There are examples in recent years of cyber attacks on the power industry. In 2010 the Stuxnet computer worm was used to infect the supervisory control and data acquisition (SCADA) systems that control Iran’s uranium enrichment programme (with India and Indonesia reported to be have been more affected by Stuxnet than Iran). A report issued in the U.S. in May this year by Congressmen Ed Markey and Henry Waxman warned that America’s electric grid “is the target of numerous and daily cyber-attacks,” but “[m]ost utilities only comply with mandatory cyber-security standards, and have not implemented voluntary NERC [North American Electric Reliability Corporation] recommendations.” The report notes that cyber attacks can create instant effects at very low cost, and that it can be very difficult to identify the attacker. According to the report, “It has been reported that actors based in China, Russia, and Iran have conducted cyber probes of U.S. grid systems, and that cyber-attacks have been conducted against critical infrastructure in other countries,” citing the example of the 2012 malware attack on Saudi Aramco, Saudi Arabia’s state-run oil company, which infected more than 30,000 computers.
|This post was part of our SPOTLIGHT ON CYBER: Is Any Industry Safe?, published June 25, 2013. The feature also included these other risks:|