Malware from China could target Texas power grid, utilities
AUSTIN, Texas - Power lines were humming Monday with another Central Texas heatwave in the forecast.
Cutting off the electricity and shutting off the water supply is the purpose of new malware discovered by authorities.
The New York Times reported that a hunt is underway for the hidden program which may be in computer systems that control utilities and communications. It’s believed the malware was planted by operatives from China.
"The article is very good," said cybersecurity expert and president of the Electric Grid Cybersecurity Alliance John Miri.
Miri told FOX 7 Austin the malware is hard to find and clearly not like those used to steal personal information. In the New York Times article, a congressional official said the program from China is essentially "a ticking time bomb."
READ MORE
- Texas power grid saw most demand for single day in June, ever
- State legislators propose additional changes to improve Texas power grid
- ERCOT can’t be sued over power grid failures during 2021 winter storm, Texas Supreme Court rules
"This is a very sophisticated attack. This is not your…this is way beyond even what took down Colonial Pipeline, which disrupted the United States very significantly with its gas supplies, the very, very targeted attack. And then once the attackers get in, they look just like normal, normal activity. So once they get into the very difficult to differentiate what's real and what's not without just shutting everything off," said Miri.
The goal, according to the Times, is to hamper military deployments if and when China makes a move on locations like Taiwan.
"It should be setting off some red flags. And it is a particular threat to the state of Texas."
There are 3 major military installations in Texas. And the ripple effect could be felted in the surrounding communities. Other cities with military installations that could be potential targets include: Abilene, Corpus Christi, Del Rio, Houston, San Angelo and Wichita Falls.
A big attack on the utilities at those locations could start small, according to Ed Hirs, an energy fellow with the University of Houston.
"Suppose you were a bad actor, and you turned everyone's thermostat down to a winter setting of 68 or 67 that would spike demand on the ERCOT grid and certainly cause a real problem," said Hirs.
FOX 7 Austin requested a statement from the Texas PUC regarding the threat. The following was sent from PUC Chief Press Officer Ellie Breed:
"Grid reliability is the PUCT’s top priority, which requires ensuring the grid is secure against all physical and cyber threats. The PUCT works closely with ERCOT, industry, and partner agencies at the local, state and federal levels to coordinate and guard against security threats. The PUCT’s Critical Infrastructure Security and Risk Management department leads these coordination efforts and promotes threat awareness across the ERCOT grid by facilitating information sharing, trainings, exercises and other security-related initiatives. We do not discuss specific details of security operations or protocols."
MORE TECHNOLOGY NEWS
- City of Fort Worth says it was hacked, targeted by group over Texas' stance on gender-affirming care
- Chinese spies break into hundreds of public, private networks, security firm says
In response to that, Hirs told FOX 7 Austin it is good to know the PUC is training for the threat. He also noted that utilities are constantly under attack by hackers and the consumer typically never knows about it.
"Frankly, there's nothing you can do. You have to count on Austin Electric in Austin, CenterPoint in Houston, Oncor in Dallas. CPS in San Antonio. To be alert enough to try and find a way to get this Trojan Horse out of the electricity meter, catch it out of the signals that are sent to your home thermostat," said Hirs.
The Texas Military Department has digital strike teams that respond to attacks on state and local computer systems. Deployments are similar to how the state responds to hurricanes. Miri believes more can be done.
"Most utilities have very few resources and I.T. even less in cybersecurity. Most don't even have a designated person in charge of cybersecurity. So for those folks, they're starting from square one," said Miri.
As the search for the malware continues, so does the superpower saber-rattling. FOX 7 Austin asked Hirs what consumers should do if a disruption happens.
"Well, you need to be prepared to go a day or two without electricity, and so keep some water and canned goods handy. Find a way to stay cool over the summer," said Hirs.