(FOX 46 CHARLOTTE) — Dr. Robert Cox and his team of engineers and researchers at the University of North Carolina, Charlotte have been investigating the cybersecurity of the power grid – long before the recent ransomware attack on Colonial Pipeline.
Both critical infrastructures yet, according to Dr. Cox’s understanding, with “the pipeline system, there’s not the same sort of regulatory system.”
Perhaps one reason Colonial Pipeline was readily shutdown.
At EPIC, UNCC’s Energy Production and Infrastructure Center, Dr. Cox sees “greater vulnerability than there might’ve been 20 years ago.” He explains the biggest threat utilities deal with are threats to their industrial control systems which are essentially large, complex computers.
Cox explains threats come in the form of email, downloads, or things that infiltrate a network. Or even “a malicious actor overseas where some of the chips are built.” If a chip gets into a device and that device gets compromised through that chip, the system becomes corrupted.
According to Jeff Brooks, Duke Energy’s Manager of Grid Communications, being an essential service and a critical infrastructure makes Duke a target. However, Brooks tells FOX 46, Duke works around the clock to ensure their systems are both protected and resilient.
When FOX 46 asked Brooks whether Duke Energy has ever been the victim of a cyber-attack he said, “We don’t provide specifics on our day-to-day interactions with cyber activity, for security reasons.” And Dr. Cox couldn’t identify a specific attack on a utility company in our nations’ history yet acknowledged “there were threats” and “attempts to get in.”
Dr. Cox summed up the precarious situation by explaining how utilities are opening themselves to potential vulnerability by making technology smarter and more modern. The conundrum is cybercriminals are equally ambitious.