Not only are attacks rising, but cybersecurity experts and intelligence sources report that the number of threat actors is increasing and their capabilities expanding.8 Internal threats due to human error, disgruntled employees, or contractors have typically been one of the most common threats. But nation-states and organized crime are becoming more active, and most disturbingly, could be intersecting.9 Nation-state actors are believed by some to be contracting with organized crime groups, possibly to ensure deniability.10 The problem can be compounded as hackers with little institutional or technical knowledge can increasingly access sophisticated tools on the dark web, which operates outside of the traditional internet. Figure 1 illustrates the variety of adversaries that may threaten electric grids, and the perceived severity of the threat and impact in the United States. This threat profile typically changes over time and from country to country.
Additionally, some cybercrime groups have recently publicly pledged support for the Russian government. These Russian-aligned cybercrime groups have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government or the Russian people. Some groups have also threatened to conduct cyber operations against countries and organizations providing materiel support to Ukraine. Other cybercrime groups have recently conducted disruptive attacks against Ukrainian websites, likely in support of the Russian military offensive.
Advanced Attack Groups Increasingly Threaten North American Electric Utilities
As cyberattacks grow in both number and sophistication, organizations are increasingly under the gun to protect themselves from compromise. Though companies have responded by upping their security budgets and adopting more advanced defenses, keeping up with the threats that will surface over the next few years will be a challenge.
To gain access, APT groups often use advanced attack methods, including advanced exploits of zero-day vulnerabilities, as well as highly-targeted spear phishing and other social engineering techniques. To maintain access to the targeted network without being discovered, threat actors will continuously rewrite malicious code to avoid detection and other sophisticated evasion techniques. Some APTs are so complex that they require full-time administrators to maintain the compromised systems and software in the targeted network.
The motives of advanced persistent threat actors are varied. For example, attackers sponsored by nation-states may target intellectual property to gain a competitive advantage in certain industries. Other targets may include power distribution and telecommunications utilities and other infrastructure systems, social media, media organizations, and electoral and other political targets. Organized crime groups may sponsor advanced persistent threats to gain information they can use to carry out criminal acts for financial gain.
Cyber attacks targeting organizations in the energy sector are a growing global threat. Recent years have seen firms in sub-sectors like electricity generation and distribution, oil, and gas facing increasingly sophisticated attacks. With more than a decade of experience monitoring the external attack surface across all critical infrastructure sectors, LookingGlass reviewed the past year of cyber threats and attacks to the energy sector, sharing this information in this Energy Sector Threat Brief. Below are a few highlights from the report.
IV. Work with others to Defuse Regional Conflicts"We build a world of justice, or we will live in a world of coercion.The magnitude of our shared responsibilities makes our disagreements look so small."President BushBerlin, GermanyMay 23, 2002Concerned nations must remain activelyengaged in critical regional disputes to avoidexplosive escalation and minimize humansuffering. In an increasingly interconnected world,regional crisis can strain our alliances, rekindlerivalries among the major powers, and createhorrifying affronts to human dignity.Whenviolence erupts and states falter, the United Stateswill work with friends and partners to alleviatesuffering and restore stability.No doctrine can anticipate every circumstancein which U.S. action—direct or indirect—iswarranted.We have finite political, economic, andmilitary resources to meet our global priorities.The United States will approach each case withthese strategic principles in mind:The United States should invest time andresources into building international relationshipsand institutions that can helpmanage local crises when they emerge.
The United States should be realistic aboutits ability to help those who are unwilling orunready to help themselves.Where andwhen people are ready to do their part, wewill be willing to move decisively.
