ST. LOUIS, Mo. — Two days after a cybersecurity expert said Missouri could be “ground zero” for attacks on its power grid, federal law enforcement agencies issued an alert that malicious cyber tools created by entities capable of sabotaging the energy sector and other critical industries had been found.

What You Need To Know

  • U.S. government has warned of potential for Russian cyberattacks as retaliation for American support of Ukraine.

  • Utility industry reaction: "The threat of cyber and physical attacks targeting critical infrastructure is not new." 

  • Member of congressional advisory board on cyberattacks testified before Missouri House panel Monday.

  • Missouri has potential to be targeted due to Whiteman AFB, home to B-2 bomber squadron.

The public alert from the Energy and Homeland Security Departments, the FBI and National Security Agency did not name the actors or offer details on the find. But their private sector cybersecurity partners said the evidence suggests Russia is behind the industrial control system-disrupting tools — and that they were configured to initially target North American energy concerns.

The U.S. government has warned critical infrastructure industries to guard for possible cyberattacks from Russia as retaliation for severe economic sanctions imposed on Moscow in response to its Feb. 24 invasion of Ukraine.

Officials have said that Russian hacker interest in the U.S. energy sector is particularly high, and CISA urged it in a statement Wednesday to be especially mindful of the mitigation measures recommended in the alert. Last month, the FBI issued an alert saying Russian hackers have scanned at least five unnamed energy companies for vulnerabilities.

Peter Pry, executive director of a congressional advisory board that works to protect the U.S. from electromagnetic pulse, or EMP, cyberattacks and other threats, testified Monday before the Missouri House Special Committee on Government Accountability. Pry told lawmakers Missouri has a bullseye on it because it is home to Whiteman Air Force Base, home of the B-2 bombers which would deliver a nuclear payload if necessary. 

“What we’re talking about are catastrophic blackout scenarios that could basically last not just for days or weeks or months but forever if the grid is not protected,” Pry told lawmakers. “Telecommunications wouldn’t work. Your cellphones wouldn’t work. Personal computers wouldn’t work. None of that stuff we require to support our modern electronic civilization that sustains the lives of 330 million people would work anymore in the aftermath of an EMP.”

Ameren shared a statement from the Edison Electric Institute, which represents U.S. utilities, when asked by Spectrum News about its ability to guard against cyberattacks. 

"Given the attack on Ukraine and the capabilities of the countries involved, EEI and our member companies are closely monitoring the situation and are coordinating across the industry and with our government partners through the CEO-led Electricity Subsector Coordinating Council (ESCC) to ensure vigilance and the ability to respond quickly if needed," EEI Senior Vice President for Security & Preparedness Scott Aaronson said. "The threat of cyber and physical attacks targeting critical infrastructure is not new, which is why we partner with the government through the ESCC to share actionable intelligence and to prepare to respond to incidents that could affect our ability to provide electricity safely and reliably."

In general, Pry said the nation is more vulnerable than it was 20 years ago. “Missouri should take the lead and protect itself,” he said. 

 

The Associated Press contributed reporting for this story.