Skip to main content
close search
site logo
Dive Brief

Energy Dept. computers repeatedly breached by hackers, records show

Published Sept. 11, 2015
Robert Walton's headshot
Senior Reporter
JacksonClerk

Dive Brief:

  • Computers at the U.S. Department of Energy were repeatedly breached by hackers, a total of 159 times between 2010 and 2014, according to federal records obtained by USA Today.
  • That's better than a 10% success rate, as the records show hackers attempted to access secured computers 1,131 times during the four-year period.
  • Officials would not say if any sensitive data was accessed, including details about grid vulnerabilities or the nation's nuclear energy program.

Dive Insight:

Amid growing concern about cyber-vulnerabilities in the United States' utility system, a USA Today review of federal records has revealed hackers repeatedly — and successfully — targeted DOE across a four-year period. And of the intrusions, 53 were reportedly "root compromises" where intruders gained administrative privileges.

"The potential for an adversary to disrupt, shut down [power systems], or worse … is real here," Scott White, Director of the Computing Security and Technology program at Drexel University, told the newspaper. "It's absolutely real."

The news comes amid increasing concern over cybersecurity, the increasingly-interconnected nature of the grid and the potential for hackers to do serious harm. 

A report issued by Lloyd's of London over the summer found a widespread outage caused by hackers was possible, with the total economic impact potentially ranging from $243 billion up to $1 trillion in the most damaging scenarios. Lloyd's report, in a hypothetical scenario, found hackers would need to be successful only about 10% of the time — roughly the percentage of successful attacks on the DOE — to cause wide damage.

Though difficult, it is theoretically possible for hackers to cause physical damage to power generators through what is known as an "Aurora attack," where intruders damage equipment by opening and closing certain circuit breakers to ultimately push a machine's rotating parts out of alignment.

Last year the U.S. Department of Homeland Security, responding to a Freedom of Information Act request for information on the unrelated "Operation Aurora," mistakenly released more than 800 pages of information related to the generator vulnerability including the location of sensitive pieces of infrastructure.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Survey: Utilities Boost Renewables, Reliability Other Goals with Connected Field Assets
From Sitetracker
November 25, 2024
Heat Pump Assisted Water Heater Technology Could Make Big Lift
From Energy Solutions
November 07, 2024
Puget Sound Energy Maximizes Consumer Participation in Rates Engagement Pilot Powered by Uplig…
From Uplight
November 12, 2024
Cooling Towers Go Green: Clear Comfort Unveils New AOP Water Treatment Systems
From Clear Comfort
November 12, 2024
Editors' picks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell