Withum Cyber Flash Report | US Critical Infrastructure
This past Saturday two electrical substations in Moore County, North Carolina were severely damaged by gunfire leaving residents without power. After the initial attack, it was estimated that around 45,000 people located within the county had lost power. Duke Energy has most recently released as of Monday that around 7,000 residents have had power returned to their homes still leaving around 38,000 without power in their homes.
Unfortunately for residents, Duke Energy estimates that full restoration for all residents could likely not take place until Wednesday or Thursday as some of the damages are reportedly beyond repair. Residents are urged to follow a 9:00 p.m. to 5:00 a.m. curfew currently as traffic lights are still completely out. Moore county continues to be devastated as school systems county-wide have been shut down, businesses without generators continue to lose revenue and families must turn to shelters to combat low temperatures and the inability to charge electronic devices.
As of most recent reports, investigators believe that the gunfire had been an intentionally targeted attack on the substations. Officials revealed that gates had been breached at both site locations followed by multiple rounds being fired at the substations furthering their belief that those responsible were deliberate with their actions. The gunfire on critical U.S. electrical infrastructure has begun to raise questions regarding security measures in place at critical locations nationwide as the incident continues to gather national media coverage. At this time, no suspects have been officially named nor have investigators officially pinpointed potential motives behind the gunfire.
The repercussions of these attacks have highlighted the importance of securing the United States power grid critical infrastructure locations nationwide. Although the motive behind this incident is still unconfirmed, the United States Department of Homeland Security reports that internal groups within the U.S. have likely been developing electrical infrastructure-based attacks heightening the need to ensure adequate physical security measures are in place at these sites. It is critical that these locations rectify any potential physical security vulnerabilities with the assumption that these types of attacks will see an increase after the national media coverage of Moore County. Beyond just physical security prevention measures it is imperative that these locations have legitimate incident response plans in place to minimize the potentially lasting effects we are seeing affect Moore County as a whole.
Consider an annual business resiliency assessment by an independent firm such as Withum’s Cyber and Information Security Services Team to access your organization’s risk. Cloud, by itself, is not a risk mitigation strategy. Find out what you’re missing before critical impacts happen.