The Israeli-Palestinian conflict is criticalbecause of the toll of human suffering, because ofAmerica’s close relationship with the state of Israeland key Arab states, and because of that region’simportance to other global priorities of the UnitedStates. There can be no peace for either sidewithout freedom for both sides. America standscommitted to an independent and democraticPalestine, living beside Israel in peace and security.Like all other people, Palestinians deserve agovernment that serves their interests and listensto their voices. The United States will continueto encourage all parties to step up to their responsibilitiesas we seek a just and comprehensivesettlement to the conflict.The United States, the international donorcommunity, and the World Bank stand ready towork with a reformed Palestinian government oneconomic development, increased humanitarianassistance, and a program to establish, finance,and monitor a truly independent judiciary. IfPalestinians embrace democracy, and the rule oflaw, confront corruption, and firmly reject terror,they can count on American support for thecreation of a Palestinian state.Israel also has a large stake in the success of ademocratic Palestine. Permanent occupationthreatens Israel’s identity and democracy. So theUnited States continues to challenge Israeli leadersto take concrete steps to support the emergence ofa viable, credible Palestinian state. As there isprogress towards security, Israel forces need towithdraw fully to positions they held prior toSeptember 28, 2000. And consistent with therecommendations of the Mitchell Committee,Israeli settlement activity in the occupied territoriesmust stop. As violence subsides, freedom ofmovement should be restored, permitting innocentPalestinians to resume work and normal life.The United States can play a crucial role but,ultimately, lasting peace can only come whenIsraelis and Palestinians resolve the issues and endthe conflict between them.In South Asia, the United States has alsoemphasized the need for India and Pakistan toresolve their disputes. This Administrationinvested time and resources building strongbilateral relations with India and Pakistan.These strong relations then gave us leverage toplay a constructive role when tensions in theregion became acute.With Pakistan, our bilateralrelations have been bolstered by Pakistan’s choiceto join the war against terror and move towardbuilding a more open and tolerant society. TheAdministration sees India’s potential to becomeone of the great democratic powers of the twentyfirstcentury and has worked hard to transformour relationship accordingly. Our involvement inthis regional dispute, building on earlier investmentsin bilateral relations, looks first to concretesteps by India and Pakistan that can help defusemilitary confrontation.Indonesia took courageous steps to create aworking democracy and respect for the rule of law.By tolerating ethnic minorities, respecting the ruleof law, and accepting open markets, Indonesia maybe able to employ the engine of opportunity thathas helped lift some of its neighbors out of povertyand desperation. It is the initiative by Indonesia thatallows U.S. assistance to make a difference.In the Western Hemisphere we have formedflexible coalitions with countries that share ourpriorities, particularly Mexico, Brazil, Canada,Chile, and Colombia. Together we will promote atruly democratic hemisphere where our integrationadvances security, prosperity, opportunity,and hope.We will work with regional institutions,such as the Summit of the Americas process, theOrganization of American States (OAS), and theDefense Ministerial of the Americas for the benefitof the entire hemisphere.Parts of Latin America confront regionalconflict, especially arising from the violence ofdrug cartels and their accomplices. This conflictand unrestrained narcotics trafficking couldimperil the health and security of the UnitedStates. Therefore we have developed an activestrategy to help the Andean nations adjust theireconomies, enforce their laws, defeat terroristorganizations, and cut off the supply of drugs,while—as important—we work to reduce thedemand for drugs in our own country.In Colombia, we recognize the link betweenterrorist and extremist groups that challenge thesecurity of the state and drug trafficking activitiesthat help finance the operations of such groups.We are working to help Colombia defend itsdemocratic institutions and defeat illegal armedgroups of both the left and right by extendingeffective sovereignty over the entire nationalterritory and provide basic security to theColombian people.In Africa, promise and opportunity sit side byside with disease, war, and desperate poverty. Thisthreatens both a core value of the United States—preserving human dignity—and our strategicpriority—combating global terror. Americaninterests and American principles, therefore, leadin the same direction: we will work with others foran African continent that lives in liberty, peace,and growing prosperity. Together with ourEuropean allies, we must help strengthen Africa’sfragile states, help build indigenous capability tosecure porous borders, and help build up the lawenforcement and intelligence infrastructure todeny havens for terrorists.An ever more lethal environment exists inAfrica as local civil wars spread beyond borders tocreate regional war zones. Forming coalitions ofthe willing and cooperative security arrangementsare key to confronting these emerging transnationalthreats.Africa’s great size and diversity requires asecurity strategy that focuses on bilateral engagementand builds coalitions of the willing. ThisAdministration will focus on three interlockingstrategies for the region:countries with major impact on theirneighborhood such as South Africa, Nigeria,Kenya, and Ethiopia are anchors for regionalengagement and require focused attention;
coordination with European allies andinternational institutions is essential forconstructive conflict mediation andsuccessful peace operations; and
Africa’s capable reforming states andsub-regional organizations must be strengthenedas the primary means to addresstransnational threats on a sustained basis.
Ultimately the path of political and economicfreedom presents the surest route to progress insub-Saharan Africa, where most wars are conflictsover material resources and political access oftentragically waged on the basis of ethnic andreligious difference. The transition to the AfricanUnion with its stated commitment to goodgovernance and a common responsibility fordemocratic political systems offers opportunitiesto strengthen democracy on the continent.
2ff7e9595c
Comments