AUSTIN (KXAN) — In the digital age, cybersecurity threats have become a common tool used among political adversaries, especially amid conflicts between Russia and the United States. But among the various forms of cybersecurity threats, there’s been a rising focus on the energy sector — and Texas could be a key target for foreign interference, security experts say.
“I think Texas is absolutely a target,” said Morgan Wright, chief security advisor for SentinelOne. “Just recently in Germany….there was a type of malware called AcidRain which Sentinel Labs had found out it attacks specifically the routers and modems that supplied connectivity to 5,800 wind turbines. They attack the energy grid, they attack the power grid.”
What makes Texas a threat to cyber hacking attempts?
With Texas’ own history of power grid vulnerabilities, including the February 2021 winter storm, Wright said what happened in Germany could factor into potential interference attempts into Texas’ grid.
And while foreign interference in Texas’ energy infrastructure has not yet been detected, it is an issue whose prevalence has already impacted the United States’ energy system. In late March, the United States Department of Justice announced four Russian government employees had been charged with targeting the global energy sector between 2012 and 2018.
“In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries,” the DOJ notice read in part.
Here in Texas, Texas A&M University announced May 26, school researchers will collaborate with the U.S. Department of Energy to help develop artificial intelligence-led cybersecurity responses to protect power grid facilities. Katherine Davis, a Texas A&M assistant professor in the Department of Electrical and Computer Engineering, will facilitate research alongside her team.
“The connections between cyber and physical assets are growing, bringing greater risk to both network and physical infrastructure security,” the release read in part. “With expertise in power systems, machine learning, software development, and cybersecurity, the multidisciplinary team will develop, test, and pilot a solution grounded in the real-world utility environment to provide a practical solution for utility companies in response to cyber-physical intrusions.”
Beyond the vulnerabilities that can come through cybersecurity hacks, Wright said Texas’ political currency paired with its geographic and population sizes each play a role in targeted threats.
“Many times, bad actors look for social issues that they can use to drive wedges, so they will do attacks to amplify a message they want to get out. We saw the Russians do that in the 2016, 2018 elections. That is not beyond them to look at what’s going on with Gov. Abbott; what’s going on with your legislature?” Wright said. “They will use our own biases, they will use our own feelings against us to be able to get entry into the system.”
How is the cybersecurity industry evolving to handle attacks?
Even beyond strategic, targeted cyber hacks into government systems, Wright said data breaches caused by internal errors can cause a company or agency to be seen as a vulnerable target by adversaries.
Last month, Texas Tribune reporting on an audit into the Texas Department of Insurance revealed 1.8 million Texans’ personal information had been exposed over a nearly three-year period. While the breach was attributed to an internal coding error, Wright said that’s a red flag that can alert hackers of a viable target.
“Even if it’s a coding error, there are people out there watching systems that are going on,” he said. “They’re looking for that mistake, they’re looking for that crack in the armor.”
With this evolution into cybersecurity threats, Wright said maintaining a strong system of anti-hacking software producers and monitors will remain vital. Titaniam, Inc., founded in 2019 by CEO and former data breach victim Arti Raman, specializes in encryption technology that helps seal in personably identifiable information in the event of an attack.
This sort of technology can be used as a layer of protection against insider attacks, ransomware, and other forms of cyber attacks, Raman told KXAN.
“In today’s day and age, where attackers are stealing data by stealing people’s identities — in our case, even if identities are stolen, they’re not really able to get to anything useful because that data remains encrypted,” she said.
This is just one of several advancements Wright sees guiding future cybersecurity developments, with artificial intelligence and quantum computing to help defend against sophisticated attacks.
“If you just stop for 30 seconds, [this industry] absolutely changes. There will be something always going on,” he said. “And that’s the exciting part. But unfortunately, that’s also the part that you always have to manage against: What has changed, what will happen and what do we have to protect against in the next 24 hours? Because it will change literally every minute of every day, of every hour of every week.”