One of them is Jay Kaplan, a former member of highly selective counterterrorism cyber unit at the National Security Agency.
“I do believe that there is a certain percentage of our critical infrastructure that’s already compromised,” said Kaplan, now CEO of Synack, a California-based firm that sends security teams to hack into clients’ networks to test for vulnerabilities.
“This is prepositioning,” he told the McClatchy news service. “Should we ever go to war with another nation state, they can leverage this malware for their benefit and basically cripple the economy. I just think it’s reality; right now I don’t feel confident at all.”
Advertising disclaimer: Click here
This story originally appeared at NewsTarget.com.