Cybersecurity expert says attacks happen all the time as FBI warns energy sector
MILWAUKEE (CBS 58) -- The FBI has warned the US energy sector that Russian hackers may be trying to attack the power grid and disrupt service for millions of people.
A local cybersecurity expert says attacks happen all the time and companies routinely prepare for them.
Cybersecurity expert Mike Masimo said, "It's all the time. It is continuously, 24 hours a day, people are constantly knocking on these doors and trying to figure out ways in and trying to get footholds in these different organizations."
The FBI alert says Russian IP addresses have been scanning US networks for vulnerabilities, and the activity has increased since Russia invaded Ukraine.
"US Energy Sector entities are advised to examine current network traffic for these IP addresses and conduct follow-on investigations if observed," the alert reads.
It may sound alarming, but cybersecurity experts and We Energies said these attempts are routine.
Masimo said, "This kind of stuff goes on all the time. We've had cyberattacks on those types of industries before."
Masimo says hackers try to attack anything that can be broken into, in order to hold services hostage, drive up prices, or create supply chain issues. He says pipelines have been hacked into, so have power stations, hospitals, and police stations.
And We Energies' Brendan Conway says the company has seen its share of attempts. "As a utility, cybersecurity is something we are addressing and dealing with all of the time." The utility spends millions of dollars each year on threat detection and IT systems to repel potential attacks.
Masimo said most industries already have plans in place. "I will guarantee you these industries have planned for it and actively work on these scenarios, and have responses to them."
There has been a lot of coordination with the government over the past few years, which is partly why the FBI alerted the entire energy sector of the potential attacks.
A bulletin obtained by CBS News said 140 overlapping IP addresses were linked to abnormal scanning activity of at least five US energy companies, which "likely indicates early stages of reconnaissance, scanning networks for vulnerabilities for use in potential future intrusions."
For security reasons, Conway could not talk about specific threats to We Energies but said they have heard the warnings from local, state, and federal law enforcement.
He added the company's most important infrastructure is not even connected to the internet in order to better insulate it. "We take extreme steps to make sure we can keep our power plant and other critical infrastructure separate from the regular IT systems to make sure they can stay up and running."
Masimo says the average person should be no more concerned than usual. He says private companies and the government share a lot more information now and can better coordinate responses than they used to be able to.