EXECUTIVE SUMMARY:
The SolarWinds breach has resulted in extensive fallout for organizations across the US and internationally. Critical infrastructure groups, running electric, oil and manufacturing initiatives, were among the attack targets. The attack may have also impacted firms that provide equipment to critical infrastructure entities.
Equipment manufacturers, known as OEMs, sometimes retain remote access to key parts of power grids. OEM privileges may also permit them to make changes to networks, to add software or to manipulate operations. Cyber criminals who have breached OEMs may be able to seriously disrupt systems.
North American power supply system on pause?
Concern abounds regarding the potential for the SolarWInds malware to destabilize US electric grid systems. The North American Electric Reliability Corporation (NERC) recently requested for utility companies to report on how exposed they were to the SolarWinds software.
“At this time, NERC is not aware of any known impacts to bulk power system (BPS) reliability or system outages related to the SolarWinds compromise,” states a recent advisory.
What power supply system investigation efforts are underway?
Answers to the North American grid regulator’s inquiries are due on January 5th. The questionnaire reveals the extent to which security professionals are still searching for answers in regards to the SolarWinds breach.
According to the intercept, the full impact of the SolarWinds breach on the North American grid may not be visible for quite some time. This is due, in-part, to the fact that critical infrastructure entities typically don’t log and monitor network activity in-depth. Thus, tracking malicious behavior across a network becomes a challenge.
For more on the North American power supply and SolarWinds, visit The Intercept.
