It happens instantly.
Whole cities plunged into darkness, public transport stops, networks go dark, phones can‘t be charged – an attack on a nation that targets its crucial infrastructure and throws its population into chaos without firing a single bullet.
And now experts believe Australia is not immune from the threat.
The Argentinian government refused to rule out a cyber attack as the reason behind the ‘unprecedented power blackout’ that hit five South American countries on Sunday, and the United States flexed its virtual muscles and reportedly inserted a potentially disruptive computer code into Russia’s power grid.
New wars won’t be fought on front lines, but down the wires – and Australia’s security experts have warned that the nation is underprepared to deal with a potential attack on the control systems of our electricity grids.
It would be “naive” to think foreign agents are not already inside our smart grids, said La Trobe University cybersecurity expert Dr Stanley Shanapinda.
But Dr Shanapinda said the public may be being kept in the dark as authorities try to manage fear.
“The level of cyber intrusion incidents are increasing and we have experienced high volumes of them. It’s unprecedented,” he said.
“There haven’t been specific ones reported when it comes to smart grids. When it comes to telecoms, electricity and utilities they are keeping a lid on those types of incidents. It’s about managing public fear.
“It’s a little closer to home if you say the Chinese are in the electricity grid, but we can assume.
“The known unknown is that they are probably in the grid. It would be naive to think they’re not.”
‘A strong incentive’
A recent report by consulting firm Accenture stated Australia remained a “significant target” for foreign powers and warned that there was a high chance malicious agents could attack our infrastructure “at any time”.
“Currently, Australia has one of the world’s longest single electricity grids – spanning over 5000 kilometres from Port Douglas to Tasmania and delivering power to much of the nation. The opportunity to conduct a high-impact attack is significant,” it read.
“Australia is also one of the world’s largest energy exporters, as such (and especially for nation-state actors interested in energy trade) the incentive to conduct an attack is great.”
There were 7283 cyber security incidents that affected major Australian business in 2016-17, the Australian Cyber Security Centre reported, though there is no public breakdown of which industries were targeted.
Accenture’s research concluded that many Australian businesses were “unfamiliar with the threat environment, understaffed to meet the challenge and underprepared to respond”.
Attributing a cyber incident to a state-sponsored agent is tricky but China, Russia and Iran are most commonly suspected of being behind such attacks.
It’s like the cold war – only instead of nuclear state actors infiltrate systems, monitoring their data and quietly preparing to attack, Dr Shanapinda said.
“For a long period of time you might not detect a reconnaissance mission and they just send it back to a central command. Once they know what the architecture is, then they would be organised to activate,” he said.
But as CQR Consulting chief technology officer Phil Kernick says, knowledge can be power.
“In lots of cases knowing things is valuable. Understanding how it all hangs together.
“Your email is better managed than a power station in many cases. We’ve seen evidence of that overseas; Russia has been attacking the power grids of Ukraine and other ex-Soviet satellite states.”
Protecting the grid
The Australian Cyber Security Centre, which is responsible for national cybersecurity, said the energy sector was an “attractive target” for cybercriminals but said it was working with the sector to build “best-practice” approach to security.
“The electricity sector provides critical infrastructure and services for all Australians. Therefore it is always an attractive target for cyber criminals and other malicious actors seeking to disrupt or harm our community,” a ACSC spokesperson said.
“The ACSC is currently undertaking a national industry exercise program of cyber resilience and response activities with the electricity industry, and government agencies that play a role in energy and cybersecurity.”
Energy Networks Australia CEO Andrew Dillon told The New Daily that the networks are working hard to protect Australians from any attack.
“Australia’s energy networks are acutely aware of the importance of cybersecurity and are working with governments and regulatory agencies to ensure we continue to deliver secure and reliable energy to our customers.”