By Mitchell FermanThe TexasTribune
“Texas Electric Grid and Energy Sectors Face High Russian Cyber Threats During War in Ukrainewas first published by The Texas Tribune, a nonprofit, nonpartisan media organization that educates — and engages with — Texans about public policy, politics, government and issues in the world. statewide.
Subscribe to La Brèveour daily newsletter that keeps readers informed of the most important news from Texas.
Russian hackers probed Texas’ energy infrastructure for weak spots in digital systems that would allow them to steal sensitive information or disrupt operations, according to interviews with energy companies, state officials and cybersecurity experts.
State regulators and energy companies — from utilities to oil and gas transmission hubs to their associated suppliers — said they were aware of elevated Russian cyber threats since the Russian invasion of Ukraine. last month, but let them be careful not to say too much.
“We are on high alert,” said Thad Hill, CEO of Texas energy giant Calpine, adding that he was closely watching Russia’s cyber actions.
President Joe Biden last week warned that the White House has “ever-changing intelligence that the Russian government is exploring options for potential cyberattacks” — the administration’s starkest warning yet.
Worst-case scenarios in Texas include hackers breaching the state’s power grid system and knocking out power to millions of Texans, seeking to halt oil and gas shipments from seaports, or breaking into the network of a refinery so that it is unable to produce gasoline and other petroleum products.
First: the Port of Houston, home to the nation’s largest petrochemical complex. Last: A fuel and chemical manufacturing site in Corpus Christi. Credit: Annie Mulligan and Michael Gonzalez for The Texas Tribune
Energy companies and their regulators said it was not uncommon to find hackers monitoring their networks for weak spots. But since the Russian invasion in February, energy-related facilities in Texas have seen an increase in probes by hackers, said Robert M. Lee, founder and CEO of industrial cybersecurity firm Dragos, in a statement. interview.
Lee, who previously worked at the National Security Agency where he helped design the US government’s system to track state-sponsored hackers, said his firm tracked down hackers by recently probing energy infrastructure. from Texas and found out they were Russian.
“Texas has key export facilities for liquid natural gas — national security-wise there are a few sites that scare us all,” Lee said. “If you remove a site, you are not exporting fuel to certain countries.”
The Port of Corpus Christi has become the country’s third largest seaport and the country’s second largest exporter of natural gas. Many European countries are heavily dependent on Russian natural gas, and the United States is trying to wean Europe off Russian gas by increasing American natural gas exports to Europe, part of a growing effort to exert pressure economy on Russia.
“We are definitely a target,” Port of Corpus Christi CEO Sean Strawbridge said in an interview.
Russia is world famous in the cybersecurity world for having a top-notch cyberattack operation. In 2021, Russian hackers hacked into the computer equipment that operates the largest fuel pipeline in the United States, forcing the Colonial Pipeline Company to shut down its pipeline, which originates in Houston, for six days to contain the attack. The breach triggered fuel shortages and a spike in gas prices on the East Coast.
Last week, the US Department of Justice released two indictments loading four Russians who worked for the Russian government with an ongoing campaign to infiltrate energy company computers in 135 countries between 2012 and 2018.
Separately, a federal grand jury earlier this month charged a 23-year-old Russian in East Texas for “operating a cybercriminal marketplace that sold thousands of stolen login credentials, personally identifiable information and authentication tools” to online payment platforms , retailers and credit card accounts, the Justice Department said.
Dr. Chris Bronk, professor of cybersecurity at the University of Houston, said he was very concerned about possible cyberattacks on the US power system.
Regulators overseeing the Texas electric grid, the smallest of three in the United States, said the grid operator, the Electric Reliability Council of Texas and the Public Utility Commission of Texas that oversees there, work diligently on cyber defense.
But ERCOT was unable to maintain power last year when a winter storm hit Texas, leaving millions of people without power for days and hundreds dead. ERCOT said the grid was only a few minutes of a catastrophic outage that could have caused months-long blackouts if he hadn’t quickly ordered businesses to shut off power to large swaths of the state.
“If parts of ERCOT fail, the whole grid could collapse,” Bronk said. “It’s a rickety ship, and we have plenty of evidence of its weaknesses.”
State regulators said they have beefed up their cyber defenses.
“We take cybersecurity and the protection of the Texas grid and our state’s energy infrastructure very seriously,” a spokesperson for the Texas Public Utility Commission said in an email. “We are aware of and are closely monitoring the potential increased risk of cyber attack on this infrastructure and are working with our regulated industries to communicate emerging threats, alerts and warnings issued at the federal level.”
In West Texas, the nation’s largest oil-producing region, an attempted hack of a local hospital system in February angered some local officials.
Dustin Fawcett, the new judge for Ector County, home of Odessa – named after the Ukrainian city on the Black Sea – said the medical center’s hospital system learned the attack ‘came from Russia’ .
“Anything that disrupts our way of life will then impact the oil and gas industry,” Fawcett said. “If they can disrupt our production here in any way, it benefits them.”
Disclosure: Calpine and the University of Houston have financially supported The Texas Tribune, a nonprofit, nonpartisan news organization that is funded in part by donations from members, foundations and corporate sponsors. Financial supporters play no role in the journalism of the Tribune. Find a suit list here.
We look forward to welcoming you in person and online in 2022 Texas Grandstands Festival, our multi-day celebration of big, bold ideas in politics, public policy and the news of the day – all taking place just steps from the Texas Capitol from September 22-24. When tickets go on sale in May, Tribune members will save big. Donate to join or renew today.
This article originally appeared in The Texas Grandstand at https://www.texastribune.org/2022/03/31/texas-energy-grid-russia-cyberattack-hackers/.
The Texas Tribune is a member-supported, nonpartisan newsroom that informs and engages Texans about politics and state politics. Learn more at texastribune.org.