The Islamic State is trying to hack American electrical power companies — but they are terrible at it.
U.S. law enforcement officials revealed the hack attempts on Wednesday at a conference of American energy firms who were meeting about national security concerns.
“ISIL is beginning to perpetrate cyberattacks,” Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security, told company executives.
Investigators would not reveal any details to CNNMoney — or cite evidence of specific incidents.
But they did say the attacks by the Islamic State have been unsuccessful. Terrorists are not currently using the most sophisticated hacking tools to break into computer systems and turn off or blow up machines.
“Strong intent. Thankfully, low capability,” said John Riggi, a section chief at the FBI’s cyber division. “But the concern is that they’ll buy that capability.”
Indeed, hacking software is up for sale in black markets online. That’s often how mafias acquire the cyberweapons they use to break into companies and steal giant databases of information they later sell to fraudsters.
The FBI now worries that the Islamic State or its supporters will buy malicious software that can sneak into computers and destroy electronics. An attack on power companies could disrupt the flow of energy to U.S. homes and businesses.
And it’s not just Islamic extremists. There’s an equal threat from domestic terrorists and hate groups, according to Mark Lemery. He’s the “critical infrastructure protection coordinator” who helps coordinate defenses against attacks in Utah. But again, the worries are tempered.
“They’d love to do damage, but they just don’t have the capability,” Lemery said. “Terrorists have not gotten to the point where they’re causing physical damage.”
Officials made clear that the greater concern is attacks from other countries. Riggi said malware found last year on industrial control systems at energy companies — including pumps and engines — were traced to the Russian government.
Besides, the likelihood of a hack taking out the entire U.S. energy grid — or even a section of it — is extremely low. The grid isn’t as uniform and connected as people might believe. Currently, it’s a chaotic patchwork of “grids,” each with different types of machines and software that don’t smoothly coordinate or communicate.
That jumble actually works to the nation’s advantage, energy company executives said. It would take a large, expensive team of highly technical spies to understand the layout of computers and machines at an energy company. Then it takes stellar hackers to sneak in. And even if they do manage to flip a switch — which companies maintain has never happened here in the United States — the attack might only take out electricity fed to a tiny portion of land, maybe a section of a city. An entirely different type of attack would be needed to carry that over to the next power plant.
Experts attending GridSecCon, held by the North American Electric Reliability Corporation, seemed cautious but hopeful.
When energy industry representatives asked Riggi how the FBI knows who’s hacking — whether it’s a government or independent hacking group — he said American spies that are monitoring computer networks are quick to share information with law enforcement.
“We’ve had pretty good success actually,” Riggi said. “Since the FBI is an intelligence agency, we rely on the help of CIA and NSA. We compare information with the NSA.”